Self-describing data becomes self-policing data

08 August 2018  •  Anthony Mandelli
This is an introduction to a new Snowplow technology; see the official developer release for a detailed technical walkthrough. Personal data shall be: (a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’); (b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes -General Data Protection Regulations, Chapter II Article 5 At the heart of...

GDPR challenges in a multi-platform, multi-device world

11 May 2018  •  Anthony Mandelli
As a company, you want to provide your users with a congruous experience across multiple platforms and devices including both web and mobile, with your data collection practices being consistent across each platform and device. To do that, you need to give users the opportunity to consent (or not) on each platform. It is nice if when a user grants or withdraws consent on one, it changes the way data is processed across all other...

Tracking consent on mobile is just as important as web for GDPR

04 May 2018  •  Anthony Mandelli
Mobile has become a significant channel for user engagement to the point where it needs to be treated with at least equal importance as traditional web. With GDPR enforcement set to go live on May 25, 2018, at the time of writing the fervor of conversation around compliance is steadily growing. However, much of that conversation is focused around web analytics. Given that web-based digital platforms, specifically websites, will potentially be the most significantly impacted,...

How to manage consent for GDPR, a nuanced approach

09 March 2018  •  Anthony Mandelli
The ongoing conversation around GDPR centers around compliance. Naturally, as data controllers and processors, making sure the way that we’re using data is compliant with the GDPR is a high priority. But the discussion is often oversimplified: does this comply or not? Though the regulations themselves may be straightforward, there are several vectors which make compliance challenging. GDPR requires the collection and processing of data to be tied to specific uses; the way clever analysts...

Understanding the role of anonymization and pseudonymization in GDPR compliance

02 March 2018  •  Anthony Mandelli
If you visit the European Union homepage for GDPR, one of the first things you’ll notice is a timer (assuming you read this before enforcement begins). Clearly displayed down to the second, at any given time you can check to see how much time you have left. Considering all of the complexities that come with compliance, problems that must be solved at the technological, procedural, and governance levels, there are many of us who will...

GDPR compliance in digital analytics and how we want to help

14 December 2017  •  Anthony Mandelli
In May of 2018, the General Data Protection Regulation, widely known as GDPR, officially goes into effect. For those unfamiliar, GDPR is a set of European regulations that builds on the Data Protection Act, designed specifically to empower ‘data subjects’ with new rights over their data. The pervasiveness of digital advertising and data collection have led to a feeling of unease among many individuals. When browsing the internet, users often have little to no idea...