Boards.ie uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Click here to find out more x
Post Reply  
 
Thread Tools Search this Thread
09-10-2017, 10:30   #1
pdemp
Registered User
 
pdemp's Avatar
 
Join Date: Oct 2017
Posts: 27
Data Protection 2018

There are new data protection rules coming into force in May 2018, and while I thought they only applied to companies, they apply to clubs and societies as well. I'm not sure if it applies to individuals acting on their own, unless they are involved in some economic activity, but that's a side issue.

Anyway, as it applies to chess in Ireland,
I have 2 proper questions:

Do the ICU have any guidance for clubs/tournament organisers etc. for the new GDPR rules coming in next year? Mainly around renewing consent for mailing list etc.

Is the age on the junior ratings list static or dynamic (i.e. can the date of birth be derived)?

and 1/3 rambling ridiculous questions:
What happens if a player requests their data to be deleted, especially around ratings? Does consent need to be given to use your rating in calculations, given that it's stored in a database and involves an algorithm (and that algorithm is implemented in software, rather than done on pen and paper)? Given that a rating and club can currently unique identify everyone above 1780, is it personal information?
pdemp is offline  
Advertisement
18-10-2017, 21:58   #2
HaraldSchmidt
Registered User
 
Join Date: Jan 2015
Posts: 46
I believe that by entering any of the normal competitions, weekenders, leagues, ICU run events, all of which are known to be rated by the ICU, then you have agreed to your name being published with the result of your games, and the publication of your new rating.

It is very difficult to remove a person from the rating system, as all of their games were played against other players, who, presumably, want their ratings to be accurate. On a very few occasions, the rating officer has obfuscated a player's name, which leaves the results of their games intact, but removes their name from access by search engines.
HaraldSchmidt is offline  
19-10-2017, 23:12   #3
pdemp
Registered User
 
pdemp's Avatar
 
Join Date: Oct 2017
Posts: 27
Quote:
Originally Posted by HaraldSchmidt View Post
I believe that by entering any of the normal competitions, weekenders, leagues, ICU run events, all of which are known to be rated by the ICU, then you have agreed to your name being published with the result of your games, and the publication of your new rating.
The GDPR will mean this will have to be clearly written, though in ICU membership notice rather than individual tournaments, and members should have to complete some action (checkbox, not pre checked) to allow your data into the database, with parental constent for <13. Implicit or fine print is gone when it comes to databases with real people. However you will be entitled to opt-out of the database at anytime, so what this means for rating calculations is interesting.

I think it is stupid as all this used to be down on pen and paper, and if it still was none of this would be an issue.

Quote:
Originally Posted by HaraldSchmidt View Post
It is very difficult to remove a person from the rating system, as all of their games were played against other players, who, presumably, want their ratings to be accurate. On a very few occasions, the rating officer has obfuscated a player's name, which leaves the results of their games intact, but removes their name from access by search engines.
I agree it's difficult, and nearly go as far as say farcical, but as the ICU rating allows you to be identified, it could fall under the new rules, and so name obfuscation may not be sufficient. [There are some exceptions for historical importance etc., but the exceptions aren't clear to a non-legal head like me.]


In any case this example is the extreme one. I'm mainly wondering if the ICU/LCU have examined the impact of GDPR both for themselves, and any guidelines for clubs, before it comes into effect next May.
pdemp is offline  
24-10-2017, 22:15   #4
rob51
Registered User
 
rob51's Avatar
 
Join Date: Jul 2015
Posts: 95
Quote:
I think it is stupid as all this used to be down on pen and paper, and if it still was none of this would be an issue.
If you check you will find that data protection also applies to lists using pencil and paper. So that wouldn't help.
In fact if you keep a list of kids to invite to your child's birthday party it is probably covered.
The scope of data protection is truly amazing yet it fails to do anything effective about SPAM and similar problems.

However you are allowed 'process' personal data for legitimate reasons, so I doubt that someone can demand to be removed from a ratings database since maintaining that database is a legitimate purpose for the ICU. However it may well be necessary to get explicit consent from players whatever that means.
rob51 is offline  
Post Reply

Quick Reply
Message:
Remove Text Formatting
Bold
Italic
Underline

Insert Image
Wrap [QUOTE] tags around selected text
 
Decrease Size
Increase Size
Please sign up or log in to join the discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search



Share Tweet