SlideShare a Scribd company logo
1 of 33
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Get	
  Data	
  without	
  the	
  ‘Creepiness’	
  factor:	
  
The	
  Privacy	
  by	
  Design	
  concept	
  
Aurélie Pols Mind Your Privacy
MyPermissions
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
The	
  future	
  of	
  Customer	
  Centricity?	
  
	
  
	
  
	
  
	
  
	
  
	
  2	
  fundamental	
  ques>ons:	
  
1.  How	
  far	
  is	
  too	
  far	
  (for	
  data	
  use	
  &	
  transparency)?	
  
2.  Who	
  will	
  decide	
  (what	
  is	
  acceptable)?	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
4	
  DATA	
  PRIVACY	
  STATEMENTS	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Data	
  =	
  New	
  Asset	
  Class	
  
•  Economic	
  asset:	
  	
  
– if	
  it’s	
  worth	
  something,	
  
who	
  owns	
  it?	
  
•  Ownership	
  means	
  
property:	
  
– Property	
  law,	
  contract	
  
law,	
  etc.	
  
•  But	
  
Personal Data:
The Emergence of a New Asset Class
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
DATA	
  IS	
  INFINITELY	
  TRANSFERABLE	
  
WITHOUT	
  DECAY	
  
#1.	
  The	
  specifics	
  of	
  Data	
  as	
  an	
  Economic	
  Asset	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Familiar	
  property	
  types	
  
•  House,	
  mortgage	
  &	
  
cadaster	
  
•  A	
  car	
  looses	
  50%	
  of	
  it’s	
  
value	
  the	
  day	
  aWer	
  the	
  
purchase	
  
•  But	
  data?	
  What	
  is	
  it	
  really?	
  
HYPOTEK	
   Fas>ghetsregistret	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Infinitely	
  transferable	
  without	
  decay	
  
•  Interes>ng	
  type	
  of	
  property	
  
•  The	
  legal	
  world	
  is	
  not	
  ready	
  for	
  
•  Yet	
  harm	
  is	
  imaginable:	
  
– Deaths	
  of	
  dissidents	
  
– Algorithmic	
  discrimina>on	
  
– Tunneled	
  world	
  vision	
  
– Iden>ty	
  theWs	
  
– Cyber	
  bullying	
  	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
DEFINING	
  &	
  RECOGNIZING	
  DATA	
  
HARMS	
  
#2.	
  OWen	
  forgo[en	
  legisla>ve	
  challenges	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
US:	
  no	
  harm	
  no	
  standing?	
  
Source:	
  	
  
h[p://www.privacyandsecurityma[ers.com/2015/06/home-­‐depot-­‐moves-­‐to-­‐dismiss-­‐	
  
consumer-­‐data-­‐breach-­‐claims-­‐for-­‐lack-­‐of-­‐standing/	
  
&	
  h[p://www.informa>onisbeau>ful.net/visualiza>ons/worlds-­‐biggest-­‐data-­‐breaches-­‐hacks/	
  	
  	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
A	
  Global	
  Privacy	
  Perspec>ve	
  
US	
  &	
  UK	
   EU	
   ASIA	
  
Common	
  Law	
  (&	
  the	
  
evolu>on	
  of	
  
Standing)	
  
Con>nental	
  Law	
   Par>ally	
  
con>nental	
  
law	
  
influenced	
  
Class	
  ac>ons	
   Fines	
  by	
  DPAs:	
  Data	
  Protec>on	
  
Agencies;	
  Class	
  ac>ons	
  under	
  civil	
  law	
  
for	
  consumer	
  associa>ons	
  in	
  Germany?	
  
Amended	
   New	
  
Privacy	
   Personal	
  Data	
  Protec>on	
  (PDP)	
  
Business	
  focused	
   Ci>zen	
  focused:	
  data	
  belongs	
  to	
  the	
  
visitor/prospect/consumer/ci>zen	
  
Patchwork	
  of	
  sector	
  based	
  
legisla>ons:	
  HIPAA,	
  COPPA,	
  
VPPA,	
  …	
  can	
  be	
  state	
  level	
  
or	
  federal	
  
Over-­‐arching	
  EU	
  Direc>ves	
  &	
  
Regula>ons.	
  Direc>ves	
  are	
  locally	
  
transposed	
  (Cookie),	
  Regula>ons	
  are	
  
not:	
  one	
  rule	
  for	
  all!	
  
PII:	
  varies	
  per	
  US	
  state	
  
Geolocaliza>on?	
  
“Personal	
  Data”	
  =>	
  Risk	
  levels:	
  low,	
  
medium,	
  high,	
  extremely	
  high	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
PII:	
  ah	
  but	
  we	
  don’t	
  collect	
  it!	
  
Medical	
  informaZon	
  as	
  PII	
  
California	
  
Arkansas	
  
Missouri	
  
New	
  Hampshire	
  	
  
North	
  Dakota	
  
Texas	
  
Virginia	
  
Financial	
  informaZon	
  as	
  PII	
  
Alaska	
   North	
  Carolina	
  
Iowa	
   North	
  Dakota	
  
Kansas	
   Oregon	
  
Massachuse[s	
   South	
  Carolina	
  
Missouri	
   Vermont	
  
Nevada	
   Wisconsin	
  
New	
  York*	
   Wyoming	
  
Passwords	
  as	
  PII	
  
Georgia	
  
Maine	
  
Nebraska	
  
Biometric	
  informaZon	
  as	
  PII	
  
Iowa	
  
Nebraska	
  
North	
  Carolina	
  
Wisconsin	
  
Source:	
  informa>on	
  based	
  on	
  
current	
  con>nuous	
  monitoring	
  
(par>al	
  results)	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
1	
  legal	
  concept	
  to	
  rule	
  them	
  all	
  
FIPPs:	
  Fair	
  informa>on	
  Prac>ce	
  Principles	
  
1.  Transparency:	
  
No>ce/awareness	
  &	
  Purpose	
  =>	
  how	
  transparent?	
  
2.  Choice	
  
Consent	
  =>	
  opt-­‐in	
  or	
  opt-­‐out,	
  ex-­‐	
  or	
  implicit?	
  
3.  InformaZon	
  review	
  &	
  correcZon	
  
Access	
  &	
  par>cipa>on	
  in	
  (data)	
  accuracy	
  
4.  InformaZon	
  protecZon	
  
Data	
  integrity	
  &	
  security	
  
5.  Accountability	
  
Enforcement	
  and	
  redress:	
  	
  
i.  Self-­‐regula>on,	
  	
  
ii.  Private	
  remedies	
  through	
  civil	
  ac>ons	
  (Germany)	
  
iii.  Government	
  enforcement	
  (FTC,	
  European	
  Data	
  Protec>on	
  Agencies,	
  …)	
  
Transparency	
  
Choice	
  
InformaZon	
  
review	
  &	
  
correcZon	
  
InformaZon	
  
protecZon	
  
Accountability	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
COMPLIANCE	
  IS	
  A	
  RISK	
  EXERCISE	
  
#3.	
  Related	
  to	
  evolving	
  Privacy	
  legisla>on	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Low Risk
Medium Risk
(profiling)
High Risk
(sensitive)
R
i
s
k

L
e
v
e
l
Data type
Information Security Measures
Extremely High Risk
(profiling of sensitive data)
PII
PII	
  vs.	
  Risk	
  Levels	
  
Credit	
  scoring	
  Health	
  data	
  
OBA	
  
US:	
  if	
  then	
  exercises	
  
HIPAA	
  
FCRA	
  
Digital	
  exhaust	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
When	
  it	
  comes	
  to	
  risk:	
  3	
  op>ons	
  
I.	
  Denial:	
  nobody	
  
⇒ 	
  We	
  don’t	
  
collect	
  PII	
  
⇒ 	
  The	
  law	
  is	
  
unclear	
  
II.	
  Privacy	
  
professionals	
  /	
  
Legal	
  council	
  
⇒ 	
  Privacy	
  Impact	
  
Assessments	
  
PIAs	
  
III.	
  Others/
Engineering	
  
=>	
  Privacy	
  
Manifesto	
  in	
  
engineering	
  (Frog	
  
HBRwebinar	
  
about	
  consumer	
  
Trust)	
  	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
The	
  law	
  is	
  unclear	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Towards	
  a	
  data	
  value	
  exchange?	
  
Source:	
  
h[ps://hbr.org/2015/05/customer-­‐data-­‐designing-­‐for-­‐	
  
transparency-­‐and-­‐trust	
  	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
AnalyZcs	
  capabiliZes	
  
Customer	
  feelings	
  	
  
of	
  creepiness	
  
Harm?	
  
Data	
  quality?	
  
Data	
  tension	
  due	
  to	
  data	
  leeching	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
When	
  it	
  comes	
  to	
  risk:	
  3	
  op>ons	
  
I.	
  Denial:	
  nobody	
  
⇒ 	
  We	
  don’t	
  
collect	
  PII	
  
⇒ 	
  The	
  law	
  is	
  
unclear	
  
II.	
  Privacy	
  
professionals	
  /	
  
Legal	
  council	
  
⇒ 	
  Privacy	
  Impact	
  
Assessments	
  
PIAs	
  
III.	
  Others/
Engineering	
  
=>	
  Privacy	
  
Manifesto	
  in	
  
engineering	
  (Frog	
  
HBRwebinar	
  
about	
  consumer	
  
Trust)	
  	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Risk	
  calcula>ons:	
  PIAs	
  
•  Likelihood	
  of	
  occurrence	
  
–  Remote/possible/likely	
  
•  Severity:	
  low/medium/high	
  ($$$?)	
  
•  Risk	
  tolerance	
  
–  Avoid/assume/mi>gate/transfer	
  
•  Correc>ve	
  ac>ons	
  &	
  recommenda>ons	
  
•  Priori>za>on:	
  high/moderate/low	
  
•  Accountability	
  
–  System	
  admin/LC/Staff/IT	
  or	
  security	
  
?	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
PIA	
  examples	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Issues	
  with	
  PIAs	
  
•  OWen	
  a	
  list	
  of	
  ques>ons	
  for	
  a	
  new	
  project	
  
– Hopefully	
  not	
  on	
  paper!	
  
•  Some	
  kind	
  of	
  review	
  process	
  
•  Issues:	
  
– PIA	
  need	
  detec>on	
  
– Internal	
  enforcement	
  power?	
  Seriously!	
  
– Delays	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
UNDERSTAND	
  YOUR	
  LIABILITY	
  
WITHIN	
  THE	
  DATA	
  ECOSYSTEM	
  
#4.	
  Minimizing	
  Privacy	
  related	
  Risks?	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Privacy	
  Role	
  Playing	
  in	
  the	
  EU	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Rights	
  &	
  obliga>ons	
  
Roles	
  and	
  responsibili>es	
  
Data	
  controller	
  must:	
  
•  Process	
  legally	
  &	
  
fairly	
  
•  Collect	
  for	
  explicit	
  
&	
  legi>mate	
  
purposes	
  
•  Not	
  excessively	
  
•  Keep	
  data	
  accurate	
  
&	
  updated	
  
•  Allow	
  for	
  
rec>fica>on	
  
•  Respect	
  data	
  
reten>on	
  periods	
  
•  Protect	
  personal	
  
data,	
  appropriate	
  
to	
  the	
  type	
  of	
  data	
  
held	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Proposed	
  EU	
  GDPRegula>on	
  
Harmonised	
  
Rules	
  
• Higher	
  level	
  of	
  
data	
  protec>on	
  
• Single	
  law	
  (not	
  
for	
  employee	
  
data	
  processing)	
  
• One	
  Stop	
  Shop	
  
with	
  Lead	
  DPA,	
  
but	
  with	
  local	
  
DPA	
  redress	
  for	
  
individuals	
  
Wider	
  Scope	
  
• Controller	
  and	
  
Processor	
  
• Extraterritorial	
  
scope	
  to	
  foreign	
  
controller	
  
• Wider	
  defini>on	
  
of	
  personal	
  data	
  
and	
  sensi>ve	
  
data	
  
Increased	
  
Obliga>ons	
  
• DP	
  Principles	
  
>ghtened	
  
• Privacy	
  Impact	
  
Assessment	
  
(PIA)	
  
• Privacy	
  by	
  
Design	
  (PbD)	
  
• No>fy	
  breaches	
  
to	
  regulators	
  
and	
  invididuals	
  
• More	
  
obliga>ons	
  on	
  
processor	
  
• Accountability	
  
• Mandatory	
  Data	
  
Protec>on	
  
Officer	
  (DPO)	
  
Strengthened	
  
Rights	
  of	
  
Individuals	
  
• Right	
  to	
  be	
  
Forgo[en	
  
(RTBF)	
  
• Data	
  Portability	
  
• Object	
  to	
  
Profiling	
  
Increased	
  
Enforcement,	
  
Fines,	
  Liability	
  
• Regulatory	
  fines	
  
up	
  to	
  5%	
  of	
  
global	
  turnover	
  
• Individual	
  
Ac>on	
  
• Class	
  Ac>on	
  
• Criminal	
  
sanc>ons	
  
Slide	
  borrowed	
  from	
  Bojana	
  Bellamy’s	
  interven>on	
  at	
  NIST	
  December	
  2014,	
  available	
  at	
  h[p://www.nist.gov/itl/csd/global-­‐privacy-­‐perspec>ves-­‐lecture.cfm	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Privacy	
  by	
  Design	
  (PbD)	
  
7	
  founda>onal	
  principles:	
  
1.  Proac>ve	
  not	
  Reac>ve;	
  Preventa>ve	
  not	
  Remedial	
  
2.  Privacy	
  as	
  the	
  Default	
  Sewng	
  
3.  Privacy	
  Embedded	
  into	
  Design	
  
4.  Full	
  Func>onality	
  –	
  Posi>ve-­‐Sum,	
  not	
  Zero-­‐Sum	
  
5.  End-­‐to-­‐End	
  Security	
  –	
  Full	
  Lifecycle	
  Protec>on	
  
6.  Visibility	
  and	
  Transparency	
  –	
  Keep	
  it	
  Open	
  
7.  Respect	
  for	
  User	
  Privacy	
  –	
  Keep	
  it	
  User-­‐Centric	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
What	
  kind	
  of	
  company?	
  
Source:	
  h[p://www.slideshare.net/databeers/databeers-­‐20150129-­‐data-­‐superpowers-­‐marco-­‐bressan-­‐bbva-­‐da	
  	
  
Marc	
  Bressan,	
  BBVA,	
  DataBeers,	
  Madrid	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Privacy	
  &	
  	
  
mission	
  statements	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Consumer	
  data:	
  creepiness	
  &	
  Trust	
  
Transparency	
  &	
  educa>on	
  
	
  
	
  
	
  
	
  
	
  
Source:	
  
h[ps://hbr.org/2015/05/customer-­‐data-­‐designing-­‐for-­‐transparency-­‐and-­‐trust	
  	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Privacy	
  evolves	
  per	
  data	
  type	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Old	
  garbage	
  adages	
  s>ll	
  apply	
  
Add	
  customer	
  feelings	
  of	
  creepiness	
  
Keep	
  customer	
  	
  
expectaZons	
  	
  
in	
  check	
  
	
  
Unless	
  you	
  can	
  	
  
afford	
  
to	
  ignore	
  them!	
  
(Uber	
  Brussels)	
  
 	
  @aureliepols 	
   	
   	
   	
   	
   	
   	
  Athens,	
  June	
  17	
  
Aurélie	
  Pols	
  
aurelie@mindyourprivacy.com	
  	
  

More Related Content

What's hot

New Technologies in the Workplace: Privacy Issues
New Technologies in the Workplace: Privacy IssuesNew Technologies in the Workplace: Privacy Issues
New Technologies in the Workplace: Privacy Issueslgarib
 
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...FLUZO
 
Privacy and Data Protection CLE Presentation for Touro Law Center
Privacy and Data Protection CLE Presentation for Touro Law CenterPrivacy and Data Protection CLE Presentation for Touro Law Center
Privacy and Data Protection CLE Presentation for Touro Law CenterJonathan Ezor
 
Ethics In Information Technology
Ethics In Information TechnologyEthics In Information Technology
Ethics In Information Technologyjvonschilling
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyFLUZO
 
USLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationUSLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationArmstrong Teasdale
 
Big data privacy security regulation
 Big data privacy security regulation Big data privacy security regulation
Big data privacy security regulationcjw119
 
Legal, Ethical, Environmental, Economic and Social Implications
Legal, Ethical, Environmental, Economic and Social ImplicationsLegal, Ethical, Environmental, Economic and Social Implications
Legal, Ethical, Environmental, Economic and Social ImplicationsSabahtHussein
 
Governance compliance
Governance   complianceGovernance   compliance
Governance complianceAndy Petrella
 
N3275466 - Final Presentation Advance network (1)
N3275466 - Final Presentation  Advance network (1)N3275466 - Final Presentation  Advance network (1)
N3275466 - Final Presentation Advance network (1)Christopher Lisasi
 
Information system ethics
Information system ethicsInformation system ethics
Information system ethicsKriscila Yumul
 
Ethical issues and social issues related to systems upload
Ethical issues and social issues related to systems uploadEthical issues and social issues related to systems upload
Ethical issues and social issues related to systems uploadwaiforchi Wagiteerhh
 
HIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHealthCare Too, LLC
 
Presentation ncsl - mobile privacy enforcement 130502 (as presented)
Presentation   ncsl - mobile privacy enforcement 130502 (as presented)Presentation   ncsl - mobile privacy enforcement 130502 (as presented)
Presentation ncsl - mobile privacy enforcement 130502 (as presented)Jason Haislmaier
 

What's hot (18)

New Technologies in the Workplace: Privacy Issues
New Technologies in the Workplace: Privacy IssuesNew Technologies in the Workplace: Privacy Issues
New Technologies in the Workplace: Privacy Issues
 
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
 
Privacy and Data Protection CLE Presentation for Touro Law Center
Privacy and Data Protection CLE Presentation for Touro Law CenterPrivacy and Data Protection CLE Presentation for Touro Law Center
Privacy and Data Protection CLE Presentation for Touro Law Center
 
Ethics In Information Technology
Ethics In Information TechnologyEthics In Information Technology
Ethics In Information Technology
 
Social & Ethical Issues in Information Systems
Social & Ethical Issues in Information SystemsSocial & Ethical Issues in Information Systems
Social & Ethical Issues in Information Systems
 
AI and the Law
AI and the LawAI and the Law
AI and the Law
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
 
USLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationUSLFG Corporate & Securities Presentation
USLFG Corporate & Securities Presentation
 
Ethical Issues and Relevant Laws on Computing
Ethical Issues and Relevant Laws on ComputingEthical Issues and Relevant Laws on Computing
Ethical Issues and Relevant Laws on Computing
 
Internet of Things TCLG Oct 23 2014
Internet of Things TCLG Oct 23 2014Internet of Things TCLG Oct 23 2014
Internet of Things TCLG Oct 23 2014
 
Big data privacy security regulation
 Big data privacy security regulation Big data privacy security regulation
Big data privacy security regulation
 
Legal, Ethical, Environmental, Economic and Social Implications
Legal, Ethical, Environmental, Economic and Social ImplicationsLegal, Ethical, Environmental, Economic and Social Implications
Legal, Ethical, Environmental, Economic and Social Implications
 
Governance compliance
Governance   complianceGovernance   compliance
Governance compliance
 
N3275466 - Final Presentation Advance network (1)
N3275466 - Final Presentation  Advance network (1)N3275466 - Final Presentation  Advance network (1)
N3275466 - Final Presentation Advance network (1)
 
Information system ethics
Information system ethicsInformation system ethics
Information system ethics
 
Ethical issues and social issues related to systems upload
Ethical issues and social issues related to systems uploadEthical issues and social issues related to systems upload
Ethical issues and social issues related to systems upload
 
HIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach Overview
 
Presentation ncsl - mobile privacy enforcement 130502 (as presented)
Presentation   ncsl - mobile privacy enforcement 130502 (as presented)Presentation   ncsl - mobile privacy enforcement 130502 (as presented)
Presentation ncsl - mobile privacy enforcement 130502 (as presented)
 

Viewers also liked

Advantages of privacy by design in IoE
Advantages of privacy by design in IoEAdvantages of privacy by design in IoE
Advantages of privacy by design in IoEMarc Vael
 
EIC 2014 Oasis Workshop: Using XACML to implement Privacy by Design
EIC 2014   Oasis Workshop: Using XACML to implement Privacy by DesignEIC 2014   Oasis Workshop: Using XACML to implement Privacy by Design
EIC 2014 Oasis Workshop: Using XACML to implement Privacy by DesignDavid Brossard
 
Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Marlon Domingus
 
Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"Cathy Dwyer
 
Privacy by design
Privacy by designPrivacy by design
Privacy by designblogzilla
 
Privacy by design mock up kennisnet sxsw
Privacy by design mock up kennisnet sxswPrivacy by design mock up kennisnet sxsw
Privacy by design mock up kennisnet sxswKennisnet
 
Patient Confidentiality and the Social Network
Patient Confidentiality and the Social NetworkPatient Confidentiality and the Social Network
Patient Confidentiality and the Social NetworkIris Thiele Isip-Tan
 
Continuous Compliance 14.9.2016
Continuous Compliance 14.9.2016Continuous Compliance 14.9.2016
Continuous Compliance 14.9.2016Digia Plc
 

Viewers also liked (8)

Advantages of privacy by design in IoE
Advantages of privacy by design in IoEAdvantages of privacy by design in IoE
Advantages of privacy by design in IoE
 
EIC 2014 Oasis Workshop: Using XACML to implement Privacy by Design
EIC 2014   Oasis Workshop: Using XACML to implement Privacy by DesignEIC 2014   Oasis Workshop: Using XACML to implement Privacy by Design
EIC 2014 Oasis Workshop: Using XACML to implement Privacy by Design
 
Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.
 
Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 
Privacy by design mock up kennisnet sxsw
Privacy by design mock up kennisnet sxswPrivacy by design mock up kennisnet sxsw
Privacy by design mock up kennisnet sxsw
 
Patient Confidentiality and the Social Network
Patient Confidentiality and the Social NetworkPatient Confidentiality and the Social Network
Patient Confidentiality and the Social Network
 
Continuous Compliance 14.9.2016
Continuous Compliance 14.9.2016Continuous Compliance 14.9.2016
Continuous Compliance 14.9.2016
 

Similar to Get data without the creepiness factor, the privacy by design concept

Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?FLUZO
 
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...FLUZO
 
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...Localogy
 
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...FLUZO
 
Digital analytics & privacy: it's not the end of the world
Digital analytics & privacy: it's not the end of the worldDigital analytics & privacy: it's not the end of the world
Digital analytics & privacy: it's not the end of the worldOReillyStrata
 
Is Big Data killing Privacy? Nop, it's inducing a paradigm shift
Is Big Data killing Privacy? Nop, it's inducing a paradigm shiftIs Big Data killing Privacy? Nop, it's inducing a paradigm shift
Is Big Data killing Privacy? Nop, it's inducing a paradigm shiftAurélie Pols
 
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...Aurélie Pols
 
Privacy & Data Ethics
Privacy & Data EthicsPrivacy & Data Ethics
Privacy & Data EthicsErik Kokkonen
 
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
 eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ... eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...Aurélie Pols
 
Brussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceBrussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceAurélie Pols
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsDan Michaluk
 
Would You Lie to Your Physician? Establishing Privacy Compliance within your ...
Would You Lie to Your Physician? Establishing Privacy Compliance within your ...Would You Lie to Your Physician? Establishing Privacy Compliance within your ...
Would You Lie to Your Physician? Establishing Privacy Compliance within your ...Ensighten
 
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...emermell
 
"Small, n = me, data" - Deborah Estrin
"Small, n = me, data" - Deborah Estrin"Small, n = me, data" - Deborah Estrin
"Small, n = me, data" - Deborah EstrinTheGovLab
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentDonald E. Hester
 
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...Vivastream
 
What is the GDPR & What does it mean for YOUR business?
What is the GDPR & What does it mean for YOUR business?What is the GDPR & What does it mean for YOUR business?
What is the GDPR & What does it mean for YOUR business?Nexsen Pruet
 
The Privacy Law Landscape: Issues for the research community
The Privacy Law Landscape: Issues for the research communityThe Privacy Law Landscape: Issues for the research community
The Privacy Law Landscape: Issues for the research communityARDC
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Diana Maier
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for DummiesAtif Ghauri
 

Similar to Get data without the creepiness factor, the privacy by design concept (20)

Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?
 
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
 
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...
 
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...
 
Digital analytics & privacy: it's not the end of the world
Digital analytics & privacy: it's not the end of the worldDigital analytics & privacy: it's not the end of the world
Digital analytics & privacy: it's not the end of the world
 
Is Big Data killing Privacy? Nop, it's inducing a paradigm shift
Is Big Data killing Privacy? Nop, it's inducing a paradigm shiftIs Big Data killing Privacy? Nop, it's inducing a paradigm shift
Is Big Data killing Privacy? Nop, it's inducing a paradigm shift
 
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
 
Privacy & Data Ethics
Privacy & Data EthicsPrivacy & Data Ethics
Privacy & Data Ethics
 
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
 eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ... eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
 
Brussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceBrussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data Science
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analytics
 
Would You Lie to Your Physician? Establishing Privacy Compliance within your ...
Would You Lie to Your Physician? Establishing Privacy Compliance within your ...Would You Lie to Your Physician? Establishing Privacy Compliance within your ...
Would You Lie to Your Physician? Establishing Privacy Compliance within your ...
 
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...
Making ‘Big Data’ Your Ally – Using data analytics to improve compliance, due...
 
"Small, n = me, data" - Deborah Estrin
"Small, n = me, data" - Deborah Estrin"Small, n = me, data" - Deborah Estrin
"Small, n = me, data" - Deborah Estrin
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local Government
 
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
 
What is the GDPR & What does it mean for YOUR business?
What is the GDPR & What does it mean for YOUR business?What is the GDPR & What does it mean for YOUR business?
What is the GDPR & What does it mean for YOUR business?
 
The Privacy Law Landscape: Issues for the research community
The Privacy Law Landscape: Issues for the research communityThe Privacy Law Landscape: Issues for the research community
The Privacy Law Landscape: Issues for the research community
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
 

More from Aurélie Pols

Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie? Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie? Aurélie Pols
 
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...Aurélie Pols
 
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...Aurélie Pols
 
Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club Aurélie Pols
 
For Superweek 2022: discussing risk using IAB's TCF
For Superweek 2022: discussing risk using IAB's TCFFor Superweek 2022: discussing risk using IAB's TCF
For Superweek 2022: discussing risk using IAB's TCFAurélie Pols
 
Interoperability in Digital will take a Global Village
Interoperability in Digital will take a Global VillageInteroperability in Digital will take a Global Village
Interoperability in Digital will take a Global VillageAurélie Pols
 
The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?Aurélie Pols
 
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...Aurélie Pols
 
GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?Aurélie Pols
 
Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)Aurélie Pols
 
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...Aurélie Pols
 
How digitization challenges our values as citizens
How digitization challenges our values as citizens How digitization challenges our values as citizens
How digitization challenges our values as citizens Aurélie Pols
 
Technical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's RightsTechnical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's RightsAurélie Pols
 
From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?Aurélie Pols
 
State of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for SuperweekState of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for SuperweekAurélie Pols
 
The Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - KeynoteThe Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - KeynoteAurélie Pols
 
The Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataDataThe Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataDataAurélie Pols
 
Sibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital EthicsSibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital EthicsAurélie Pols
 
Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?Aurélie Pols
 
Multi-tasking teams within cyber security departments
Multi-tasking teams within cyber security departmentsMulti-tasking teams within cyber security departments
Multi-tasking teams within cyber security departmentsAurélie Pols
 

More from Aurélie Pols (20)

Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie? Creative destruction & Privacy Whitewashing: where does risk lie?
Creative destruction & Privacy Whitewashing: where does risk lie?
 
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...
 
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
IAPP - Skills For Minimizing Privacy Risk in Data Science Product and Service...
 
Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club Women in STEM for IE Girl Up Club
Women in STEM for IE Girl Up Club
 
For Superweek 2022: discussing risk using IAB's TCF
For Superweek 2022: discussing risk using IAB's TCFFor Superweek 2022: discussing risk using IAB's TCF
For Superweek 2022: discussing risk using IAB's TCF
 
Interoperability in Digital will take a Global Village
Interoperability in Digital will take a Global VillageInteroperability in Digital will take a Global Village
Interoperability in Digital will take a Global Village
 
The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?The GDPR is here. So do you know what the courts are saying?
The GDPR is here. So do you know what the courts are saying?
 
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...
 
GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?GDPR and the aftermath: what are we building towards?
GDPR and the aftermath: what are we building towards?
 
Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)Who Goes There? Demystifying Digital Identity for All (1/2)
Who Goes There? Demystifying Digital Identity for All (1/2)
 
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
Data is the new infrastructure, Privacy is the new green, Trust is the new cu...
 
How digitization challenges our values as citizens
How digitization challenges our values as citizens How digitization challenges our values as citizens
How digitization challenges our values as citizens
 
Technical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's RightsTechnical Consequences of the Data Subject's Rights
Technical Consequences of the Data Subject's Rights
 
From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?From GDPR to ePrivacy: what does it mean to the advertising sector?
From GDPR to ePrivacy: what does it mean to the advertising sector?
 
State of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for SuperweekState of EU legislation: GDPR & ePrivacy for Superweek
State of EU legislation: GDPR & ePrivacy for Superweek
 
The Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - KeynoteThe Great GDPR MyData Debate - Aurelie Pols - Keynote
The Great GDPR MyData Debate - Aurelie Pols - Keynote
 
The Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataDataThe Data Subject First? Decoding the GDPR at StrataData
The Data Subject First? Decoding the GDPR at StrataData
 
Sibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital EthicsSibos INNOTRIBE Digital Ethics
Sibos INNOTRIBE Digital Ethics
 
Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?Superweek 2016 Would You Lie to Your Physician?
Superweek 2016 Would You Lie to Your Physician?
 
Multi-tasking teams within cyber security departments
Multi-tasking teams within cyber security departmentsMulti-tasking teams within cyber security departments
Multi-tasking teams within cyber security departments
 

Recently uploaded

CI, CD -Tools to integrate without manual intervention
CI, CD -Tools to integrate without manual interventionCI, CD -Tools to integrate without manual intervention
CI, CD -Tools to integrate without manual interventionajayrajaganeshkayala
 
Elements of language learning - an analysis of how different elements of lang...
Elements of language learning - an analysis of how different elements of lang...Elements of language learning - an analysis of how different elements of lang...
Elements of language learning - an analysis of how different elements of lang...PrithaVashisht1
 
Virtuosoft SmartSync Product Introduction
Virtuosoft SmartSync Product IntroductionVirtuosoft SmartSync Product Introduction
Virtuosoft SmartSync Product Introductionsanjaymuralee1
 
The Universal GTM - how we design GTM and dataLayer
The Universal GTM - how we design GTM and dataLayerThe Universal GTM - how we design GTM and dataLayer
The Universal GTM - how we design GTM and dataLayerPavel Šabatka
 
5 Ds to Define Data Archiving Best Practices
5 Ds to Define Data Archiving Best Practices5 Ds to Define Data Archiving Best Practices
5 Ds to Define Data Archiving Best PracticesDataArchiva
 
Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity
Strategic CX: A Deep Dive into Voice of the Customer Insights for ClarityStrategic CX: A Deep Dive into Voice of the Customer Insights for Clarity
Strategic CX: A Deep Dive into Voice of the Customer Insights for ClarityAggregage
 
Master's Thesis - Data Science - Presentation
Master's Thesis - Data Science - PresentationMaster's Thesis - Data Science - Presentation
Master's Thesis - Data Science - PresentationGiorgio Carbone
 
How is Real-Time Analytics Different from Traditional OLAP?
How is Real-Time Analytics Different from Traditional OLAP?How is Real-Time Analytics Different from Traditional OLAP?
How is Real-Time Analytics Different from Traditional OLAP?sonikadigital1
 
Persuasive E-commerce, Our Biased Brain @ Bikkeldag 2024
Persuasive E-commerce, Our Biased Brain @ Bikkeldag 2024Persuasive E-commerce, Our Biased Brain @ Bikkeldag 2024
Persuasive E-commerce, Our Biased Brain @ Bikkeldag 2024Guido X Jansen
 
ChistaDATA Real-Time DATA Analytics Infrastructure
ChistaDATA Real-Time DATA Analytics InfrastructureChistaDATA Real-Time DATA Analytics Infrastructure
ChistaDATA Real-Time DATA Analytics Infrastructuresonikadigital1
 
AI for Sustainable Development Goals (SDGs)
AI for Sustainable Development Goals (SDGs)AI for Sustainable Development Goals (SDGs)
AI for Sustainable Development Goals (SDGs)Data & Analytics Magazin
 
YourView Panel Book.pptx YourView Panel Book.
YourView Panel Book.pptx YourView Panel Book.YourView Panel Book.pptx YourView Panel Book.
YourView Panel Book.pptx YourView Panel Book.JasonViviers2
 
Cash Is Still King: ATM market research '2023
Cash Is Still King: ATM market research '2023Cash Is Still King: ATM market research '2023
Cash Is Still King: ATM market research '2023Vladislav Solodkiy
 
SFBA Splunk Usergroup meeting March 13, 2024
SFBA Splunk Usergroup meeting March 13, 2024SFBA Splunk Usergroup meeting March 13, 2024
SFBA Splunk Usergroup meeting March 13, 2024Becky Burwell
 
TINJUAN PEMROSESAN TRANSAKSI DAN ERP.pptx
TINJUAN PEMROSESAN TRANSAKSI DAN ERP.pptxTINJUAN PEMROSESAN TRANSAKSI DAN ERP.pptx
TINJUAN PEMROSESAN TRANSAKSI DAN ERP.pptxDwiAyuSitiHartinah
 
MEASURES OF DISPERSION I BSc Botany .ppt
MEASURES OF DISPERSION I BSc Botany .pptMEASURES OF DISPERSION I BSc Botany .ppt
MEASURES OF DISPERSION I BSc Botany .pptaigil2
 
Mapping the pubmed data under different suptopics using NLP.pptx
Mapping the pubmed data under different suptopics using NLP.pptxMapping the pubmed data under different suptopics using NLP.pptx
Mapping the pubmed data under different suptopics using NLP.pptxVenkatasubramani13
 

Recently uploaded (17)

CI, CD -Tools to integrate without manual intervention
CI, CD -Tools to integrate without manual interventionCI, CD -Tools to integrate without manual intervention
CI, CD -Tools to integrate without manual intervention
 
Elements of language learning - an analysis of how different elements of lang...
Elements of language learning - an analysis of how different elements of lang...Elements of language learning - an analysis of how different elements of lang...
Elements of language learning - an analysis of how different elements of lang...
 
Virtuosoft SmartSync Product Introduction
Virtuosoft SmartSync Product IntroductionVirtuosoft SmartSync Product Introduction
Virtuosoft SmartSync Product Introduction
 
The Universal GTM - how we design GTM and dataLayer
The Universal GTM - how we design GTM and dataLayerThe Universal GTM - how we design GTM and dataLayer
The Universal GTM - how we design GTM and dataLayer
 
5 Ds to Define Data Archiving Best Practices
5 Ds to Define Data Archiving Best Practices5 Ds to Define Data Archiving Best Practices
5 Ds to Define Data Archiving Best Practices
 
Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity
Strategic CX: A Deep Dive into Voice of the Customer Insights for ClarityStrategic CX: A Deep Dive into Voice of the Customer Insights for Clarity
Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity
 
Master's Thesis - Data Science - Presentation
Master's Thesis - Data Science - PresentationMaster's Thesis - Data Science - Presentation
Master's Thesis - Data Science - Presentation
 
How is Real-Time Analytics Different from Traditional OLAP?
How is Real-Time Analytics Different from Traditional OLAP?How is Real-Time Analytics Different from Traditional OLAP?
How is Real-Time Analytics Different from Traditional OLAP?
 
Persuasive E-commerce, Our Biased Brain @ Bikkeldag 2024
Persuasive E-commerce, Our Biased Brain @ Bikkeldag 2024Persuasive E-commerce, Our Biased Brain @ Bikkeldag 2024
Persuasive E-commerce, Our Biased Brain @ Bikkeldag 2024
 
ChistaDATA Real-Time DATA Analytics Infrastructure
ChistaDATA Real-Time DATA Analytics InfrastructureChistaDATA Real-Time DATA Analytics Infrastructure
ChistaDATA Real-Time DATA Analytics Infrastructure
 
AI for Sustainable Development Goals (SDGs)
AI for Sustainable Development Goals (SDGs)AI for Sustainable Development Goals (SDGs)
AI for Sustainable Development Goals (SDGs)
 
YourView Panel Book.pptx YourView Panel Book.
YourView Panel Book.pptx YourView Panel Book.YourView Panel Book.pptx YourView Panel Book.
YourView Panel Book.pptx YourView Panel Book.
 
Cash Is Still King: ATM market research '2023
Cash Is Still King: ATM market research '2023Cash Is Still King: ATM market research '2023
Cash Is Still King: ATM market research '2023
 
SFBA Splunk Usergroup meeting March 13, 2024
SFBA Splunk Usergroup meeting March 13, 2024SFBA Splunk Usergroup meeting March 13, 2024
SFBA Splunk Usergroup meeting March 13, 2024
 
TINJUAN PEMROSESAN TRANSAKSI DAN ERP.pptx
TINJUAN PEMROSESAN TRANSAKSI DAN ERP.pptxTINJUAN PEMROSESAN TRANSAKSI DAN ERP.pptx
TINJUAN PEMROSESAN TRANSAKSI DAN ERP.pptx
 
MEASURES OF DISPERSION I BSc Botany .ppt
MEASURES OF DISPERSION I BSc Botany .pptMEASURES OF DISPERSION I BSc Botany .ppt
MEASURES OF DISPERSION I BSc Botany .ppt
 
Mapping the pubmed data under different suptopics using NLP.pptx
Mapping the pubmed data under different suptopics using NLP.pptxMapping the pubmed data under different suptopics using NLP.pptx
Mapping the pubmed data under different suptopics using NLP.pptx
 

Get data without the creepiness factor, the privacy by design concept

  • 1.    @aureliepols              Athens,  June  17   Get  Data  without  the  ‘Creepiness’  factor:   The  Privacy  by  Design  concept   Aurélie Pols Mind Your Privacy MyPermissions
  • 2.    @aureliepols              Athens,  June  17   The  future  of  Customer  Centricity?              2  fundamental  ques>ons:   1.  How  far  is  too  far  (for  data  use  &  transparency)?   2.  Who  will  decide  (what  is  acceptable)?  
  • 3.    @aureliepols              Athens,  June  17   4  DATA  PRIVACY  STATEMENTS  
  • 4.    @aureliepols              Athens,  June  17   Data  =  New  Asset  Class   •  Economic  asset:     – if  it’s  worth  something,   who  owns  it?   •  Ownership  means   property:   – Property  law,  contract   law,  etc.   •  But   Personal Data: The Emergence of a New Asset Class
  • 5.    @aureliepols              Athens,  June  17   DATA  IS  INFINITELY  TRANSFERABLE   WITHOUT  DECAY   #1.  The  specifics  of  Data  as  an  Economic  Asset  
  • 6.    @aureliepols              Athens,  June  17   Familiar  property  types   •  House,  mortgage  &   cadaster   •  A  car  looses  50%  of  it’s   value  the  day  aWer  the   purchase   •  But  data?  What  is  it  really?   HYPOTEK   Fas>ghetsregistret  
  • 7.    @aureliepols              Athens,  June  17   Infinitely  transferable  without  decay   •  Interes>ng  type  of  property   •  The  legal  world  is  not  ready  for   •  Yet  harm  is  imaginable:   – Deaths  of  dissidents   – Algorithmic  discrimina>on   – Tunneled  world  vision   – Iden>ty  theWs   – Cyber  bullying    
  • 8.    @aureliepols              Athens,  June  17   DEFINING  &  RECOGNIZING  DATA   HARMS   #2.  OWen  forgo[en  legisla>ve  challenges  
  • 9.    @aureliepols              Athens,  June  17   US:  no  harm  no  standing?   Source:     h[p://www.privacyandsecurityma[ers.com/2015/06/home-­‐depot-­‐moves-­‐to-­‐dismiss-­‐   consumer-­‐data-­‐breach-­‐claims-­‐for-­‐lack-­‐of-­‐standing/   &  h[p://www.informa>onisbeau>ful.net/visualiza>ons/worlds-­‐biggest-­‐data-­‐breaches-­‐hacks/      
  • 10.    @aureliepols              Athens,  June  17   A  Global  Privacy  Perspec>ve   US  &  UK   EU   ASIA   Common  Law  (&  the   evolu>on  of   Standing)   Con>nental  Law   Par>ally   con>nental   law   influenced   Class  ac>ons   Fines  by  DPAs:  Data  Protec>on   Agencies;  Class  ac>ons  under  civil  law   for  consumer  associa>ons  in  Germany?   Amended   New   Privacy   Personal  Data  Protec>on  (PDP)   Business  focused   Ci>zen  focused:  data  belongs  to  the   visitor/prospect/consumer/ci>zen   Patchwork  of  sector  based   legisla>ons:  HIPAA,  COPPA,   VPPA,  …  can  be  state  level   or  federal   Over-­‐arching  EU  Direc>ves  &   Regula>ons.  Direc>ves  are  locally   transposed  (Cookie),  Regula>ons  are   not:  one  rule  for  all!   PII:  varies  per  US  state   Geolocaliza>on?   “Personal  Data”  =>  Risk  levels:  low,   medium,  high,  extremely  high  
  • 11.    @aureliepols              Athens,  June  17   PII:  ah  but  we  don’t  collect  it!   Medical  informaZon  as  PII   California   Arkansas   Missouri   New  Hampshire     North  Dakota   Texas   Virginia   Financial  informaZon  as  PII   Alaska   North  Carolina   Iowa   North  Dakota   Kansas   Oregon   Massachuse[s   South  Carolina   Missouri   Vermont   Nevada   Wisconsin   New  York*   Wyoming   Passwords  as  PII   Georgia   Maine   Nebraska   Biometric  informaZon  as  PII   Iowa   Nebraska   North  Carolina   Wisconsin   Source:  informa>on  based  on   current  con>nuous  monitoring   (par>al  results)  
  • 12.    @aureliepols              Athens,  June  17   1  legal  concept  to  rule  them  all   FIPPs:  Fair  informa>on  Prac>ce  Principles   1.  Transparency:   No>ce/awareness  &  Purpose  =>  how  transparent?   2.  Choice   Consent  =>  opt-­‐in  or  opt-­‐out,  ex-­‐  or  implicit?   3.  InformaZon  review  &  correcZon   Access  &  par>cipa>on  in  (data)  accuracy   4.  InformaZon  protecZon   Data  integrity  &  security   5.  Accountability   Enforcement  and  redress:     i.  Self-­‐regula>on,     ii.  Private  remedies  through  civil  ac>ons  (Germany)   iii.  Government  enforcement  (FTC,  European  Data  Protec>on  Agencies,  …)   Transparency   Choice   InformaZon   review  &   correcZon   InformaZon   protecZon   Accountability  
  • 13.    @aureliepols              Athens,  June  17   COMPLIANCE  IS  A  RISK  EXERCISE   #3.  Related  to  evolving  Privacy  legisla>on  
  • 14.    @aureliepols              Athens,  June  17   Low Risk Medium Risk (profiling) High Risk (sensitive) R i s k L e v e l Data type Information Security Measures Extremely High Risk (profiling of sensitive data) PII PII  vs.  Risk  Levels   Credit  scoring  Health  data   OBA   US:  if  then  exercises   HIPAA   FCRA   Digital  exhaust  
  • 15.    @aureliepols              Athens,  June  17   When  it  comes  to  risk:  3  op>ons   I.  Denial:  nobody   ⇒   We  don’t   collect  PII   ⇒   The  law  is   unclear   II.  Privacy   professionals  /   Legal  council   ⇒   Privacy  Impact   Assessments   PIAs   III.  Others/ Engineering   =>  Privacy   Manifesto  in   engineering  (Frog   HBRwebinar   about  consumer   Trust)    
  • 16.    @aureliepols              Athens,  June  17   The  law  is  unclear  
  • 17.    @aureliepols              Athens,  June  17   Towards  a  data  value  exchange?   Source:   h[ps://hbr.org/2015/05/customer-­‐data-­‐designing-­‐for-­‐   transparency-­‐and-­‐trust    
  • 18.    @aureliepols              Athens,  June  17   AnalyZcs  capabiliZes   Customer  feelings     of  creepiness   Harm?   Data  quality?   Data  tension  due  to  data  leeching  
  • 19.    @aureliepols              Athens,  June  17   When  it  comes  to  risk:  3  op>ons   I.  Denial:  nobody   ⇒   We  don’t   collect  PII   ⇒   The  law  is   unclear   II.  Privacy   professionals  /   Legal  council   ⇒   Privacy  Impact   Assessments   PIAs   III.  Others/ Engineering   =>  Privacy   Manifesto  in   engineering  (Frog   HBRwebinar   about  consumer   Trust)    
  • 20.    @aureliepols              Athens,  June  17   Risk  calcula>ons:  PIAs   •  Likelihood  of  occurrence   –  Remote/possible/likely   •  Severity:  low/medium/high  ($$$?)   •  Risk  tolerance   –  Avoid/assume/mi>gate/transfer   •  Correc>ve  ac>ons  &  recommenda>ons   •  Priori>za>on:  high/moderate/low   •  Accountability   –  System  admin/LC/Staff/IT  or  security   ?  
  • 21.    @aureliepols              Athens,  June  17   PIA  examples  
  • 22.    @aureliepols              Athens,  June  17   Issues  with  PIAs   •  OWen  a  list  of  ques>ons  for  a  new  project   – Hopefully  not  on  paper!   •  Some  kind  of  review  process   •  Issues:   – PIA  need  detec>on   – Internal  enforcement  power?  Seriously!   – Delays  
  • 23.    @aureliepols              Athens,  June  17   UNDERSTAND  YOUR  LIABILITY   WITHIN  THE  DATA  ECOSYSTEM   #4.  Minimizing  Privacy  related  Risks?  
  • 24.    @aureliepols              Athens,  June  17   Privacy  Role  Playing  in  the  EU  
  • 25.    @aureliepols              Athens,  June  17   Rights  &  obliga>ons   Roles  and  responsibili>es   Data  controller  must:   •  Process  legally  &   fairly   •  Collect  for  explicit   &  legi>mate   purposes   •  Not  excessively   •  Keep  data  accurate   &  updated   •  Allow  for   rec>fica>on   •  Respect  data   reten>on  periods   •  Protect  personal   data,  appropriate   to  the  type  of  data   held  
  • 26.    @aureliepols              Athens,  June  17   Proposed  EU  GDPRegula>on   Harmonised   Rules   • Higher  level  of   data  protec>on   • Single  law  (not   for  employee   data  processing)   • One  Stop  Shop   with  Lead  DPA,   but  with  local   DPA  redress  for   individuals   Wider  Scope   • Controller  and   Processor   • Extraterritorial   scope  to  foreign   controller   • Wider  defini>on   of  personal  data   and  sensi>ve   data   Increased   Obliga>ons   • DP  Principles   >ghtened   • Privacy  Impact   Assessment   (PIA)   • Privacy  by   Design  (PbD)   • No>fy  breaches   to  regulators   and  invididuals   • More   obliga>ons  on   processor   • Accountability   • Mandatory  Data   Protec>on   Officer  (DPO)   Strengthened   Rights  of   Individuals   • Right  to  be   Forgo[en   (RTBF)   • Data  Portability   • Object  to   Profiling   Increased   Enforcement,   Fines,  Liability   • Regulatory  fines   up  to  5%  of   global  turnover   • Individual   Ac>on   • Class  Ac>on   • Criminal   sanc>ons   Slide  borrowed  from  Bojana  Bellamy’s  interven>on  at  NIST  December  2014,  available  at  h[p://www.nist.gov/itl/csd/global-­‐privacy-­‐perspec>ves-­‐lecture.cfm  
  • 27.    @aureliepols              Athens,  June  17   Privacy  by  Design  (PbD)   7  founda>onal  principles:   1.  Proac>ve  not  Reac>ve;  Preventa>ve  not  Remedial   2.  Privacy  as  the  Default  Sewng   3.  Privacy  Embedded  into  Design   4.  Full  Func>onality  –  Posi>ve-­‐Sum,  not  Zero-­‐Sum   5.  End-­‐to-­‐End  Security  –  Full  Lifecycle  Protec>on   6.  Visibility  and  Transparency  –  Keep  it  Open   7.  Respect  for  User  Privacy  –  Keep  it  User-­‐Centric  
  • 28.    @aureliepols              Athens,  June  17   What  kind  of  company?   Source:  h[p://www.slideshare.net/databeers/databeers-­‐20150129-­‐data-­‐superpowers-­‐marco-­‐bressan-­‐bbva-­‐da     Marc  Bressan,  BBVA,  DataBeers,  Madrid  
  • 29.    @aureliepols              Athens,  June  17   Privacy  &     mission  statements  
  • 30.    @aureliepols              Athens,  June  17   Consumer  data:  creepiness  &  Trust   Transparency  &  educa>on             Source:   h[ps://hbr.org/2015/05/customer-­‐data-­‐designing-­‐for-­‐transparency-­‐and-­‐trust    
  • 31.    @aureliepols              Athens,  June  17   Privacy  evolves  per  data  type  
  • 32.    @aureliepols              Athens,  June  17   Old  garbage  adages  s>ll  apply   Add  customer  feelings  of  creepiness   Keep  customer     expectaZons     in  check     Unless  you  can     afford   to  ignore  them!   (Uber  Brussels)  
  • 33.    @aureliepols              Athens,  June  17   Aurélie  Pols   aurelie@mindyourprivacy.com