The EBU hosted a practical workshop for Members, to help them prepare for May 2018, when the General Data Protection Regulation will be directly applicable in EU Member States.
The GDPR sets out the EU’s legal framework for the lawful processing of personal data and is thus the bedrock of any data-driven service provided by public service media. Its implementation provides PSM a unique opportunity to demonstrate that they not only comply with the law but also that they treat citizens’ personal data with respect, in line with PSM values.
The workshop was structured along 4 streams, alternating presentations by privacy experts and EBU members, and addressed data protection issues from a multidisciplinary perspective. A first session set the scene by introducing key notions and data processing principles. It also highlighted the importance of the freedom of expression and information exemption from the GDPR for journalistic activities. The second part of the workshop focussed on how to manage individuals’ data protection rights: how to draft and communicate privacy policies online but also how to handle individuals’ rights concretely.
The afternoon began by addressing relationships with third parties, and in particular data processor agreements. The workshop concluded with a session on data governance, providing examples of how certain EBU Members have tackled their internal compliance process. This session demonstrated that organisations must involve all relevant departments and develop a real privacy compliance culture; the examples showed that successful compliance projects are the result of successful internal collaboration.