SlideShare a Scribd company logo

For Superweek 2022: discussing risk using IAB's TCF

Aurélie Pols
Aurélie Pols

IAB'S TCF, FROM STANDARD (?) TO UNLAWFUL PROCESSING: WHO ENDS UP WITH NON-COMPLIANCE RISKS?

Data & Analytics
1 of 29
Download to read offline
IAB'S TCF, FROM STANDARD (?) TO UNLAWFUL PROCESSING: WHO ENDS UP WITH NON-COMPLIANCE RISKS? Founder, Aurélie Pols & Associates February 1st 2022 aurelie.pols@protonmail.com 1
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Data Governance & Privacy Engineer Data is the New infrastructure – Privacy is the New Green – Trust is the New Currency Dutch nationality, French mother tongue, works in English, lives in Spain AURELIE POLS, DATA GOVERNANCE & PRIVACY ENGINEER • DPO for mParticle (Customer Data platform) – contractor (USA, New York) • Founder – Aurélie Pols & Associates • Expert Advisory Board (EAB) member - Panelfit (EU H2020 No 788039) • Group expert member for the Observatory on the Online Platform Economy (E03607) – EU Commission •Guest professor DPO certification courses Maastricht University, faculty of law (NL) & Solvay Business School Brussels (B) • Board Member European Center On Privacy and Security, Maastricht University (NL) • Ethics Advisory Group (EAG) – European Data Protection Supervisor (EDPS) Towards a digital ethics • Former Vice-chair P7002 – Data Privacy Process – IEEE • Speaker/writer/consiglieri: Mobile World Congress, SWSX, Strata (+ Hadoop World), IAPP, Piwik, AT Internet, industry associations, AdTech & MarTech vendors, … 2003: OX2 Co-founder Webanalytics.be 2008: Sold to Digitas LBi (Publicis) 2
What I do for a living In case you’re wondering ;-) 3
Interlocking liabilities & obligations People Company (Telco, Bank, Insurance..) Company (Agency, consultancy, vendor, ...) Cloud provider • Aligning contract obligations • (+ enforcement?) • Providing • Security • Privacy features • Privacy engineering B2C B2B B2B Privacy policies Consent MSA SOW T&C 4
IAB’s TCF on RTB A little bit of history 5
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – There’s this guy in Ireland who talks of RTB 6 Video here: https://vimeo.com/670735163
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – He has been tackling this subject First as a publisher, then working for a browser and now at an NGO 7 Link https://iabeurope.eu/transparency-consent-framework/
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – The problem? 8 https://www.dataprotectionauthority.be/citizen/belgian-dpa-sends-its-draft-decision-in-the-iab-europe-case-to-european-counterparts
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – The “privacy freedom fighter” angle 9 Link https://www.iccl.ie/digital- data/apd-iab-findings/
10
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Independent audit? 11 Link https://iabeurope. eu/blog/iab- europe-launches- new-tcf-vendor- compliance- programme/
12
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – IAB side 13 Link https://iabeurop e.eu/blog/vendo r-compliance-in- the-tcf-what-it- is-and-what-it- isnt/
Taking a step back From the playground 14
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – It started with denial 1. Advertising IDs are not PII, right? 2. Let’s ignore the concept of purpose limitation 3. The only lawful basis that exist is consent Ø US notion of notice & choice 4. Keeping the data for ever is not an issue 5. Fairness is an impossible concept to respect Ø Let’s ignore the also US notion of discrimination (eg. FCRA) 6. Sprinkle on top some security if really, really needed 15
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Yet the law is closing in 2 main reasons according to Johnny Ryan, for those who understand how RTB works: 1. The biggest data breach in history 2. Enfrindging the purpose limitation principle ← NEW!!! 16
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – More specifically 17 Is there a week without any notice of Google enfringement?
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Translating this into GDPR lingo Back to basics: 1. Personal data is broader than PII, personally identifiable information 2. For data to be lawfully processed, a legal basis is required 1. This works per purpose ie data flow 2. Someone should tell Apple it’s not device only (ATT) 3. Data subjects have Rights 4. International data transfers are subject to conditions 18
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Words matter so much 19 Personal data - GDPR Personal information - CCPA Personally Indentifiable Information – ??? Sensitive Data – US COPPA, HIPAA, Infosec teams Special categories of Data – GDPR Financial data
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Problems of legality with RTB The initial issues with RTB are: An international broadcast of personal data to a variety of legal entities 1. If the auction is lost, 1. Are these legal entities deleting personal data? 2. Are these legal entities using those IDs for something else? (purpose limitation) 2. If the auction is won, 1. the personal data is passed onto other entities to fulfil the processing operations of 1. Delivering the ad to the chosen profile on the chosen medium (Ad network + publisher) 2. Delivering the reporting around the advertising operation 20
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Looking at it from the data subjects’ side 2 main questions arise from the data suject side: 1. Notice: how is the user notified of all the legal entities that receive her personal data? And for which purpose? 2. Rights: if the user wanted to exercise her rights to access, deletion, rectification, objection, portability and non-profiling, how would that work? Both obligations lie with the data controller ie the publisher 21
Who is responsible? Where does the risk lie? 22
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – This happened last week Munich State Court finds use of Google Fonts in violation of GDPR and grants compensation of 100€ Legitimate interest didn't apply. The website operator could have integrated the fonts directly into their website, thereby avoiding sending IP addresses to Google. Small sum and yet, this is about actual compensation! "The defendant is ordered to pay the plaintiff € 100.00 plus interest thereon in the amount of 5 percentage points above the base rate since 28.01.2021." https://rewis.io/urteile/urteil/lhm-20-01-2022-3-o-1749320/ 23
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Another example Spotify to support portability 24
Privacy fighting for engineering resources But who asks for what? Where does the risk lie? Education is essential 25
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Who gains? 26
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – The worst job today? 27 Link https://iabeurope.eu/blog/wa nt-to-join-the-iab-europe- team-new-position-available- privacy-counsel/
aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Conclusion • Is RTB legal? Probably not • Who takes on the risk? • Not the IAB • Not the vendors • The publishers maybe? • Who wants to punish the publishers? • …. • Question everything! • As Chris said, there are different angles. Always! Find the (risk) balance 28
Thank you for listening Aurelie.pols@protonmail.com 29

Recommended

게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal
게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal
게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for UnrealKyu-sung Choi
 
Digital Twin For The Railway Network
Digital Twin For The Railway NetworkDigital Twin For The Railway Network
Digital Twin For The Railway NetworkDattaraj Rao
 
오픈소스GIS 개발 일반 강의자료
오픈소스GIS 개발 일반 강의자료오픈소스GIS 개발 일반 강의자료
오픈소스GIS 개발 일반 강의자료BJ Jang
 
Leveraging Graph Analytics for Fraud Detection in PaySim Data
Leveraging Graph Analytics for Fraud Detection in PaySim DataLeveraging Graph Analytics for Fraud Detection in PaySim Data
Leveraging Graph Analytics for Fraud Detection in PaySim DataNeo4j
 
CKAN overview
CKAN overviewCKAN overview
CKAN overviewAugusto Herrmann Batista
 
Carvana slides
Carvana slidesCarvana slides
Carvana slidesJiabin Zhu
 
Nbs ID Card - Printer and Embosser
Nbs ID Card - Printer and EmbosserNbs ID Card - Printer and Embosser
Nbs ID Card - Printer and EmbosserDigital Factors
 
Developing Spatial Applications with Google Maps and CARTO
Developing Spatial Applications with Google Maps and CARTODeveloping Spatial Applications with Google Maps and CARTO
Developing Spatial Applications with Google Maps and CARTOCARTO
 

Recommended

게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal
게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for Unreal
게임엔진과 공간정보 3D 콘텐츠 융합 : Cesium for UnrealKyu-sung Choi
 
Digital Twin For The Railway Network
Digital Twin For The Railway NetworkDigital Twin For The Railway Network
Digital Twin For The Railway NetworkDattaraj Rao
 
오픈소스GIS 개발 일반 강의자료
오픈소스GIS 개발 일반 강의자료오픈소스GIS 개발 일반 강의자료
오픈소스GIS 개발 일반 강의자료BJ Jang
 
Leveraging Graph Analytics for Fraud Detection in PaySim Data
Leveraging Graph Analytics for Fraud Detection in PaySim DataLeveraging Graph Analytics for Fraud Detection in PaySim Data
Leveraging Graph Analytics for Fraud Detection in PaySim DataNeo4j
 
CKAN overview
CKAN overviewCKAN overview
CKAN overviewAugusto Herrmann Batista
 
Carvana slides
Carvana slidesCarvana slides
Carvana slidesJiabin Zhu
 
Nbs ID Card - Printer and Embosser
Nbs ID Card - Printer and EmbosserNbs ID Card - Printer and Embosser
Nbs ID Card - Printer and EmbosserDigital Factors
 
Developing Spatial Applications with Google Maps and CARTO
Developing Spatial Applications with Google Maps and CARTODeveloping Spatial Applications with Google Maps and CARTO
Developing Spatial Applications with Google Maps and CARTOCARTO
 
Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie? Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie? Aurélie Pols
 
AI Roles and Risk for election year 2024
AI Roles and Risk for election year 2024AI Roles and Risk for election year 2024
AI Roles and Risk for election year 2024Aurélie Pols
 
Preparing for the AI Act - 5 years into GDPR enforcement
Preparing for the AI Act - 5 years into GDPR enforcementPreparing for the AI Act - 5 years into GDPR enforcement
Preparing for the AI Act - 5 years into GDPR enforcementAurélie Pols
 
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyStorm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyAurélie Pols
 
Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club Aurélie Pols
 
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...Aurélie Pols
 
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ... eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...Aurélie Pols
 
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...Aurélie Pols
 
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPiwik PRO
 
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...Aurélie Pols
 
A Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyA Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyAurélie Pols
 
The Data Pitch call
The Data Pitch callThe Data Pitch call
The Data Pitch callElena Simperl
 
Customers in the cloud pulse final
Customers in the cloud pulse finalCustomers in the cloud pulse final
Customers in the cloud pulse finalFLUZO
 
Data Accountability & Consumer Trust
Data Accountability & Consumer TrustData Accountability & Consumer Trust
Data Accountability & Consumer TrustAurélie Pols
 
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-decke-SIDES.eu
 
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...Feroot
 
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel AmsterdamData is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel AmsterdamAurélie Pols
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016Saira Nayak, JD, CIPP/US/E
 
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc
 
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019Burton Lee
 
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...Aurélie Pols
 
Interoperability in Digital will take a Global Village
Interoperability in Digital will take a Global VillageInteroperability in Digital will take a Global Village
Interoperability in Digital will take a Global VillageAurélie Pols
 

More Related Content

Similar to For Superweek 2022: discussing risk using IAB's TCF

Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie? Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie? Aurélie Pols
 
AI Roles and Risk for election year 2024
AI Roles and Risk for election year 2024AI Roles and Risk for election year 2024
AI Roles and Risk for election year 2024Aurélie Pols
 
Preparing for the AI Act - 5 years into GDPR enforcement
Preparing for the AI Act - 5 years into GDPR enforcementPreparing for the AI Act - 5 years into GDPR enforcement
Preparing for the AI Act - 5 years into GDPR enforcementAurélie Pols
 
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyStorm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyAurélie Pols
 
Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club Aurélie Pols
 
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...Aurélie Pols
 
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ... eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...Aurélie Pols
 
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...Aurélie Pols
 
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPiwik PRO
 
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...Aurélie Pols
 
A Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyA Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyAurélie Pols
 
Customers in the cloud pulse final
Customers in the cloud pulse finalCustomers in the cloud pulse final
Customers in the cloud pulse finalFLUZO
 
Data Accountability & Consumer Trust
Data Accountability & Consumer TrustData Accountability & Consumer Trust
Data Accountability & Consumer TrustAurélie Pols
 
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-decke-SIDES.eu
 
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...Feroot
 
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel AmsterdamData is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel AmsterdamAurélie Pols
 
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc
 
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019Burton Lee
 

Similar to For Superweek 2022: discussing risk using IAB's TCF (20)

Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie? Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie?
 
AI Roles and Risk for election year 2024
AI Roles and Risk for election year 2024AI Roles and Risk for election year 2024
AI Roles and Risk for election year 2024
 
Preparing for the AI Act - 5 years into GDPR enforcement
Preparing for the AI Act - 5 years into GDPR enforcementPreparing for the AI Act - 5 years into GDPR enforcement
Preparing for the AI Act - 5 years into GDPR enforcement
 
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyStorm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
 
Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club
 
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
 
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ... eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
 
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
 
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital Setup
 
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
Webit Global Congress - Leaders of the Future Summit - Privacy and Data Prote...
 
A Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyA Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer Privacy
 
The Data Pitch call
The Data Pitch callThe Data Pitch call
The Data Pitch call
 
Customers in the cloud pulse final
Customers in the cloud pulse finalCustomers in the cloud pulse final
Customers in the cloud pulse final
 
Data Accountability & Consumer Trust
Data Accountability & Consumer TrustData Accountability & Consumer Trust
Data Accountability & Consumer Trust
 
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-deck
 
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
 
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel AmsterdamData is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
 
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
 
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019
 

More from Aurélie Pols

IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...Aurélie Pols
 
Interoperability in Digital will take a Global Village
Interoperability in Digital will take a Global VillageInteroperability in Digital will take a Global Village
Interoperability in Digital will take a Global VillageAurélie Pols
 
The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?Aurélie Pols
 
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...Aurélie Pols
 
GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?Aurélie Pols
 
Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)Aurélie Pols
 
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...Aurélie Pols
 
How digitization challenges our values as citizens
How digitization challenges our values as citizens How digitization challenges our values as citizens
How digitization challenges our values as citizens Aurélie Pols
 
Technical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's RightsTechnical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's RightsAurélie Pols
 
From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?Aurélie Pols
 
State of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for SuperweekState of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for SuperweekAurélie Pols
 
The Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - KeynoteThe Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - KeynoteAurélie Pols
 
The Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataDataThe Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataDataAurélie Pols
 
Brussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceBrussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceAurélie Pols
 
Sibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital EthicsSibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital EthicsAurélie Pols
 
Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?Aurélie Pols
 
Multi-tasking teams within cyber security departments
Multi-tasking teams within cyber security departmentsMulti-tasking teams within cyber security departments
Multi-tasking teams within cyber security departmentsAurélie Pols
 
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantage
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantageBIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantage
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantageAurélie Pols
 
Get data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design conceptGet data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design conceptAurélie Pols
 
Big Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New GreenBig Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New GreenAurélie Pols
 

More from Aurélie Pols (20)

IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
 
Interoperability in Digital will take a Global Village
Interoperability in Digital will take a Global VillageInteroperability in Digital will take a Global Village
Interoperability in Digital will take a Global Village
 
The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?
 
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
 
GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?
 
Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)
 
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
 
How digitization challenges our values as citizens
How digitization challenges our values as citizens How digitization challenges our values as citizens
How digitization challenges our values as citizens
 
Technical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's RightsTechnical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's Rights
 
From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?
 
State of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for SuperweekState of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for Superweek
 
The Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - KeynoteThe Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - Keynote
 
The Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataDataThe Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataData
 
Brussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceBrussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data Science
 
Sibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital EthicsSibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital Ethics
 
Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?
 
Multi-tasking teams within cyber security departments
Multi-tasking teams within cyber security departmentsMulti-tasking teams within cyber security departments
Multi-tasking teams within cyber security departments
 
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantage
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantageBIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantage
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantage
 
Get data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design conceptGet data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design concept
 
Big Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New GreenBig Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New Green
 

Recently uploaded

Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightCheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightDelhi Call girls
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...amitlee9823
 
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...amitlee9823
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Researchmichael115558
 
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdfMarket Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdfRachmat Ramadhan H
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Delhi Call girls
 
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceBDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceDelhi Call girls
 
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysismanisha194592
 
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxolyaivanovalion
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusTimothy Spann
 
Determinants of health, dimensions of health, positive health and spectrum of...
Determinants of health, dimensions of health, positive health and spectrum of...Determinants of health, dimensions of health, positive health and spectrum of...
Determinants of health, dimensions of health, positive health and spectrum of...shambhavirathore45
 
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Delhi Call girls
 
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionWeek-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionfulawalesam
 
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...amitlee9823
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxolyaivanovalion
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxolyaivanovalion
 

Recently uploaded (20)

Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightCheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
 
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts ServiceCall Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
 
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
 
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdfMarket Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
 
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceBDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
 
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysis
 
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in KishangarhDelhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
 
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptx
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and Milvus
 
Determinants of health, dimensions of health, positive health and spectrum of...
Determinants of health, dimensions of health, positive health and spectrum of...Determinants of health, dimensions of health, positive health and spectrum of...
Determinants of health, dimensions of health, positive health and spectrum of...
 
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
 
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
 
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionWeek-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interaction
 
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptx
 

For Superweek 2022: discussing risk using IAB's TCF

  • 1. IAB'S TCF, FROM STANDARD (?) TO UNLAWFUL PROCESSING: WHO ENDS UP WITH NON-COMPLIANCE RISKS? Founder, Aurélie Pols & Associates February 1st 2022 aurelie.pols@protonmail.com 1
  • 2. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Data Governance & Privacy Engineer Data is the New infrastructure – Privacy is the New Green – Trust is the New Currency Dutch nationality, French mother tongue, works in English, lives in Spain AURELIE POLS, DATA GOVERNANCE & PRIVACY ENGINEER • DPO for mParticle (Customer Data platform) – contractor (USA, New York) • Founder – Aurélie Pols & Associates • Expert Advisory Board (EAB) member - Panelfit (EU H2020 No 788039) • Group expert member for the Observatory on the Online Platform Economy (E03607) – EU Commission •Guest professor DPO certification courses Maastricht University, faculty of law (NL) & Solvay Business School Brussels (B) • Board Member European Center On Privacy and Security, Maastricht University (NL) • Ethics Advisory Group (EAG) – European Data Protection Supervisor (EDPS) Towards a digital ethics • Former Vice-chair P7002 – Data Privacy Process – IEEE • Speaker/writer/consiglieri: Mobile World Congress, SWSX, Strata (+ Hadoop World), IAPP, Piwik, AT Internet, industry associations, AdTech & MarTech vendors, … 2003: OX2 Co-founder Webanalytics.be 2008: Sold to Digitas LBi (Publicis) 2
  • 3. What I do for a living In case you’re wondering ;-) 3
  • 4. Interlocking liabilities & obligations People Company (Telco, Bank, Insurance..) Company (Agency, consultancy, vendor, ...) Cloud provider • Aligning contract obligations • (+ enforcement?) • Providing • Security • Privacy features • Privacy engineering B2C B2B B2B Privacy policies Consent MSA SOW T&C 4
  • 5. IAB’s TCF on RTB A little bit of history 5
  • 6. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – There’s this guy in Ireland who talks of RTB 6 Video here: https://vimeo.com/670735163
  • 7. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – He has been tackling this subject First as a publisher, then working for a browser and now at an NGO 7 Link https://iabeurope.eu/transparency-consent-framework/
  • 8. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – The problem? 8 https://www.dataprotectionauthority.be/citizen/belgian-dpa-sends-its-draft-decision-in-the-iab-europe-case-to-european-counterparts
  • 9. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – The “privacy freedom fighter” angle 9 Link https://www.iccl.ie/digital- data/apd-iab-findings/
  • 10. 10
  • 11. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Independent audit? 11 Link https://iabeurope. eu/blog/iab- europe-launches- new-tcf-vendor- compliance- programme/
  • 12. 12
  • 13. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – IAB side 13 Link https://iabeurop e.eu/blog/vendo r-compliance-in- the-tcf-what-it- is-and-what-it- isnt/
  • 14. Taking a step back From the playground 14
  • 15. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – It started with denial 1. Advertising IDs are not PII, right? 2. Let’s ignore the concept of purpose limitation 3. The only lawful basis that exist is consent Ø US notion of notice & choice 4. Keeping the data for ever is not an issue 5. Fairness is an impossible concept to respect Ø Let’s ignore the also US notion of discrimination (eg. FCRA) 6. Sprinkle on top some security if really, really needed 15
  • 16. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Yet the law is closing in 2 main reasons according to Johnny Ryan, for those who understand how RTB works: 1. The biggest data breach in history 2. Enfrindging the purpose limitation principle ← NEW!!! 16
  • 17. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – More specifically 17 Is there a week without any notice of Google enfringement?
  • 18. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Translating this into GDPR lingo Back to basics: 1. Personal data is broader than PII, personally identifiable information 2. For data to be lawfully processed, a legal basis is required 1. This works per purpose ie data flow 2. Someone should tell Apple it’s not device only (ATT) 3. Data subjects have Rights 4. International data transfers are subject to conditions 18
  • 19. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Words matter so much 19 Personal data - GDPR Personal information - CCPA Personally Indentifiable Information – ??? Sensitive Data – US COPPA, HIPAA, Infosec teams Special categories of Data – GDPR Financial data
  • 20. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Problems of legality with RTB The initial issues with RTB are: An international broadcast of personal data to a variety of legal entities 1. If the auction is lost, 1. Are these legal entities deleting personal data? 2. Are these legal entities using those IDs for something else? (purpose limitation) 2. If the auction is won, 1. the personal data is passed onto other entities to fulfil the processing operations of 1. Delivering the ad to the chosen profile on the chosen medium (Ad network + publisher) 2. Delivering the reporting around the advertising operation 20
  • 21. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Looking at it from the data subjects’ side 2 main questions arise from the data suject side: 1. Notice: how is the user notified of all the legal entities that receive her personal data? And for which purpose? 2. Rights: if the user wanted to exercise her rights to access, deletion, rectification, objection, portability and non-profiling, how would that work? Both obligations lie with the data controller ie the publisher 21
  • 22. Who is responsible? Where does the risk lie? 22
  • 23. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – This happened last week Munich State Court finds use of Google Fonts in violation of GDPR and grants compensation of 100€ Legitimate interest didn't apply. The website operator could have integrated the fonts directly into their website, thereby avoiding sending IP addresses to Google. Small sum and yet, this is about actual compensation! "The defendant is ordered to pay the plaintiff € 100.00 plus interest thereon in the amount of 5 percentage points above the base rate since 28.01.2021." https://rewis.io/urteile/urteil/lhm-20-01-2022-3-o-1749320/ 23
  • 24. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Another example Spotify to support portability 24
  • 25. Privacy fighting for engineering resources But who asks for what? Where does the risk lie? Education is essential 25
  • 26. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Who gains? 26
  • 27. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – The worst job today? 27 Link https://iabeurope.eu/blog/wa nt-to-join-the-iab-europe- team-new-position-available- privacy-counsel/
  • 28. aurelie.pols@protonmail.com © prepared by Aurélie Pols for Aurelie Pols & Associates – Conclusion • Is RTB legal? Probably not • Who takes on the risk? • Not the IAB • Not the vendors • The publishers maybe? • Who wants to punish the publishers? • …. • Question everything! • As Chris said, there are different angles. Always! Find the (risk) balance 28
  • 29. Thank you for listening Aurelie.pols@protonmail.com 29