Imagine that you are setting up a dating app. You have designed fantastic graphics and really innovative features. You begin to think through your sign-up workflow – the process that your users have to complete in order to be able to use your app. What information do you need? Name – to ensure that you can ID the user within your own system; email address – to create a user account for them and to be able to send them payment and system communications. What about the gender they identify as, their sexuality, body type, sexual preferences, allergies, illnesses, job, earnings, location? All of these things are potentially useful to you and may be something that users would like to post on their profiles. But do you collect them at sign-up, or later when you get the user to create their profile? Do you need them at all?
Experts in user experience will generally advise you to request the smallest amount of personal data from new users. You should collect only what you need to set them up on your app. New users are fickle and are likely to lose interest if they can’t easily fulfill their objective: getting access to your service. Once a user has been granted access to your service, they are then more likely to provide further information to unlock additional features.
So our new user has now created an account, and can view other people online. The next step is setting up their profile. Do you really need all the data listed above? You may feel that having a huge amount of data could be useful in the future but doesn’t follow a legal basis for collecting it. Data protection legislation states that you must only collect personal data that you need and process it only for as long as you need it. Collecting personal data because it might be useful in the future is likely unlawful. But even more than that, will your users be comfortable giving you information about their job, health conditions or sexuality? People are increasingly aware of their online safety, particularly while using a dating app where they are perhaps feeling more vulnerable than normal. You want to instill a feeling of trust in your users – asking them for unnecessary and intrusive personal data isn’t the way to do that.
Keeping your compliance obligations easy to meet
Certain types of personal data (relating to health, sexuality, race, criminal records etc.) are defined in law as “special category data” to which more onerous rules apply. If you collect and process special category data, you must ensure that it is processed in a secure way (generally encrypted and with access protected by multi-factor authentication), and you as the controller of that data are subjected to greater limitations on what you can do with it.
Similarly, if you process personal data relating to children, you must ensure that your privacy documents are intelligible to children, you must allow children to request deletion of their data in an accessible manner, and you owe a higher standard of care when you use their data.
Processing special category data and data relating to children increases your compliance costs – you must spend more on security, have policies in place accessible to children and ensure that you act wholly in compliance with the more onerous obligations imposed by law. Limiting or avoiding entirely the processing of these types of data will make your life much easier.
A key principle of data protection compliance is managing risk: to your data subjects and your own business. A compliant business is a business that has identified and managed its risk with regard to data protection.
In order to effectively manage your risk, you must really understand your business’ use of personal data and have a detailed understanding of how you will meet your obligations to customers.
Data protection compliance is not a tick-box exercise. It is also not an afterthought once you are ready to launch your business. It should be looked at front and center and be an integral part of the design and development of your business (particularly if you are a software/technology business). Understanding the data that you will process, why you need it, and what you will do with it, will allow you to optimize the user experience, structure an efficient and simple business in which your compliance obligations are clear, and manage your risk in an effective way.