GDPR Week at MyCake

At MyCake we take data seriously. In fact it’s our core business, and so the General Dataprotection Regulations (#gdpr) which come into force on 25th May are something we’re really interested in. And thought you might be too.

There’s lots of information out there, but because it’s about data, it’s going to be a bit, well, esoteric.  And very important.  And about the fundamentals of modern life.  to be honest, that’s why we love working with data.   But because data tells us so much about each other, keeping it safe is, and is becoming more so, a fundamental part of daily business.

We’ll be tweeting some great links this week, but if you want to read some more in some more detail, here’s a list of our favourite (or most important) articles and web pages that we think you might be interested in.

First off, The Guardian’s overview of why we need data protection regulations, and what they mean to individual freedoms in the modern world.  They investigate the two key parts of what the GDPR is trying to do:

“The first is the right of any individual to know what data is held on them, and in some circumstances to demand its deletion. This is obviously a help against teenage indiscretions, but it is not, nor should it be, a general panacea. There is a genuine public interest in knowing things about public figures that they would rather conceal. The partial exemption of journalism from data protection rules is a welcome part of this statement of intent. In any case, the right to be forgotten isn’t absolute. It is really a right to remove facts from search engines, not from the web itself. It does nothing to diminish the powers of inference from known facts which are harmless in themselves to unknown dangerous truths that we would rather conceal.

The second is the right of appeal to a human being against decisions which have been taken by an algorithm. This is something very different from requiring that the workings of the algorithm in question be explained. That would almost certainly be impossible: some forms of artificial intelligence now reach conclusions by a process that even their programmers cannot debug. But computers don’t operate themselves. They are programmed and maintained by human actors who must be held responsible for their actions, and that is what the stipulation about algorithmic decisions amounts to.”  

To read more, check out the whole article here

Next, here’s a link to an overview of the Key Issues, published by European Digital Rights (EDRi) an association of civil and human rights organisations from across Europe.  It’s a straightforward layout of the implications of the act, and from the point of view of a group of data principal organisations.  They have suggestions about how the act can be improved, but the core information and points are well made.


Moving onto the Community sector, how does it apply to us directly?  The NCVO have some great pieces on their blog, and we’d recommend having a look at them:

GDPR: It’s not just about fundraising 

Five things Trustees should know about GDPR

 What to consider when preparing for GDPR 


At MyCake, as a data led organisation, we’re proud that we are data protection registered and make sure that we are both legally and ethically within the spirit of data protection.  While GDPR is a personal data law, and doesn’t directly relate to the information our databases hold on organisations, we always want to be sure that we’re up to date on this.  And we hope that you do too.

Leave a Reply

Your email address will not be published. Required fields are marked *