SUPPORT   |   CLIENT LOGIN

GDPR Hates Santa

| June 20 2018

Twitter can be a goldmine of fun stuff slanted a little bit off-center. It's always extra fulfilling when the twitterverse takes a break from the Kardashians to give us a good dose of compliance humor.

Case in point.

https://twitter.com/mutablejoe/status/998241891459194887?s=12

https://twitter.com/mutablejoe/status/998241891459194887?s=12

In short: Santa is in contravention of article 4 of the General Data Protection Regulation (EU) 2016/679.

Or is it fine as long as he stores it properly and has a good retention schedule and documents it all properly? Thanks, Anna James.

Maybe it doesn’t apply. Do the legitimate interests of a naughty/nice list outweigh the privacy concerns if they can reasonably expect the list to be produced and if a naughty/nice list is really needed?

 

Does writing a Christmas letter, in this case, qualify as opting in?

Probably not. Consent has to be informed and explicit. Santa could rely on GDPR Article 6(1)(b), steps taken at the data subjects request prior to entering into a contract or to fulfill a contract.


Maybe the whole tweetstorm didn’t need to happen at all.

https://twitter.com/WPdenHertog/status/1000486047766204418

This entire sequence can have dire consequences for those of us who are (allegedly) well-behaved.

https://twitter.com/Fuzzwuzzle/status/1000724124094943233


North Pole GDPR

We don’t know exactly how Santa’s actions would play out in the eyes of GDPR -- more than likely it wouldn’t be a big deal since his base is the North Pole, although admittedly he does have a high-touch relationship with European consumers.

While this is all fun and games on Twitter, the sheer volume of this thread underscored how many people are thinking about GDPR, how confusing the compliance might be in some cases and how it can turn a beacon of our childhood’s best memories into a series of “Am I compliant?” concerns.

In short: it’s a jungle out there, even for Santa.

Let us help.

Related posts

3 Things the Financial Services industry should know about web archiving

3 Things the Financial...

Remember when nothing terribly important happened on social media? When Facebook was just a silly diversion where ...

Read More >
Web Archiving for FINRA Compliance

Web Archiving for FINRA...

Do your web archives have inTegrity? There’s a trend today toward more interactive and personalized web content, but ...

Read More >
Cambridge Analytica Shook Up the Way We View Data Privacy—and Ediscovery Collections

Cambridge Analytica Shook Up...

After 2018, companies may never view online data collection in the same way again. Just as the world was turning its ...

Read More >