GDPR Compliance. What is it & how does it affect you?

My notes of Sam Jadali’s presentation on GDPR at WordCamp LA 2018.

GDPR is fundamentally changing the way we do business online. With GDPR now in effect for nearly 4 months, what does this mean for your site? Is the GDPR law geographically limited? Sam brings his 20 years of cybersecurity experience to discuss how you can protect your client data, what to do in the event of a data breach, and how you can prevent one. We’ll answer your questions and more including how your plugin choices can affect GDPR compliance.

Real issues with data release hacks

  • Moviepass tracking
  • ashleymadison.com
  • Applies to other entities like facebook, hospitals and government offices.
  • GDPR goal: give individuals control over their data

I don’t have any EU clients?

  • Could come through visitors to a US site.

  • Name, address, SSN, genetic information, race ethnic origin, health data, geo location data.

  • Canada has law already on book.

  • Summary of privacy laws in Canada
  • California passed data protection law
  • Get ready, data privacy will continue to grow
  • Right to access: same as credit report. individuals can request their data. have 30 days to comply
  • Right to be informed: what, why and how are we storing data.
  • Explicit consent required
  • Right to rectification
  • Right to restrict processing
  • Right to be forgotten
  • Right to transfer data
  • Right to not be subject to automated processing

Keep calm and prepare for GDPR

  • performa a privacy impact assessment
  • what, why and how
  • where do you hold your data? Local, cloud
  • SSL / encryption
  • Keep your DB server separate
  • What about google analytics installed on site?
  • Don’t label files .bak or .backup. Can read in full text

Changing file permissions

Default Permissions (umask 022)

644 -rw-r—r—  /home/user/wp-config.php
644 -rw-r—r—  /home/user/cgi-bin/.htaccess
644 -rw-r—r—  /home/user/cgi-bin/php.ini
755 -rwxr-xr-x  /home/user/cgi-bin/php.cgi
755 -rwxr-xr-x  /home/user/cgi-bin/php5.cgi

Secured Permissions

600 -rw———  /home/user/wp-config.php
604 -rw——r——  /home/user/cgi-bin/.htaccess
600 -rw———  /home/user/cgi-bin/php.ini
711 -rwx———x———x  /home/user/cgi-bin/php.cgi
100 —x———  /home/user/cgi-bin/php5.cgi

Plugins

Unexpected consequences

  • Hindering innovation
  • Blocking the blockchain
  • Denying access to eu visitors
  • Death of free services

Books and Links

Tags:

← Previous Actions and Filters and Mail Hooks and Shopping Trips Gutenberg and Custom Applications – How to effectively build apps powered by Gutenberg Next →