Liability and Privacy Issues in Business
|
|
- Chester Parsons
- 3 years ago
- Views:
Transcription
1 1 Interactions between law and computer science: privacy and liability Daniel Le Métayer
2 2 Multidisciplinary approach Growing intermingling of legal and technological issues: privacy, DRM, liability, electronic contracts, forensics, e-justice, etc. Complex issues which cannot be treated exclusively by legal or technological means Need for a true multidisciplinary research approach LICIT action: Legal Issues in Communication and Information Technologies
3 3 In this talk: Focus on privacy issues A word on ongoing work on liability issues
4 Privacy: new issues raised by new technologies 4 - Multiplicity of actors (pairs) Data controllers can be any individual - New forms of personal data (geographical, physical, etc.) and multiplicity of exchanges of tiny pieces of (harmless looking) data Virtually any data can be considered as potentially personal - Invisible devices and interactions (anywhere, anytime) Unambiguous consent of the data subject impossible to implement on a case by case basis
5 5 Why not computer assisted consent? Philosophy: increased automation from the invasion side, why not also using automation to improve the position of the defense?
6 6 PRIAM Architecture Subject Agent Controller Agent Auditor Agent
7 7 Legal requirements - Consent should be free, specific, informed and unambiguous - Mistakes can make the consent null and void - Consent is a unilateral act rather than a contract between the subject and the controller
8 8 Our proposal 1. Global architecture (actors and responsibilities) 2. Restricted natural language for declarations (SIMPL) 3. Formal model based on execution traces 4. Translation of declarations (consent of the subject and declaration of the controller) into the formal model 5. Link between the formal model and software agent implementations NB: links with the formal models are necessarily partial (some aspects are not amenable to logic and need to be checked manually)
9 Formal model as a link between technology and law 9 Refinement Formal Model Correspondence Implementation Natural language Proof of properties
10 10 SIMPL : a SIMple Privacy Language - Pattern-based language used to define disclosure policies (Subject) and collection policies (Controller) - The interface of the Software Agent provides a way for the user to define his privacy policy (disclosure or collection) and displays the policy to the user before signature (e.g. validation using a PIN) - NB: proof of concept language rather than definite solution
11 11 SIMple Grammar (excerpt for Subjects) Consent I consent to disclose data of category Category to a third party only if Condition-D Condition-D Party-OK [and State-OK] State-OK Var is [less than more than] Val [and State-OK] Category String Var String Val String Purposes List Categories List
12 12 SIMple Grammar Party-OK this third party has provided the following pieces of information pursuant to this disclosure of data: 1. His identity [with certificate from Privacy Certification Authority in List] [and such identity belongs to List.] 2. His verification level [with certificate from Privacy Certification Authority in List] [and such verification level is at least Number (see definitions below).] 3.
13 13 SIMple Grammar 3. His privacy policy with respect to this category of data and this policy includes the following commitments : Use only this data for the following purpose(s): Purposes. [Delete this data within a delay of Number Unit.] [Not transfer or disclose this data to any other third party. Transfer this data always accompanied with the present privacy and only to third parties ] [Ensure that any Valid Request from my side to access, erase or modify such data will be satisfied [within a delay of Number Unit.]]
14 14 Formal Model Semantics of a Software Agent : set of pairs of compliant execution traces : - State trace S 1,, S n - Event trace E 1,, E n State: Variables Values Variables include : - Private data space: MyData (function of type Categories Values) - Imported data space: MyImport (function of type (Identities, Categories) (Times, Values, Sticky-policies)) - Context variables: MyTime, MyLoc (localization), etc. - Policy parameters: MyDPolicy, MyCPolicy, MyIdentity, MyLevel, MyDelay, etc. Event: internal or external
15 15 Examples of Subject Agent events Disclosure-request (Identity 1, Identity 2, Category, Verification, Commitments) Disclosure-refusal (Identity 1, Identity 2, Category) Data-disclosure (Identity 1, Identity 2, Category, Value, Data-policy) Access-request (Identity 1, Identity 2, Category) Access-reply (Identity 1, Identity 2, Category, Value) Deletion-request (Identity 1, Identity 2, Category)
16 16 Compliance properties for Subject Agents Data Disclosure: i, E i = Data-disclosure(Id 1, Id 2, Ca, Va, Po) j < i, E j = Disclosure-request (Id 2, Id 1, Ca, Ve 2, Co 2 ) and k, j < k < i E k Data-disclosure(Id 1, Id 2, Ca, *, *) and S i (MyIdentity) = Id 1 and S i (MyData)(Ca) = Va and S i (MyDPolicy)(Ca) = Po = (Id, Ve, Co 2, Cx) and Id 2 Id and Ve 2 Ve and S i Cx
17 17 Global semantics Global semantics of a system: compliant sets of pairs of (event and state) execution traces Local compliance properties of each execution trace (as defined before for each agent) Global compliance property: each external event in an event execution trace matches with the same event in another event execution trace
18 18 Global correctness properties Authorization to keep personal data: If the value of a subject is in the data space of a controller with identity Id, then this value is associated with a sticky policy P and the subject has defined at some stage a privacy policy allowing a controller with this identity to receive this data with this sticky policy P. Σ compliant set of traces (E, S) Σ and i, S i (MyImport)(Id 2,Ca) = (*, *, Po) (E, S ) Σ, j, S j (MyIdentity) = Id 2 and S j (MyDPolicy)(Ca) = Po = (Id, *, *, *) and S i (MyIdentity) Id
19 19 Verification of global compliance properties Modular framework: Global correctness properties can be derived from compliance properties Proof structure: by recurrence on the length of execution traces
20 20 Additional verifications Non emptiness: Detection of empty disclosure or collection policies (warning) Legal compliance: Consistency between authorized purposes, categories, retention delays No disclosure of sensitive data without previous (interaction based) acceptance from the subject
21 21 Back to the legal analysis Consent should be - Unambiguous: simple natural language with a well defined mathematical semantics - Specific: hierarchies of categories, of purposes, context, time - Free: separation of issues - Informed: once for all definition of the privacy policy, possibly with legal counsel To reduce the risk of error, combination of - A priori verifications (static and dynamic): prevention and enforcement - A posteriori verifications: deterrence
22 22 Global architecture - Commitments of the Controllers: - Use the Software Agents faithfully (no access to personal data other than through the Software Agent, no execution traces tampering, etc.) - Ensure compliance with his declarations - Ensure the security of personal data - Roles and commitments of the Software Agent Providers : - Deliver and warrant Software Agents (consistency with Formal Model) through an agreement with their customer (Subject or Controller) - Possibly: submit Software Agents for certification - Roles of the Personal Data Authority (optional) : - Certify the meaning of the natural language for declarations - Certify specific Software Agents or approve independent evaluation centers for the certification of Software Agents
23 23 Further work Privacy: - Towards a privacy certification process (inspiration from the Common Criteria for IT security) - Privacy in organizations (ANR FLUOR) - Further legal issues: new notion of personal data (data mining, profiles, etc), focus on use of data rather than its collection: transparency, non discrimination Beyond privacy: Formal model of software liability (ANR LISE) More than ever: Strong interactions between technical and legal issues
24 24 Formal model of software liability Motivations: - The development and exploitation of IT systems involve many different actors (providers, operators, users, etc.) - The commitments of the respective parties and associated liabilities are more and more complex to define and become the source of legal uncertainties - Stakes can be high and liability issues are crucial for business actors Objectives: Provide a technical and legal framework allowing the parties : - to define liabilities in a precise and unambiguous way and - to establish such liabilities in case of claim
25 25 The LISE Framework Technical issues: - Definition of expected properties of software components - Systematic derivation of the set of errors (negation, mutation) - Definition of the set of claims covered by the agreement (discrepancies between the views of different actors) - Definition of the liability function : Liability : Claims x Logs x P(Externals) P (Parties) - Implementation of the log infrastructure and log analyser Link with the legal framework: - Compatibility with regulations and case law (liability disclaimers, consumer rights, validity of digital evidence, etc.) - Tight integration of the technical and legal parts of the agreement - Iterative process
26 26 Partners PRIAM: Privacy issues in ambient intelligence (ARC INRIA, ) INRIA (ACES, AMAZONES, LICIT), Faculté de droit de Saint-Etienne, Université de Twente LISE: Liability issues in software engineering : (ANR, ) INRIA (AMAZONES, LICIT), Faculté de droit de Versailles Saint-Quentin, Faculté de droit de Caen, VERIMAG, SUPELEC FLUOR: Contrôle de flux et d usage dans les organisations (ANR, ) ENSTB, CNRS (IODE), INRIA (LICIT), LIUPPA (Université de Pau), SWID, Université de le Polynésie Française
Log Design for Accountability
Log Design for Accountability Denis Butin, Marcos Chicote and Daniel Le Métayer 1 / 18 Background Need for Accountability 2 / 18 Context Background Need for Accountability Data subjects share more & more
More informationA Secure Autonomous Document Architecture for Enterprise Digital Right Management
A Secure Autonomous Document Architecture for Enterprise Digital Right Management Manuel Munier LIUPPA Université de Pau et des Pays de l Adour Mont de Marsan, France manuel.munier@univ-pau.fr SITIS 2011
More informationAccountability by Design for Privacy
Accountability by Design for Privacy Denis Butin, Marcos Chicote and Daniel Le Métayer 1 / 17 Introduction ICT growth adds to concern about sensitive data use Individuals share more & more PII Stronger
More informationMorrisville State College Web Environment Privacy Policy
Morrisville State College Web Environment Privacy Policy Thank you for visiting the Morrisville State College web environment (herein known as the MSC web environment). The MSC web environment constitutes
More informationSelf-Protecting Documents for Cloud Storage Security
Self-Protecting Documents for Cloud Storage Security Manuel Munier 1 Vincent Lalanne 1 Magali Ricarde 2 1 LIUPPA 2 BackPlan Univ Pau & Pays Adour Project Communication Control Mont de Marsan, France Pau,
More informationComments and proposals on the Chapter IV of the General Data Protection Regulation
Comments and proposals on the Chapter IV of the General Data Protection Regulation Ahead of the trialogue negotiations later this month, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International
More informationData Protection: From PKI to Virtualization & Cloud
Data Protection: From PKI to Virtualization & Cloud Raymond Yeung CISSP, CISA Senior Regional Director, HK/TW, ASEAN & A/NZ SafeNet Inc. Agenda What is PKI? And Value? Traditional PKI Usage Cloud Security
More informationPrivacy and Transparency for Decision Making. Simone Fischer-Hübner Karlstad University, Sweden MDAI 2015
Privacy and Transparency for Decision Making Simone Fischer-Hübner Karlstad University, Sweden MDAI 2015 Content I. Profiling, Big Data & Decision Making - Privacy Challenges II. III. IV. Peer Profiling
More informationIPInfoDB Web Service Agreement
IPInfoDB Web Service Agreement PLEASE READ THIS WEB SERVICE AGREEMENT CAREFULLY BEFORE DOWNLOADING, INSTALLING OR USING IPINFODB SERVICES. BY CHECKING THE I HAVE READ, UNDERSTAND AND AGREE WITH THE SERVICE
More informationBinding Corporate Rules ( BCR ) Summary of Third Party Rights
Binding Corporate Rules ( BCR ) Summary of Third Party Rights This document contains in its Sections 3 9 all provision of the Binding Corporate Rules (BCR) for Siemens Group Companies and Other Adopting
More informationINFORMATION TECHNOLOGY CONTROLS
CHAPTER 14 INFORMATION TECHNOLOGY CONTROLS SCOPE This chapter addresses requirements common to all financial accounting systems and is not limited to the statewide financial accounting system, ENCOMPASS,
More informationOsterweis Institutional Equity Fund IRA Application
Osterweis Institutional Equity Fund IRA Application For Traditional, ROTH, SEP and SIMPLE IRAs Mail to: Osterweis Funds c/o U.S. Bancorp Fund Services, LLC P.O. Box 701 Milwaukee, WI 53201-0701 Overnight
More informationData protection compliance checklist
Data protection compliance checklist What is this checklist for? This checklist is drawn up on the basis of analysis of the relevant provisions of European law. Although European law aims at harmonizing
More informationState of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008
State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008 Background In the last ten years Arkansas has enacted several laws to facilitate electronic transactions
More informationSecurity and Compliance in Clouds: Challenges and Solutions
Security and Compliance in Clouds: Challenges and Solutions Prof. Dr. Jan Jürjens Fraunhofer Institut für Software- und Systemtechnologie ISST, Dortmund http://jan.jurjens.de This Talk What are the challenges?
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationCertipost Trust Services. Certificate Policy. for Lightweight Certificates for EUROCONTROL. Version 1.2. Effective date 03 May 2012
Certipost Trust Services Version 1.2 Effective date 03 May 2012 Certipost NV ALL RIGHTS RESERVED. 2 13 Definitions : Activation Data Certificate Certificate Holder Certificate Public Registry Certificate
More informationGENERAL CONDITIONS OF THE EXTENDED VALIDITY CONFIRMATION SERVICE CONTRACT
GENERAL CONDITIONS OF THE EXTENDED VALIDITY CONFIRMATION SERVICE CONTRACT 1. Definitions 1.1. SK AS Sertifitseerimiskeskus. 1.2. Client adult, natural person with active legal capacity or legal person
More informationInformation Technology - Switzerland
Newsletters Law Directory Deals News Subscribe Home Information Technology - Switzerland Data Protection - Key Issues Contributed by Homburger December 2 2003 Introduction No Free Flow of Data within a
More informationAN ACT CREATING THE ELECTRONIC MEDICAL RECORDS ACT; ALLOWING THE CREATION, MAINTENANCE AND USE OF ELECTRONIC MEDICAL RECORDS;
AN ACT CREATING THE ELECTRONIC MEDICAL RECORDS ACT; ALLOWING THE CREATION, MAINTENANCE AND USE OF ELECTRONIC MEDICAL RECORDS; CLARIFYING INDIVIDUAL RIGHTS WITH RESPECT TO THE DISCLOSURE OF INFORMATION
More informationCCH INCORPORATED, A WOLTERSKLUWER COMPANY ACCESS AGREEMENT FOR THE
CCH INCORPORATED, A WOLTERSKLUWER COMPANY ACCESS AGREEMENT FOR THE Accounting Research Manager INFORMATION DATABASE PROVIDED THROUGH Mayer Hoffman McCann P.C. ("AGREEMENT" OR "ACCESS AGREEMENT") IN THIS
More informationDefinitions of Logical Causality for Log Analysis
Definitions of Logical Causality for Log Analysis Gregor Gössler 1 Joint work with Daniel Le Métayer 1 and Jean-Baptiste Raclet 2 1 INRIA Grenoble Rhône-Alpes, France 2 IRIT - CNRS, Toulouse, France Synchron
More informationBusiness Issues in the implementation of Digital signatures
Business Issues in the implementation of Digital signatures Much has been said about e-commerce, the growth of e-business and its advantages. The statistics are overwhelming and the advantages are so enormous
More informationCoverdell Education Savings Account Application
Coverdell Education Savings Account Application Mail to: Osterweis Funds c/o U.S. Bancorp Fund Services, LLC P.O. Box 701 Milwaukee, WI 53201-0701 Overnight Express Mail to: Osterweis Funds c/o U.S. Bancorp
More informationProvider secure web portal & Member Care Information portal Registration Form
Provider secure web portal & Member Care Information portal Registration Form Thank you for your interest in registering for the Aetna Better Health Provider Secure Web Portal and the Aetna Better Health
More informationLIABILITY CLAIM FORM
LIABILITY CLAIM FORM Note: This form must be completed by the policyholder NOT the injured party. To be completed when accident causes damage to property or injury to a member of the public. (If there
More informationElectronic Statement Disclosure
Electronic Statement Disclosure Electronic Delivery of Statements and Notices By accepting the Cornerstone Bank Electronic Statement Disclosure, you consent and agree that Cornerstone Bank may provide
More informationEDUCATIONAL AFFILIATION AGREEMENT (CAMPUS) and (FACILITY)
EDUCATIONAL AFFILIATION AGREEMENT (CAMPUS) and (FACILITY) This Agreement made and effective this day of, 20 by and between (the Facility ), and the UNIVERSITY OF MAINE SYSTEM, acting by and through the
More informationCompliance Management Systems
Certification Scheme Y03 Compliance Management Systems ISO 19600 ONR 192050 Issue V2.1:2015-01-08 Austrian Standards plus GmbH Dr. Peter Jonas Heinestraße 38 A-1020 Vienna, Austria E-Mail: p.jonas@austrian-standards.at
More informationCOUNCIL OF EUROPE COMMITTEE OF MINISTERS. RECOMMENDATION No. R (95) 4 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES
COUNCIL OF EUROPE COMMITTEE OF MINISTERS RECOMMENDATION No. R (95) 4 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES ON THE PROTECTION OF PERSONAL DATA IN THE AREA OF TELECOMMUNICATION SERVICES, WITH PARTICULAR
More informationMASSAGE THERAPIST LICENSE APPLICATION
Licensing MASSAGE THERAPIST LICENSE APPLICATION A City of Forest Lake Massage Therapist License is required prior to performing massage services within the City of Forest Lake. Chapter 115 of the Forest
More informationCovered California. Terms and Conditions of Use
Terms and Conditions of Use Contents: Purpose Of This Agreement Privacy Policy Modification Of This Agreement Permission To Act On Your Behalf How We Identify You Registration Additional Terms For Products
More informationJohnson Controls Privacy Notice
Johnson Controls Privacy Notice Johnson Controls, Inc. and its affiliated companies (collectively Johnson Controls, we, us or our) care about your privacy and are committed to protecting your personal
More informationRecommendations for companies planning to use Cloud computing services
Recommendations for companies planning to use Cloud computing services From a legal standpoint, CNIL finds that Cloud computing raises a number of difficulties with regard to compliance with the legislation
More informationCloud security architecture
ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide
More informationCheck Acceptance Policy
Check Acceptance Policy COPART, INC. Member A/R 4610 Westamerica Drive Fairfield, CA 94534 Why Cashier s Checks or Money Orders are required Members are required to pay by Cashier s Check or Money Order
More informationHow To Write A Report On A Recipe Card
Opinion on a notification for Prior Checking received from the Data Protection Officer of the European Investment Bank (EIB) concerning procedures related to "360 Leadership feedback report" Brussels,
More informationSOCIETY OF ECONOMIC GEOLOGISTS, INC.
SOCIETY OF ECONOMIC GEOLOGISTS, INC. 7811 Shaffer Parkway Littleton, CO 80127-3732 USA Tel: +1.720.981.7882 Fax: +1.720.981.7874 E-mail: seg@segweb.org CONTRACT PREFACE FOR INSTITUTIONAL SUBSCRIBERS Electronic
More informationONLINE PAYMENT PRIVACY POLICY
ONLINE PAYMENT PRIVACY POLICY Updated: June, 2013 In order to operate the College online-payments system, Sanjari International College (SIC) may collect and store personal information student/customer
More informationShareFile Security Overview
ShareFile Security Overview ShareFile Company Policy All ShareFile employees undergo full background checks and sign our information security policy prior to beginning employment with the company. The
More informationTHE UNIVERSITY OF THE WEST INDIES Electronic Mail & Messaging Services Policy 1. Introduction
THE UNIVERSITY OF THE WEST INDIES Electronic Mail & Messaging Services Policy 1. Introduction In accordance with its broader strategic objectives, The University of the West Indies (the UWI) promotes the
More informationImplementation Guide
Implementation Guide PayLINK Implementation Guide Version 2.1.252 Released September 17, 2013 Copyright 2011-2013, BridgePay Network Solutions, Inc. All rights reserved. The information contained herein
More informationIRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs
IRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs >> Mail to: WBI Funds c/o U.S. Bancorp Fund Services, LLC PO Box 701 Milwaukee, WI 53201-0701 Overnight Express Mail To: WBI Funds c/o U.S. Bancorp
More informationTell us how much to withdraw from this Account. Write a specific amount or ALL next to each Investment Option.
Withdrawal Request Form Use this form to withdraw assets from the Plan Questions? Call toll-free 1-877-338-4646 P.O. Box 55134, Boston, MA 02205-5134 Visit www.mnsaves.org Complete a separate form for
More informationIRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs
IRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs >> Mail to: Mairs & Power Funds c/o U.S. Bancorp Fund Services, LLC PO Box 701 Milwaukee, WI 53201-0701 Overnight Express Mail To: Mairs & Power
More informationProvider Web Portal Registration Form
Provider Web Portal Registration Form Thank you for your interest in registering for the Maryland Physicians Care provider web portal. Maryland Physicians Care is committed to protecting the privacy of
More informationitg CloudBase is a suite of fully managed Hybrid & Private Cloud Services ready to support your business onwards and upwards into the future.
Web Filtering Email Filtering Mail Archiving Cloud Backup Disaster Recovery Virtual Machines Private Cloud itg CloudBase is a suite of fully managed Hybrid & Private Cloud Services ready to support your
More informationIRA Application. Class C and S Shares
IRA Application Class C and S Shares Instructions Use this form for IRA individual, custodial, trust,profit-sharing and pension plan accounts. Do not use this form for ICON Funds Class A accounts. For
More informationPrivacy and Identity Management for Europe
Privacy and Identity Management for Europe Pierangela Samarati Università degli Studi di Milano Milan, Italy samarati@dti.unimi.it Page 1 Vision and Objectives Users disclose vast amounts of personal information
More informationOpen Source Management
Open Source Management Best practices for professional use of open source software Simont Braun Avenue Louise, 149/20 1050 Bruxelles T 32 2 533 17 71 F 32 2 533 17 97 E benjamin.docquir@simontbraun.eu
More informationVodafone Group Certification Authority Test House Subscriber Agreement
Vodafone Group Certification Authority Test House Subscriber Agreement Publication Date: 12/05/09 Copyright 2009 Vodafone Group Table of Contents Vodafone Group Certification Authority Test House Subscriber
More informationIRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs
IRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs >> Mail to: Portfolio 21 Global Equity Fund c/o U.S. Bancorp Fund Services, LLC PO Box 701 Milwaukee, WI 53201-0701 In compliance with the USA
More informationAPPLICATION FOR BOC INTERNET BANKING FACILITY. Name: Reg No: Address: Phone: Land. Mobile Email. Only Rs Cts 1 2 3
APPLICATION FOR BOC INTERNET BANKING FACILITY (FOR LIMITED LIABILITY AND PUBLIC COMPANIES ONLY) Details of Company Name: Reg No: Address: Phone: Land Fax Mobile Email Delegate 01 * Authority Level :- Full
More informationIRA Application Institutional Class For Traditional, ROTH, SEP, and SIMPLE IRAs
Mail to: Hennessy Funds c/o U.S. Bancorp Fund Services, LLC PO Box 701 Milwaukee, WI 53201-0701 1 Type of IRA IRA Application Institutional Class For Traditional, ROTH, SEP, and SIMPLE IRAs Overnight Express
More informationInternet Banking Disclosure 03/29/12
Internet Banking Disclosure 03/29/12 Business Online Banker (Internet) Agreement 1. The Service. This agreement, along with the Authorization Worksheets, is a contract which establishes the rules which
More informationAPGO GUIDANCE ON DOCUMENT AUTHENTICATION. Table of Contents
1.0 Introduction Table of Contents 2.0 Document Authentication: The Basics 2.1 The Purpose of the Seal 2.2 The Practice of Authentication 3.0 Document Authentication: Application 3.1 The Authentication
More informationDEALER FUNDING CHECKLIST Effective 10/15/14 PLEASE NOTE: ALL PAPERWORK SHOULD BE ASSIGNED TO PELICAN AUTO FINANCE, LLC Original Approval Sheet
DEALER FUNDING CHECKLIST Effective 10/15/14 PLEASE NOTE: ALL PAPERWORK SHOULD BE ASSIGNED TO PELICAN AUTO FINANCE, LLC Original Approval Sheet o Amount financed on Approval must be within $25 of contracted
More informationSecurity within a development lifecycle. Enhancing product security through development process improvement
Security within a development lifecycle Enhancing product security through development process improvement Who I am Working within a QA environment, with a focus on security for 10 years Primarily web
More informationQuestion: 1 Which of the following should be the FIRST step in developing an information security plan?
1 ISACA - CISM Certified Information Security Manager Exam Set: 1, INFORMATION SECURITY GOVERNANCE Question: 1 Which of the following should be the FIRST step in developing an information security plan?
More informationPOLICIES Supersedes Series No:
Series No. 5000 CENTRAL INTERMEDIATE UNIT Date Approved: 9/23/2010 Date Revised: Date Amended: POLICIES Supersedes Series No: TITLE: HIPAA Compliance Plan (Partial Hospitalization Program) POLICY: 5505
More information1. TYPES OF INFORMATION WE COLLECT.
PRIVACY POLICY GLOBAL ASSESSOR POOL, LLC, DBA PINSIGHT ( Company or we or us ) is committed to protecting your privacy. We prepared this Privacy Policy to describe our practices regarding the information
More informationIRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs
IRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs >> Mail to: Oaktree Funds c/o U.S. Bancorp Fund Services, LLC PO Box 701 Milwaukee, WI 53201-0701 Overnight Express Mail To: Oaktree Funds c/o
More informationAGREEMENT AND TERMS OF USE
AGREEMENT AND TERMS OF USE The website located at www.100womeninhedgefunds.org and the services of 100 Women in Hedge Funds ( 100WHF ) available thereon (collectively, the Site ), together with the networking
More informationGeospatial Digital Rights Management
Geospatial Digital Rights Management By Daniel J. Wright Any use of trade, firm, of product names is for descriptive purposes only and does not imply endorsement by the U.S. Government Open-File Report
More informationOnline Banking Service Agreement
Online Banking Service Agreement AGREEMENT AND DISCLOSURES Before using Zions Bank's online banking services, you must consent to receive disclosures electronically, either online or via E Mail, and read
More informationSTATUTORY INSTRUMENTS 2012 No. _
STATUTORY INSTRUMENTS 2012 No. _ THE ELECTRONIC SIGNATURES REGULATIONS 2012 ARRANGEMENT OF REGULATIONS Regulation PART I-PRELIMINARY 1. Title. 2. Interpretation PART II - LICENSING AND RECOGNITION OF CERTIFICATION
More informationREMEDY Enterprise Services Management System
for the Enterprise Services Management System April 28, 2016 Contact Point Marshall Nolan Border Enforcement and Management Systems Division Office of Information Technology U.S. Customs & Border Protection
More informationSchweizerische Informatikkonferenz Conférence Suisse sur l'informatique Conferenza Svizzera sull Informatica
SIK/CSI Schweizerische Informatikkonferenz Conférence Suisse sur l'informatique Conferenza Svizzera sull Informatica General Terms and Conditions of Business for the Purchase of Complete Informatics Systems
More informationTerms of Use (basic) 1
Terms of Use (basic) 1 (1) Introduction These terms of use govern your use of our website; by using our website, you accept these terms of use in full. 2 If you disagree with these terms of use or any
More informationCoverdell Education Savings Account Application
>> Mail to: Mairs & Power Funds c/o U.S. Bancorp Fund Services, LLC PO Box 701 Milwaukee, WI 53201-0701 Coverdell Education Savings Account Application In compliance with the USA PATRIOT Act, all mutual
More informationCHAPTER 11 COMPUTER SYSTEMS INFORMATION TECHNOLOGY SERVICES CONTROLS
11-1 CHAPTER 11 COMPUTER SYSTEMS INFORMATION TECHNOLOGY SERVICES CONTROLS INTRODUCTION The State Board of Accounts, in accordance with State statutes and the Statements on Auditing Standards Numbers 78
More informationDEFINITIONS. "this web site" means www.vericredonline.com. "user" means any person accessing any part of this web site DISCLAIMER
DEFINITIONS VeriCred Collections means VeriCred Credit Bureau (Pty) Ltd, a private company, with limited liability, duly registered and incorporated as such in accordance with the laws of the Republic
More informationPKI Disclosure Statement
Land Registry Version 2.0 23/07/2008 PKI Disclosure Statement 1. Introduction Land Registry has created an e-security platform for its customers to facilitate role-based access, authentication and electronic
More informationPALANTIR & LAW ENFORCEMENT
100 Hamilton Avenue Palo Alto, California 94301 PALANTIR & LAW ENFORCEMENT Protecting Privacy and Civil Liberties TABLE OF CONTENTS Introduction Solution Overview Privacy Protective Technology Enforcing
More informationIRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs
IRA Application For Traditional, ROTH, SEP, and SIMPLE IRAs >> Mail to: Scharf Funds c/o U.S. Bancorp Fund Services, LLC PO Box 701 Milwaukee, WI 53201-0701 Overnight Express Mail To: Scharf Funds c/o
More informationVISA BUSINESS CREDIT CARD APPLICATION
UMB i1510018 (R 09/10) VISA BUSINESS CREDIT CARD APPLICATION It s easy to Apply. Incomplete information may cause delays. Please complete in full. bankcardcredit.commercial@umb.com Fax to 816.843.2485
More informationWelcome to Highlands State Bank Internet Banking Center. Important Information for New Users. System Security and Browser Information
Welcome to Highlands State Bank Internet Banking Center You must have a deposit account, loan account or a Highlands State Bank ATM/Debit Card to enroll in Internet Banking. We are sure you will find Internet
More informationAdvanced AMC, Inc. Appraiser Services Agreement (Independent Contractor Agreement)
Advanced AMC, Inc.. Appraiser Services Agreement (Independent Contractor Agreement) This Appraiser Services Agreement ( Agreement ) shall be effective as of the Effective Date by and between Advanced AMC,
More informationTerms of Use The Human Face of Big Data Website
Terms of Use The Human Face of Big Data Website Effective Date: September 12 th, 2012 Welcome to The Human Face of Big Data, a project of Against All Odds Productions ( AAOP ). The Human Face of Big Data
More informationSPORTING ACCIDENT REPORT FORM
SLE Worldwide Australia Pty Limited ABN 15 066 698 575 Licence No: 237268 Level 11, 56 Clarence Street, Sydney NSW 2000 PO Box H308, Australia Square NSW 1215 Ph: 1800 002 676 Fax: (02) 9249 4840 www.sleaustralia.com.au
More informationAudio: This overview module contains an introduction, five lessons, and a conclusion.
Homeland Security Presidential Directive 12 (HSPD 12) Overview Audio: Welcome to the Homeland Security Presidential Directive 12 (HSPD 12) overview module, the first in a series of informational modules
More informationIncident Response and the Role of External Services
Incident Response and the Role of External Services Andrea Rigoni Business Development Manager - Government Sector Symantec Corp. Andrea_Rigoni@symantec.com Abstract: Managing security is a complex task
More information.ke Domain Name WHOIS Policy .ke Domain Name WHOIS Policy
.ke Domain Name WHOIS Policy 1/6 DEFINITIONS Terms defined in the Terms & Conditions and/or the.ke Dispute Resolution Rules are used herein with a capital letter. SECTION 1. PRIVACY POLICY 1.1. Processing
More informationHP Laptop & Apple ipads
Shalom College Student 1:1 Laptop & ipad Program HP Laptop & Apple ipads Policy and Guidelines Booklet TABLE OF CONTENTS 1. Educational Opportunities of A 1 to 1 Laptop & ipad Program... 2 2. Overview
More informationProgram, you consent to the data practices described in this Privacy Policy.
Privacy Policy. To the extent Gramm-Leach-Bliley Act, 15 U.S.C. 6802 (the GLB Act ) may apply to our services, this Privacy Policy shall serve as your initial Privacy Notice as defined under the GLB Act.
More informationSecurity und Compliance in Clouds
Security und Compliance in Clouds Prof. Dr. Jan Jürjens, Kristian Beckers Fraunhofer Institut für Software- und Systemtechnologie ISST, Dortmund http://jan.jurjens.de The NIST Cloud Definition Framework
More informationTHE BUSINESS COUNCIL OF WESTCHESTER Website & Internet Services Terms And Conditions of Use
THE BUSINESS COUNCIL OF WESTCHESTER Website & Internet Services Terms And Conditions of Use PLEASE READ THE FOLLOWING TERMS AND CONDITIONS RELATING TO YOUR USE OF OUR WEBSITE AND ANY OTHER INTERNET-BASED
More informationTECHNICAL SPECIFICATION: LEGISLATION EXECUTING CLOUD SERVICES
REALIZATION OF A RESEARCH AND DEVELOPMENT PROJECT (PRE-COMMERCIAL PROCUREMENT) ON CLOUD FOR EUROPE TECHNICAL SPECIFICATION: LEGISLATION EXECUTING CLOUD SERVICES ANNEX IV (D) TO THE CONTRACT NOTICE TENDER
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More informationASSURANCE OF DISCONTINUANCE. The Office of the Attorney General of the State of New York (sometimes referred to as
ATTORNEY GENERAL OF THE STATE OF NEW YORK INTERNET BUREAU In the Matter of Assurance No. 15-185 Investigation by ERIC T. SCHNEIDERMAN, Attorney General of the State of New York, of Uber Technologies, Inc.,
More informationProfessional Organization Checklist for the Computer Science Curriculum Updates. Association of Computing Machinery Computing Curricula 2008
Professional Organization Checklist for the Computer Science Curriculum Updates Association of Computing Machinery Computing Curricula 2008 The curriculum guidelines can be found in Appendix C of the report
More informationUnderstanding ediscovery and Electronically Stored Information (ESI)
Copyright The information transmitted in this document is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination
More informationNETWORK AND AIS AUDIT, LOGGING, AND MONITORING POLICY OCIO-6011-09 TABLE OF CONTENTS
OFFICE OF THE CHIEF INFORMATION OFFICER NETWORK AND AIS AUDIT, LOGGING, AND MONITORING POLICY OCIO-6011-09 Date of Issuance: May 22, 2009 Effective Date: May 22, 2009 Review Date: TABLE OF CONTENTS Section
More informationSAMPLE BACKGROUND CHECK POLICY CANADA
SAMPLE BACKGROUND CHECK POLICY CANADA 1 CONTENTS: 1. Purpose... 2 2. Scope... 2 3. Background Check Vendor... 2 4. Notice to Applicants and Employees... 2 5. Informed Consent... 2 6. Required Background
More informationADDENDUM OF CLAUSES. ADDENDUM # dated to the Contract of Sale dated, between Buyer and Seller for Property known as
ADDENDUM OF CLAUSES ADDENDUM # dated to the Contract of Sale dated, between Buyer and Seller for Property known as. The following provisions are included in and supersede any conflicting language in the
More informationZIMPERIUM, INC. END USER LICENSE TERMS
ZIMPERIUM, INC. END USER LICENSE TERMS THIS DOCUMENT IS A LEGAL CONTRACT. PLEASE READ IT CAREFULLY. These End User License Terms ( Terms ) govern your access to and use of the zanti and zips client- side
More informationANZ Royal Bank Internet Banking Business Registration Form
Please fill out this form to register a business for ANZ Royal Bank Internet Banking. Once you have completed all sections of this form, please send the original copy to your local ANZ Royal Bank branch.
More informationELECTRONIC SIGNATURE AGREEMENT
ELECTRONIC SIGNATURE AGREEMENT 1. Agreement If you contract with us electronically or otherwise request documentation or disclosures electronically, you specifically consent and agree that we may provide
More informationesign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?
esign FAQ 1. What is the online esign Electronic Signature Service? esign Electronic Signature Service is an innovative initiative for allowing easy, efficient, and secure signing of electronic documents
More informationSERENITY Pattern-based Software Development Life-Cycle
SERENITY Pattern-based Software Development Life-Cycle Francisco Sanchez-Cid, Antonio Maña Computer Science Department University of Malaga. Spain {cid, amg}@lcc.uma.es Abstract Most of current methodologies
More information