ATC Certification provides industry expert ISO certification and auditing services and training to language service…
Newly-published project report from the Translating Europe Workshop Towards Common European GDPR Guidelines for the Translation and Interpreting Profession sheds light on grey areas of GDPR implementation and compliance in the language services industry.
The General Data Protection Regulation (GDPR) came into force in 2018, but the T&I sector in particular has suffered from a lack of consistent application and implementation of the GDPR, resulting from grey areas around compliance, and inconsistent guidance from national data protection authorities.
“In the T&I sector, the presence of personal data in translated and interpreted content poses unique challenges. Personal data in this type of content is not structured, but ad hoc, almost incidental, and as such challenging to process in a consistent, safe manner. What is more, clients are often unaware or ignorant of their obligations towards safe processing of personal data in the content they send for translation or interpreted content.”
Funded by the European Commission Directorate-General for Translation, the Translating Europe Workshop is the first step towards common European GDPR guidelines for the translation and interpreting profession. It encompasses the work of a panel of legal and T&I sector experts, an all-day online workshop with T&I professionals, and this summary report.
The TEW GDPR report outlines key challenges in the implementation and compliance of the GDPR in the translation and interpreting profession, explored and analysed by the pan-European panel of experts.
The report explores six specific areas of interest:
- Types of personal data handled in the T&I sector
- Language Service Providers’ roles as data controllers and processors
- Contractual agreements between controllers and processors
- The use of sub-processors in the T&I sector
- Issues and solutions around data retention
- Identifying, analysing, and mitigating risks
The TEW GDPR Report is published by project partners, and can be downloaded from the EUATC’s website together with an updated version of the 2020 EUATC Guide GDPR and Personal Data in Translation.
“As T&I professionals, it is our responsibility to protect the rights and freedoms of the data subjects whose data we process, and to ensure that the GDPR is complied with at all levels. The GDPR does not bend to our will, but neither is it there to prevent our global business activities, and our work in enabling international communication,” comments Raisa McNab, one of the project’s experts, the EUATC’s GDPR Representative and ATC CEO.
In the UK, plans are afoot to introduce UK-specific modifications to the UK GDPR, but until these changes are published, data protection requirements remain largely in line with the GDPR. Read more at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/.