Preparation

All you need to prepare is a PC and an internet connection. Alternatively, this exercise can also take place on a tablet or smartphone.

Method / Process description

1. The General Data Protection Regulation

The basic principles of the GDPR should be introduced. Alternatively, individual groups can be given the task to research the meaning and purpose as well as the contents of the GDPR in a flash research and then present it in plenary. 

Research on the internet to answer or discuss the following question: 

• What is the purpose of the GDPR? 
• Who and what should the GDPR protect? 
• What advantages and disadvantages do you see in this context for companies and us as users? 
• Are there any criticisms of the GDPR? If so, what are they? 

2. information on the processing of personal data  

The GDPR also regulates the information obligation of companies. They must provide customers and users with extensive information about the processing of personal data. 

Check the data protection notices of any company (ideally a company with which you are in contact).

The worksheet serves as a support for this. 

3. Enforcement of the GDPR

Research the following topics: 

• What rights do I have as an end user with a company? (e.g. right to information etc.)
• Where and how can I report data protection violations? 

Non-compliance with the GDPR by organisations does have consequences.

The penalties imposed by the EU are published on the website https://www.enforcementtracker.com/. Check the amount of the fines imposed and details of the reasons. 

.

Download material

• Worksheet "GDPR Data"