Perils Of Consent And Backups
What problems can consent and backing up your data cause?
Consent is the best way for someone to authorise your collection and use of their Personal Data.
You should always back up every piece of data you have and keep the archives?
Let's take a look at an example where relying on consent to collect Personal Data, and backing this up each day can have unexpected consequences.
Joanna's Story - June 2018
Joanna is a Chartered Accountant.
Over the last few years, she has signed up five hundred people through her website, to receive her monthly email newsletter.
Joanna's monthly newsletter contains no marketing, and she has used it to keep her clients and prospective clients informed of changes to tax law.
The Privacy Notice presented on Joanna's website describes how someone can unsubscribe from the email list by clicking on the unsubscribe link in each newsletter. Joanna used consent as the legal basis to populate and operate her email list.
It is 6th June 2018. One of the subscribers to Joanna's newsletter leaves her mailing list by clicking on the unsubscribe link in the most recent newsletter.
Someone unsubscribing from the newsletter is not unusual. It happens from time to time.
What is unusual is that the same person emails Joanna later that day and invokes their Right to erasure under the GDPR.
Joanna now has one month to comply with the erasure request.
The email addresses for all of the subscribers to Joanna's email list are held in a spreadsheet she maintains by hand.
This spreadsheet is stored on the hard drive of the computer that Joanna uses each day at the office.
Every night for the last three years, the contents of Joanna's hard drive have been compressed and backed up to a remote server.
The email address of the person who has just unsubscribed from the newsletter has been tracked in Joanna's spreadsheet for a little over two years.
To comply with the Right of erasure request Joanna has received, she needs to:
- Restore every nightly backup from the last two years
- Remove the email address of the person who has unsubscribed from each backup
- Replace each backup on the remote server with the modified version
Joanna didn't do anything obviously wrong in her eyes. She was studious in ensuring that the data on her hard drive was backed up.
Her problem stems from:
- Her reliance on consent as the basis to collect and use the email address of subscribers to her email list
- Storing these email addresses in a spreadsheet that has been copied and archived hundreds of times by the nightly backup
The Right to erasure in the GDPR requires that you remove all copies of the affected Personal Data. This includes all copies stored in any backups you have made.
Joanna didn't use her email list for marketing. She could have used a legitimate interest such as a relevant relationship as the legal basis for collecting and using the names and email addresses of her subscribers.
If Joanna had not relied on consent for her collection of Personal Data from her subscribers - and had not generated hundreds of copies of the data in backups - her handling of the Right to erasure request would be vastly simpler and quicker.
There would still be an issue if Joanna hadn't used consent as the legal basis to populate and operate her email list, due to her backups. But - relying on consent guarantees your provision of the Right to erasure, as the withdrawal of consent is one of the grounds for the use of this right.
Unfortunately for Joanna, her reliance on consent has created clear-cut grounds that require her to honour the Right to erasure request, and her chosen backup strategy has amplified the effort involved massively.
In an upcoming article, we'll look at how to avoid Joanna's problem even when you have to rely on consent for your collection and use of Personal Data.