Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@.

    • Hengus
    • By Hengus 12th Mar 18, 9:34 AM
    • 5,933Posts
    • 3,652Thanks
    GDPR - Ugh?
    • #1
    • 12th Mar 18, 9:34 AM
    GDPR - Ugh? 12th Mar 18 at 9:34 AM
    GDPR (General Data Protection Regulations) is not something that I have heard much about but it seems that it is going to place a significant burden on, inter alia, energy suppliers - particularly, when smart meters are fully rolled out. These new data protection regulations come into effect on the 25th May. The four big changes are:

    a. Breaches. Suppliers have a duty to report a data breach within 72 hours.

    b. Right to Access. Consumers will have the right to obtain confirmation as to whether or not personal data concerning them is being processed, where and for what purpose. This is to be made available FOC in an electronic format.

    c. Right to be Forgotten. Consumers will have the right to ask for all their data to be erased; the right for their data not to be passed on to third parties etc.

    d. Data Portability. The consumer will have the right to receive all data concerning them - which they have previously provided - in a commonly usable machine readable format with the right to transmit that data to another data controller.

    e. Privacy by Design. This will now become a legal requirement; ie, only holding data absolutely necessary for the completion of its duties.

    The industry view, as far as I can tell, is that compliance will increase supplier costs; for example, the Data Controller cannot be a part-time customer services agent. That said, it is thought that many small suppliers will struggle, and some will fail because of the additional administrative burden or following a 4% of turnover/Euro20M potential fine for any major breach.

    Although this is an EU Initiative, the UK Government has said that it will be enshrined in UK Law.

    FWiW, I only got interested in this subject when I read a blog written by a technical expert when he posed the question about how smart TV manufacturers are going to protect personal data when people sign up to smart services on their TV. For example, if the TV manufacturer is using viewing data to suggest future TV viewing, how does it know who is actually using the smart TV's features? It may not be the person that signed up to the use of his/her personal data. An extreme example: the point being made is that GDPR is a bit like an iceberg. There is more to it than can be seen on the surface.
    Last edited by Hengus; 12-03-2018 at 9:36 AM.
Page 1
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

2,230Posts Today

6,236Users online

Martin's Twitter