Video Production and GDPR

Video Production and GDPR

How the GDPR Affects UK Businesses The GDPR aims to give end users more control over their personal data, specifically with who collects their information and what they allow them to do with it. In the UK, the government has also enacted the new Data Protection Act 2018 (replacing the Data Protection Act 1998). You also need to have data protection policies, data protection impact assessments, and documents on how your data is processed. You need to obtain consent to process user information via a positive opt-in, which clearly explains the kind of information you’re getting and what you intend to do with it. How To Produce Videos Under The GDPR If you provide videos to Europeans which involve any act of processing their personal data (e.g. surveys, interactive in-video forms), or produce videos that include EU residents, you are subject to GDPR rules. First of all, understand that captured video footage involving anyone in public is considered personal data. Get the written consent of anyone identifiable in any shot, whether they are the subject of your video or in the background. This way, you won’t have to obtain any consent forms from anyone in the background. In case you publish sponsored content with companies that use track pixels/cookies, inform your audience of this and ask consent. Make sure that you cover your bases by documenting everything—your data collection processes, security, and what you intend to do with all the information that you have.

How Smart Apps Can (Finally) End Government Compliance Headaches
Pharmaceutical Content Marketing: How to Cure What Ails You
GDPR Is Already Here: A Simple Marketing Guide for Compliance

What do you think about this?

Interesting

Not Interesting

Share

Tweet

The General Data Protection Regulation (GDPR) came into effect on May 25, 2018. With its implementation, businesses across Europe are now mandated to change the way they collect, store, and process personal and sensitive data of EU residents. Failure to comply could result in hefty fines.

In this post, I want to take a good look at GDPR and what it means for the video production and marketing industry.

How the GDPR Affects UK Businesses

The GDPR aims to give end users more control over their personal data, specifically with who collects their information and what they allow them to do with it.

Although GDPR rules are similar to those in the EU’s Data Protection Directive 1995, the latter does not cover the nuances of the internet and social media—which often includes confusing terms and conditions. The consequences of such have been demonstrated in the recent Facebook-Cambridge Analytica scandal, which saw millions of users’ data in the hands of a third-party app that allegedly affected the 2016 US elections.

Although GDPR is a blanket law over all of Europe, each country can make their own changes. In the UK, the government has also enacted the new Data Protection Act 2018 (replacing the Data Protection Act 1998).

Anyone who processes personal/sensitive data of EU residents—be it individuals, organisations, or companies in and out of Europe—would need to comply to the following:

  • Individual rights. Under the GDPR, users can file a Subject Access Request (SAR) and ask your company to disclose the data you have about them—at no cost. They can also have their data removed, transferred, or object to how data is processed.
  • Compliance. If you have more than 250 employees, you’re required to have documentation of what kind of info you’re getting and how they are collected and processed. If you collect data on a large scale, you need to hire a data protection officer (DPO), who will be in charge of monitoring compliance to the GDPR. You also need to have data protection policies, data protection impact assessments, and documents on how your data is processed.
  • Obtaining consent. You need to obtain consent to process user information via a positive opt-in, which clearly explains the kind of information you’re getting and what you intend to do with it. The Information Commissioner’s Office (ICO), which implements GDPR over the UK has a comprehensive guide of what should be included in your consent forms.
  • Breach reporting. In cases of security breach, you need to report to the ICO and the people affected within 72 hours of finding out.
  • GDPR fines. Smaller offences can be fined €10 million (£8.88 million) or 2% of the company’s global turnover (whichever proves to be greater). Those with serious offences can go up to €20 million (£17.75 million) or 4% of the company’s global turnover (whichever proves to be greater).
How To Produce Videos Under The GDPR

How To Produce Videos Under The GDPR

If…

COMMENTS

WORDPRESS: 0
DISQUS: 0