GDPR Guidance: What the New Regulations Mean for Developers

GDPR Guidance: What the New Regulations Mean for Developers

Rebecca Yarbrough — March 22nd, 2018

You might have heard of GDPR (General Data Protection Regulation), but what does it mean for you? Let us attempt to translate some of the noise and provide some practical GDPR guidance for developers.

As mobile takes over, an incredible amount of intimate data about people lives online. In addition to being vulnerable to attacks, the user data is also used by companies and other parties for their own purposes, like ads. The European Union is taking the position that data privacy laws have not kept up with the widespread use of technologies like messaging, VOIP, and personalization, and users’ trust in digital platforms is quickly eroding. (For example, the improper use of Facebook profile data by Cambridge Analytica is shedding light on the lack of controls on collection and use of user data.)

On May 25, 2018, the EU enacted a massive set of regulations intended to give users powerful sets of rights around what kind of data companies can collect, for what reasons, and how that data can be used. The official GDPR guidance is primarily packaged as a list of rights (e.g. “the right to be forgotten”) and these regulations apply to any business based in the EU or with EU citizens as users.

These regulations have set a new high bar in data privacy that will most likely be the international standard going forward. Complying will be a competitive advantage as user data privacy and control become features that consumers worldwide start to demand. For example with End-to-End Encrypted chat apps like WhatsApp, who wants to use a non-encrypted app?

The good news is that you’re covered on the tech side. Our End-to-End Encryption SDK for chat and encrypted data storage make it easy to build intense security and privacy into your app for GDPR compliance and the increasing user demand.

So, how do you comply with GDPR? First, you need to understand the intent of the law and main applications and learn what technical tools you’ll need to implement.

Here is some helpful GDPR guidance that makes these complex regulations somewhat understandable:

  1. WTF is GDPR?
  2. GDPR: What it is, what we are doing, and what you can do
  3. Making the General Data Protection Regulation easier to understand
  4. Google Cloud & the General Data Protection Regulation
  5. The GDPR: new opportunities, new obligations

As always, Virgil Security is available to answer any questions you might have about end-to-end encryption. Sign up for a free Virgil account and join our Slack community to start a conversation.

Virgil Security, Inc. is a stack of security libraries and all the necessary infrastructure to enable seamless, end-to-end encryption for any application, platform or device.

We guide software developers into the forthcoming security world in which everything will be encrypted (and passwords will be eliminated). In this world, the days of developers having to raise millions of dollars to build secure chat, secure email, secure file-sharing, or a secure anything have come to an end. Now developers can instead focus on building features that give them a competitive market advantage while end-users can enjoy the privacy and security they increasingly demand.

Cryptography on Capitol Hill
Rebecca Yarbrough — March 11th, 2018
Breaking Down GDPR Article 9
Rebecca Yarbrough — March 29th, 2018