On August 28th, a group of privacy-minded people gathered in Berlin to discuss what organisations in the GÉANT community are doing to deal with the upcoming General Data Protection Regulation (GDPR) and what we could be doing together.

It was very interesting to see that everyone was focusing on different aspects of GDPR. In Germany, for instance, GDPR is not very different from current legislation; while for CERN it is still unclear how (and even if) an international organisation should deal with GDPR. Jisc gave a very interesting insight into the way they are approaching the huge amount of services Jisc has to ‘GDPR-ise’ in the UK; while in Denmark, DeiC is focusing its efforts on creating awareness among researchers about how they can best manage their data.

Despite the differences, everyone agreed that there are many things we in the research and education networking community can work on together. For instance:

  • an analysis of the different national approaches to certain parts of the GDPR;
  • a first analysis of our joint services;
  • sharing tools and privacy statements to enhance each other’s preparations for GDPR.

If you want to find out more about the content of the meeting, please visit the Data Protection Regulation wiki.

Next meeting

To work on those common goals and exchange more information about what everyone is working on, there will be a meeting in Utrecht, the Netherlands, at the SURFnet offices on October 30th, and this group aims to form a task force. You can find details about the meeting on the wiki. Please REGISTER if you want to participate.

If you have any questions about the meeting, please contact Charlie van Genuchten: charlie.genuchten@geant.org.