Want to Be A More Privacy-Aware Developer for Data Privacy Day? Think of Personal Information like Uranium
Sunday, January 28th is Data Privacy Day. And, I know the best way for Twilio to celebrate the day would be with a post on best practices for handling nuclear reactor fuel. Kidding. In all seriousness, much of Data Privacy Day is focused on building awareness among consumers about how they can protect their privacy on the internet – a noble cause. But what about a little awareness-building for you, the developers – the doers that build that internet?
Now, I’m no nuclear physicist, but I am Twilio’s Associate General Counsel and head up our privacy program. So, let me plead my case that if you want to become a more privacy-aware developer (and who doesn’t?!), one way to get into the right frame of mind is to think of handling personal …
Welcome to Part 3 of our series discussing the General Data Protection Regulation (GDPR). With this post, we’re going to dig into some key concepts in the legislation.
(If you’re asking yourself, “What is this GDPR thing?” It’s a major piece of legislation coming out of the European Union (EU) which regulates the processing of personal data and it could significantly impact your business regardless of where your organization is based. The GDPR will become enforceable on May 25, 2018. For more information, check out Part 1 and Part 2 of our blog post series on GDPR and the session from SIGNAL London, “GDPR and Beyond: Data Protection at Twilio.”)
Before we get started, I want to give you fair warning—this post is going to get into some legal-ish stuff. But, bear with me here. These concepts are an important foundation for understanding your and Twilio’s obligations with …
- Does GDPR apply to you or your business?
- What’s the intent of GDPR?
- What happens if you don’t comply?
Compliance is often a topic of discussion for many of our customers, but one compliance item that hasn’t quite made it onto everyone’s radar just yet is the General Data Protection Regulation (GDPR)—a major piece of legislation coming out of the European Union (EU) that could severely impact your business whether your organization is based in the U.S. or abroad. This legislation replaces the original EU Data Protection Directive (Directive).
The GDPR will take effect on May 25, 2018, and Twilio is committed to ensuring our platform is compliant by then.
Now you may be wondering…
If you process personal data of EU individuals, then the answer is most likely yes. If your business is established in the EU, the GDPR …
- Twilio is committed to being GDPR compliant by May 25, 2018.
- New data processing addendum for customers.
- Additional GDPR guidance materials coming soon.
At Twilio, we’re keenly aware that organizations who process personal data of people in the EU need to be sure their service providers support compliance with the General Data Protection Regulation (GDPR). That’s why we are committed to ensuring our platform is GDPR-compliant by May 25, 2018, when GDPR becomes enforceable.
Our first leadership principle is to “wear the customer’s shoes.” This leadership principle is so fundamental to who we are that we actually have customers’ shoes hanging on the walls at our headquarters. No joke. So, while we love developing new features and products to help unlock your communications innovations, we understand that if our platform doesn’t support your compliance needs, those new features and products don’t mean much.
Furthermore, Twilio welcomes GDPR as an …
This is a question I hear regularly from Twilio customers interested in using Twilio’s Programmable SMS API.
For the uninitiated, “ATDS” stands for “Automatic Telephone Dialing System.” ATDS’s are also sometimes colloquially referred to as “auto-dialers” or “robo-dialers.” And, in the United States, whether or not your messaging program is subject to the restrictions (and severe monetary penalties) of the Telephone Consumer Protection Act (aka the “TCPA”) depends, in part, on whether or not you use an ATDS to send text messages to end users. For purposes of the TCPA, ATDS is defined in the law and in the Federal Communications Commission’s rules.
It is probably not an overstatement to say that, for US attorneys, the number one legal concern when reviewing a text messaging program is ensuring it does not run afoul of the TCPA. With penalties up to $1500 per text message, and the possibility of sending thousands, …