DEV Community

Cover image for The Legalities of Data Collection - are you getting fined?
dnasedkina for SOAX

Posted on • Originally published at

The Legalities of Data Collection - are you getting fined?

On this episode of Ethical Data, Explained, Peter Craddock, Partner of Keller and Heckman, joins the discussion of personal data and the consequences of personal data infringement.

Peter Craddock

Peter previously worked as a lawyer before transitioning to software development, and presently works at Keller and Heckman as a Legal Technologist. He has continually expressed how much he enjoys helping clients achieve their digital ambitions by building legal and technical solutions. His mission is to make Keller and Heckman a top company in the sector and help their clients use data more efficiently and safely.

Episode covers:

1. Protecting the Personal Data of the Everyday Person

Privacy has always been a point of contention among the public, not just in the digital world. Even before Edward Snowden’s infamous leaks, there was an abundance of scepticism regarding the information we share with the online world, so, when it comes to the legalities of data collection, we must first acknowledge that everyone’s personal data is to be kept private and secure so that it doesn’t fall into the wrong hands. Even Steve Jobs himself hammered home the importance of privacy, stating, ‘Let them know precisely what you’re going to do with their data.’

Peter Craddock is an avid advocate for warning the public about scams and phishing emails; everyone needs to be aware of these things. Oftentimes, these phishing scams will get a hold of data leaks, or they might even buy data from third parties, resulting in (sometimes) very sophisticated, convincing scams that even the most eagle eyed internet user might be fooled by.

In fact, Peter even discusses a phishing scam that he was recently quite impressed by. ‘Sometimes, depending on my mood, either I try to play around and play along with them, and try to figure out how far they're willing to go in their explanation; or sometimes I'll just cut the call immediately, but this time I thought I'd play along for a bit,’ he said. ‘This was the most convincing phishing call I'd had in a while. They told me that I made an Amazon purchase for an iPhone, and it was an unusual transaction for me. So I said, “I'm sorry, but I'm not interested. Thank you.” They were trying to elicit a response of fear and susceptibility on my part. But I thought that the way that they responded to my questions was a lot smarter than what I'd seen [before]. I thought it was noteworthy.’

Were it not for Peter’s knowledge as a Partner of Keller and Heckman, he may have fallen for it, which is even more reason we should protect the data of those uneducated in the subject. He said, ‘It seemed like a very big coincidence that was happening just after a massive leak had been suggested. So I wondered perhaps it's related to that.’

2. How Can We Ensure Our Data is Protected?

Despite GDPR and the growing awareness of how important our private data is, we still need to make sure we are doing our utmost to protect it. But what actions can we take to ensure this protection? Ideally, it’s the organisations in charge of our data who should be taking those extra steps, and although they have put effort into it, data leaks still happen, making everyone with a phone number or an email vulnerable.

According to Peter, one way we can do this is by making use of AI aids to monitor and prevent any sort of data infringement as a result of these leakages. Organisations must also come together to ensure they are doing everything in their power to protect people’s data; they can work together to formulate security measures in this respect.

But, he does explain that there is an ongoing debate as to what exactly personal data is: ‘I do have a few ongoing cases where we are addressing the issue of what personal data is. Data protection legislation has been around for basically 30 years now, you'd think that some of these basic concepts have been sufficiently examined, but it's not yet the case. We still do not have sufficient clarity. So we still do have a tension. Some authorities are interpreting it in a very broad manner, some in a more restrictive manner. It's a fascinating topic, I think, because there are lots of situations.’

3. Keller and Heckman’s DeFine Tool

The DeFine Tool is Keller and Heckman’s program that allows them to calculate the fine penalties in cases of data infringement. This is an incredibly useful, resourceful tool, allowing both the firm and the client to know and understand the extent of the offence committed.

When discussing the tool, he said, ‘I've been building tools to help myself and clients for some time. I love it if a client says, “I've got an issue and can you help me?” And then, if I find out that it's something that they can do on their own, if I give them a tool, if it's a more rudimentary question, or if it's a specific process where my added value is more limited, then my added value is building the tool for them. Then they've got something, and you empower the clients. They can do the calculation or the assessment on their own, and that, I think, is a great way to help them.’

Listen to this episode of Ethical Data, Explained to learn more about how web scraping companies can maintain ethical standards and for insights on potential changes that could transform the industry.

You can find "Ethical Data, Explained" on

Apple Podcasts
Google podcasts

For more info reg the podcast, episodes and guests - welcome to the official podcast webpage.

CTA: if you know someone whose knowledge, experience and expertise could make them an interesting guest to discuss data and data collection - let me know in the comments! I am happy to reach out and invite them for a talk 🙂

Top comments (0)