Privacy by Design. Ian Brown, Prof. of Information Security and Privacy Oxford Internet Institute, University of
|
|
- Marjorie Newton
- 8 years ago
- Views:
Transcription
1 Privacy by Design Ian Brown, Prof. of Information Security and Privacy Oxford Internet Institute, University of
2 Privacy by Design principles 1. Proactive not Reactive; Preventative not Remedial 2. Privacy as the Default Setting 3. Privacy Embedded into Design 4. Full Functionality: Positive-Sum, not Zero-Sum 5. End-to-End Security Full Lifecycle Protection 6. Visibility and Transparency Keep it Open 7. Respect for User Privacy Keep it User-Centric Cavoukian et al. (2010)
3 32 nd International Conference of DP and Privacy Commissioners (Jerusalem 2010) 1. Recognize Privacy by Design as an essential component of fundamental privacy protection; 2. Encourage the adoption of Privacy by Design s Foundational Principles as guidance to establishing privacy as an organization s default mode of operation; 3. Invite Data Protection and Privacy Commissioners/Authorities to: a. promote Privacy by Design, as widely as possible through distribution of materials, education and personal advocacy; b. foster the incorporation of the Privacy by Design Foundational Principles in the formulation of privacy policy and legislation within their respective jurisdictions; c. proactively encourage research on Privacy by Design
4 General Data Protection Regulation 23: Data protection by design and by default 1. the controller shall implement appropriate and proportionate technical and organisational measures and procedures in such a way that the processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject 2. The controller shall ensure that, by default, only those personal data are processed which are necessary for each specific purpose of the processing and are especially not collected, retained or disseminated beyond the minimum necessary for those purposes COM(2012) 11 final
5 European Parliament s additions 1 Data protection by design shall have particular regard to the entire lifecycle management of personal data from collection to processing to deletion, systematically focusing on comprehensive procedural safeguards regarding the accuracy, confidentiality, integrity, physical security and deletion of personal data. 1a In order to foster its widespread implementation in different economic sectors, data protection by design shall be a prerequisite for public procurement tenders
6 Privacy system requirements Purpose limitation (comprising both specification of the purpose and limiting the use to that stated purpose) Data minimisation Data quality Transparency (Openness in OECD terms). Data subject rights (in terms of consent, and the right to view, erase, and rectify personal data) The right to be forgotten. Adequate protection (Security Safeguards in OECD terms). Data portability Data breach notifications. Accountability and (provable) compliance J-H Hoepmann (2014)
7 Privacy design strategies Strategy Minimise Hide (from all, or third, parties) Separate Aggregate Inform Control Enforce Demonstrate Pattern Select before you collect; anonymisation; pseudonymisation Encryption, onion routing, anonymous credentials, homomorphic encryption Distributed processing and storage where feasible; split database tables; secure multi-party computation; unlinkability Aggregation over time and geography; dynamic location granularity Transparency, data breach notifications, UI design Informed consent, UI design Access control, privacy rights management Privacy rights management, logging J-H Hoepmann (2014)
8 Spy bins and smartphones Image: Renew London
9 Transport pricing Monitor all traffic centrally (London), at kerbside (W London) or deduct payment from pay-as-you-go toll cards (Singapore)? Onboard unit (Balasch et al. 2010)? Or tax parking spaces? Link all payment card usage (Oyster) or use unlinkable RFID tokens (Shenzen)? MIT Technology Review (2006)
10 Privacy-friendly smart meters Personal data remains at customer premises under their direct control Network broadcasts tariff data to meters, which control appliances Heavily aggregated information used for billing and price comparison Rial and Danezis (2011)
11 H Haddadi, P Hui, T Henderson and I Brown (2010) MobiAd: Private and Scalable Mobile Advertising, ACM International Workshop on Mobility in the Evolving Internet Architecture, Chicago Location-Based Services Can we use features of mobile phone networks to supply anonymous, targeted adverts?
12 Limitations ENISA experts identify: Fragility/non-composability of privacy properties Privacy metrics and utility limitations Increased complexity Implementation obstacles Unclear or too narrow interpretation Utility in Internet of Things and Big Data systems FTC staff IoT report: flexible minimisation: don t collect data, or unneeded data, or sensitive data; de-identify; or seek consent Article 29 Working Party: insists that the data minimisation principle plays an essential role (Opinion 8/2014) EDPS: DP must cover use and collection of data. A differentiation in this regard has never been made in EU data protection law and it has the potential to weaken the protection of fundamental rights.
13 References J. Balasch, A. Rial, C. Troncoso, C. Geuens, B. Preneel and I. Verbauwhede (2010) PrETP: Privacy-Preserving Electronic Toll Pricing. Usenix Security Symposium, pp ENISA (2014), Privacy and Data Protection by Design from policy to engineering. European Data Protection Supervisor (2015) Value of the EU Data Protection Reform against the Big Data challenges, 5 th European Data Protection Days, Berlin. Federal Trade Commission Staff Report, Internet of Things: Privacy & Security in a Connected World, Jan H. Haddadi, P. Hui and I. Brown (2010) MobiAd: Private and Scalable Mobile Advertising, ACM International Workshop on Mobility in the Evolving Internet Architecture, Chicago. J.-H. Hoepman (2014) Privacy Design Strategies (extended abstract). ICT Systems Security and Privacy Protection - 29th IFIP TC 11 International Conference, SEC 2014, Marrakech. A. Rial and G. Danezis (2011) Privacy-Preserving Smart Metering, ACM Workshop on Privacy in the Electronic Society, Chicago.
How To Protect Privacy In A Computer System
PReparing Industry to Privacy-by-design by supporting its Application in REsearch PRIPARE: un projet Européen visant à définir une pratique intégrée de protection de la vie privée par construction PRIPARE:
More informationPrivacy & Big Data: Enable Big Data Analytics with Privacy by Design. Datenschutz-Vereinigung von Luxemburg Ronald Koorn DRAFT VERSION 8 March 2014
Privacy & Big Data: Enable Big Data Analytics with Privacy by Design Datenschutz-Vereinigung von Luxemburg Ronald Koorn DRAFT VERSION 8 March 2014 Agenda? What is 'Big Data'? Privacy Implications Privacy
More informationPrivacy by Design. Strategies & Patterns. Jaap-Henk Hoepman. Digital Security (DS) Radboud University Nijmegen, the Netherlands
Privacy by Design Strategies & Patterns Jaap-Henk Hoepman Digital Security (DS) Radboud University Nijmegen, the Netherlands @xotoxot // jhh@cs.ru.nl // www.cs.ru.nl/~jhh Introduction Security Privacy
More informationBEFORE THE DEPARTMENT OF COMMERCE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY. Request for Comments Docket # 120214135-2135-01
BEFORE THE DEPARTMENT OF COMMERCE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY Request for Comments Docket # 120214135-2135-01 Multistakeholder Process to Develop Consumer Privacy Codes of Conduct COMMENTS
More informationLegal Aspects of the MonIKA-Project - Privacy meets Cybersecurity
Legal Aspects of the MonIKA-Project - Privacy meets Cybersecurity Sebastian Meissner Security Incident Information Sharing Workshop Berlin, 26.07.2013 Introduction Opening question Privacy & cybersecurity:
More informationPrivacy & data protection in big data: Fact or Fiction?
Privacy & data protection in big data: Fact or Fiction? Athena Bourka ENISA ISACA Athens Conference 24.11.2015 European Union Agency for Network and Information Security Agenda 1 Privacy challenges in
More informationPrivacy by Design The 7 Foundational Principles Implementation and Mapping of Fair Information Practices
Privacy by Design The 7 Foundational Principles Implementation and Mapping of Fair Information Practices Ann Cavoukian, Ph.D. Information & Privacy Commissioner, Ontario, Canada Purpose: This document
More informationThe 7 Foundational Principles. Implementation and Mapping of Fair Information Practices. Ann Cavoukian, Ph.D.
Privacy by Design The 7 Foundational Principles Implementation and Mapping of Fair Information Practices Ann Cavoukian, Ph.D. Information & Privacy Commissioner Ontario, Canada Purpose: This document provides
More informationPrivacy by Design Setting a new standard for privacy certification
Privacy by Design Setting a new standard for privacy certification Privacy by Design is a framework based on proactively embedding privacy into the design and operation of IT systems, networked infrastructure,
More informationPrivacy and Data Protection by Design from policy to engineering
European Union Agency for Network and Information Security www.enisa.europa.eu About ENISA The European Union Agency for Network and Information Security (ENISA) is a centre of network and information
More informationCOMMISSION OF THE EUROPEAN COMMUNITIES COMMISSION RECOMMENDATION. of 12.5.2009
COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 12.5.2009 C(2009) 3200 final COMMISSION RECOMMENDATION of 12.5.2009 on the implementation of privacy and data protection principles in applications supported
More informationConsor;um (partners) ARES conference Toulouse, 24 August 2015
1 2 3 Consor;um (partners) 4 The honest- but- curious CSP model (cloud service provider)? 5 an attack tolerant framework Ambi;on in the context of honest-but-curious CSPs preserving the benefits associated
More informationPrivacy and Data Protection Impact Assessment Framework for RFID Applications. 12 January 2011
Privacy and Data Protection Impact Assessment Framework for RFID Applications 12 January 2011 1 INDEX 1. Introduction...3 1.1. Key Concepts...4 1.2. Internal Procedures...5 2. The PIA Process...6 2.1.
More information3/17/2015. Overview HIPAA. Who s Covered? Who s Not Covered? PRIVACY & SECURITY. Regulatory Patchwork: Mobile Health
PRIVACY & SECURITY Regulatory Patchwork: Mobile Health Anna Watterson, Davis Wright Tremaine, LLP Overview When HIPAA applies to mobile apps When FTC has jurisdiction over mobile apps Other considerations:
More informationRebuilding Trust Through Privacy by Design. by Alexander Hanff alexander.hanff@startmail.com
Rebuilding Trust Through Privacy by Design by Alexander Hanff alexander.hanff@startmail.com The Principles of Privacy by Design (You all know this stuff right?) o Proactive not Reactive; Preventative not
More informationComments of the EDPS in response to the public consultation on
Comments of the EDPS in response to the public consultation on the planned guidelines on recommended standard licences, datasets and charging for the reuse of public sector information initiated by the
More informationInstitute for Judicial and Legal Studies
Institute for Judicial and Legal Studies «The Data Protection Reform for Mauritius» Presented by Mrs Drudeisha Madhub (Data Protection Commissioner) Email: pmo-dpo@mail.gov.mu Tel:+230 201 36 04 Helpdesk:+230
More informationCrime Statistics Data Security Standards. Office of the Commissioner for Privacy and Data Protection
Crime Statistics Data Security Standards Office of the Commissioner for Privacy and Data Protection 2015 Document details Security Classification Dissemination Limiting Marker Dissemination Instructions
More informationlegal & ethical data sharing prof.dr. Ronald Leenes r.e.leenes@uvt.nl TILT - Tilburg Institute for Law, Technology, and Society
legal & ethical data sharing prof.dr. Ronald Leenes r.e.leenes@uvt.nl TILT - Tilburg Institute for Law, Technology, and Society overview the problem revisited secondary use data protection regulation Data
More informationPrivacy Challenges in the Internet of Things (IoT) a European Perspective
Privacy Challenges in the Internet of Things (IoT) a European Perspective Alicja Gniewek, PhD Student Interdisciplinary Centre for Security, Reliability and Trust Weicker Building, Université du Luxembourg
More informationEUROPEAN DATA PROTECTION SUPERVISOR
C 47/6 Official Journal of the European Union 25.2.2010 EUROPEAN DATA PROTECTION SUPERVISOR Opinion of the European Data Protection Supervisor on the Communication from the Commission on an Action Plan
More informationPrivacy Risk Assessments
Privacy Risk Assessments Michael Hulet Principal November 8, 2012 Agenda Privacy Review Definition Trends Privacy Program Considerations Privacy Risk Assessment Risk Assessment Tools Generally Accepted
More information23/1/15 Version 1.0 (final)
Information Commissioner s Office response to the Cabinet Office s consultation on the proposal to amend the Privacy and Electronic Communications (EC Directive) Regulations 2003 ( PECR ), to enable the
More informationPersonal data privacy protection: what mobile apps developers and their clients should know
Personal data privacy protection: what mobile Introduction This technical information leaflet aims to highlight the privacy implications that mobile applications ( mobile apps ) developers (including organisations
More informationSecure Data Sharing and Processing in Heterogeneous Clouds. Bojan Suzic, Graz University of Technology
Secure Data Sharing and Processing in Heterogeneous Clouds Bojan Suzic, Graz University of Technology 1 Presentation Outline SUNFISH Project Cloud Service for Public Administration Practical Approach Data
More informationRECOMMENDATIONS COMMISSION
16.5.2009 Official Journal of the European Union L 122/47 RECOMMENDATIONS COMMISSION COMMISSION RECOMMENDATION of 12 May 2009 on the implementation of privacy and data protection principles in applications
More informationNew EU Data Protection legislation comes into force today. What does this mean for your business?
24 th May 2016 New EU Data Protection legislation comes into force today. What does this mean for your business? After years of discussion and proposals, the General Data Protection Regulation ( GDPR )
More informationMaximize the Value of Your Data and the Ability to Protect Privacy, by Design
Maximize the Value of Your Data and the Ability to Protect Privacy, by Design Ann Cavoukian, Ph.D. Executive Director Privacy and Big Data Institute Ryerson University Ontario University Registrar s Association
More informationPrivacy and data breaches how information governance minimises the risk
Privacy and data breaches how information governance minimises the risk Preventing data privacy breaches is becoming increasingly important, with the increasing costs of dealing with cyber attacks, IT
More informationLeveraging Privacy by Design to Achieve your Business Needs through Big Data, without Compromising Privacy
Leveraging Privacy by Design to Achieve your Business Needs through Big Data, without Compromising Privacy Big Data & Analytics Summit Canada Old Mill, Toronto February 10, 2015 Let s Dispel Some Myths
More informationTHE MOBILE MAJORITY: BUILDING PRIVACY BY DESIGN INTO MOBILE APPS
THE MOBILE MAJORITY: BUILDING PRIVACY BY DESIGN INTO MOBILE APPS Clarissa Cerda, EVP, Chief Legal Officer and Secretary, LifeLock Kimberly Cilke, CIPP/US Deputy General Counsel, GoDaddy.com Timothy Sparapani
More informationJan Philipp Albrecht Rapporteur, Committee on Civil Liberties, Justice and Home Affairs European Parliament
September 5, 2012 Jan Philipp Albrecht Rapporteur, Committee on Civil Liberties, Justice and Home Affairs European Parliament Lara Comi Rapporteur, Committee on Internal market and Consumer Protection
More informationWhite paper. Analytics. and privacy. & data protection. Your business technologists. Powering progress
White paper Data Analytics and privacy & data protection Your business technologists. Powering progress Big Abstract The rise of Big Data and Data Analytics provides great opportunities for organizations
More informationPrivacy, the Cloud and Data Breaches
Privacy, the Cloud and Data Breaches Annelies Moens Head of Sales and Operations, Information Integrity Solutions Legalwise Seminars Sydney, 20 March 2013 About IIS Building trust and privacy through global
More informationThe RFID agenda of the European Commission. Florent Frederix European Commission Directorate General Information Society and Media
The RFID agenda of the European Commission RFID i Danmark 2011 May 3, 2011, IT-University in Copenhagen Florent Frederix European Commission Directorate General Information Society and Media This document
More informationBest Practices at Research Level
PReparing Industry to Privacy-by-design by supporting its Application in REsearch Best Practices at Research Level Hisain Elshaafi Telecommunications Software and Systems Group (TSSG) Waterford Institute
More informationInternational Working Group on Data Protection in Telecommunications
International Working Group on Data Protection in Telecommunications 675.42.10 4 April 2011 Working Paper Event Data Recorders (EDR) on Vehicles Privacy and data protection issues for governments and manufacturers
More informationWorkshop on Building international cooperation WG2 : Network Information Security / cyber security
Workshop on Building international cooperation WG2 : Network Information Security / cyber security Michel Riguidel michel.riguidel@telecom-paristech.fr WG2 : network information & cybersecurity International
More informationHow To Protect Your Privacy On The Net
International Working Group on Data Protection in Telecommunications Report and Guidance on Data Protection and Privacy on the Internet "Budapest - Berlin Memorandum" adopted at the 20th Meeting in Berlin,
More informationResponse of the German Medical Association
Response of the German Medical Association To the Green Paper on mobile Health ( mhealth ) of the European Commission Berlin, 3 July 2014 Bundesärztekammer Herbert-Lewin-Platz 1 10623 Berlin We are grateful
More informationA Pragmatic Guide to Big Data & Meaningful Privacy. kpmg.be
A Pragmatic Guide to Big Data & Meaningful Privacy kpmg.be From predicting criminal behavior to medical breakthroughs, from location-based restaurant recommendations to customer churn predictions, the
More informationPrior checking opinion on the European Surveillance System ("TESSy") notified by the European Centre for Disease Prevention and Control ("ECDC
Prior checking opinion on the European Surveillance System ("TESSy") notified by the European Centre for Disease Prevention and Control ("ECDC") on 22 July 2009 Brussels, 3 September 2010 (case 2009-0474)
More informationBy Emily Hay and Jan Dhont, Data Privacy Department, Lorenz Brussels.
Getting a Clean Bill of Health for Privacy in Your Mobile App By Emily Hay and Jan Dhont, Data Privacy Department, Lorenz Brussels. I. Introduction to the legal regime and risks As the marketplace floods
More informationPrivacy Management Standards: What They Are and Why They Are Needed Now
ITU-T Q10/17 Identity Summit Geneva December 10, 2010 Privacy Management Standards: What They Are and Why They Are Needed Now John Sabo Director Global Government Relations Chair, OASIS IDtrust Member
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 22 November 2006 15644/06 DATAPROTECT 45 EDPS 3
COUNCIL OF THE EUROPEAN UNION Brussels, 22 November 2006 15644/06 DATAPROTECT 45 EDPS 3 COVER NOTE from: Secretary-General of the European Commission, signed by Mr Jordi AYET PUIGARNAU, Director date of
More informationOpinion of the European Data Protection Supervisor
Opinion of the European Data Protection Supervisor on the Commission Proposal for a Regulation of the European Parliament and of the Council on a European network of Employment Services, workers' access
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More informationPrivacy Charter. Protecting Your Privacy
Privacy Charter Protecting Your Privacy 1 1. Introduction 3 2. Collection of personal information 3 What sort of personal information do we collect and hold? 3 Anonymity and Pseudonymity 3 Why do we collect
More informationPart A OVERVIEW...1. 1. Introduction...1. 2. Applicability...2. 3. Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...
Part A OVERVIEW...1 1. Introduction...1 2. Applicability...2 3. Legal Provision...2 Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...3 4. Guiding Principles...3 Part C IMPLEMENTATION...13 5. Implementation
More informationRFIDs and European Policies
ICTSB Seminar on RFID Standardisation CEN/CENELEC Meeting Centre Brussels, Belgium RFIDs and European Policies Gérald SANTUCCI, Head of Unit gerald.santucci@ec.europa.eu European Commission Directorate
More informationVideo surveillance policy (PUBLIC)
29 July 2015 EMA/133708/2015 Administration Division POLICY/0046 POLICY/0046 Effective Date: 01/01/2015 Review Date: 01/01/2018 Supersedes: Version 1 1. Introduction and purpose For the safety and security
More informationObservations on international efforts to develop frameworks to enhance privacy while realising big data s benefits
Big Data, Key Challenges: Privacy Protection & Cooperation Observations on international efforts to develop frameworks to enhance privacy while realising big data s benefits Seminar arranged by the Office
More informationAnn Cavoukian, Ph.D.
Protecting Privacy in an Era of Electronic Health Records Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario Barrie and Community Family Health Team Royal Victoria Hospital Georgian College
More informationSmart Grid and Privacy An International View
Smart Grid and Privacy An International View 27 November 2013 By: Nader Farah President ESTA International One US Consumer s Reaction in Texas! 2 Source: SmartGridNews.com July 20, 2012 ESTA International
More informationCOMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
EUROPEAN COMMISSION Brussels, XXX [ ](2011) XXX draft COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
More informationDo you have a private life at your workplace?
Do you have a private life at your workplace? Privacy in the workplace in EC institutions and bodies Giovanni Buttarelli In the course of his supervisory activities, the EDPS has published positions on
More informationIntroduction. They may not be connected to the Internet directly but though intermediate devices.
End-to-End Privacy for Open Big Data Markets Charith Perera (Open University), Rajiv Ranjan (CSIRO Digital Productivity Flagship), Lizhe Wang (Chinese Academy of Sciences) Abstract The idea of an open
More informationEU Policy on RFID & Privacy
EU Policy on RFID & Privacy Developments 2007, Outlook 2008 Andreas Krisch http://www.edri.org/ http://www.unwatched.org/ 24C3, 30.12.2007 European Digital Rights (EDRi) Umbrella
More informationHow To Ensure Health Information Is Protected
pic pic CIHI Submission: 2011 Prescribed Entity Review October 2011 Who We Are Established in 1994, CIHI is an independent, not-for-profit corporation that provides essential information on Canada s health
More informationA Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No!
A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No! Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada THE AGE OF
More informationtell you about products and services and provide information to our third party marketing partners, subject to this policy;
WEBSITE PRIVACY POLICY FOR RUBE GOLDBERG As of 09-25-2012 Rube Goldberg has created this Privacy Policy in order to demonstrate our firm commitment to protecting personal information. The following discloses
More informationSummary of feedback on Big data and data protection and ICO response
Summary of feedback on Big data and data protection and ICO response Contents Introduction... 2 Question 1... 3 Impacts and benefits; privacy impact assessments (PIAs)... 3 New approaches to data protection...
More informationIndustrial Control Systems Cyber Emergency Response Team (ICS-CERT) 2014: 245 incidents reported
Protecting What Matters Most Christian Fahlke, Regional Sales Manager ALPS March 2015 Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) 2014: 245 incidents reported (Source: https://ics-cert.us-cert.gov/sites/default/files/monitors/ics-cert_monitor_sep2014-feb2015.pdf)
More informationCookies Compliance Advisory
Cookies Compliance Advisory Note: this is an advisory notice that summarises the current position of the Article 29 Working Group and makes suggestions as to how organisations might practically achieve
More informationHow To Respond To The Nti'S Request For Comment On Big Data And Privacy
Submission to the National Telecommunications and Information Administration (NTIA), U.S. Department of Commerce Docket No. 140514424 4424 01 RIN 0660 XC010 Comments of the Information Technology Industry
More information12 January 2011. Register of Interest Representatives Identification number in the register: 52646912360-95
Z E N T R A L E R K R E D I T A U S S C H U S S MITGLIEDER: BUNDESVERBAND DER DEUTSCHEN VOLKSBANKEN UND RAIFFEISENBANKEN E.V. BERLIN BUNDESVERBAND DEUTSCHER BANKEN E.V. BERLIN BUNDESVERBAND ÖFFENTLICHER
More informationAssessing Risks in the Cloud
Assessing Risks in the Cloud Jim Reavis Executive Director Cloud Security Alliance Agenda Definitions of Cloud & Cloud Usage Key Cloud Risks About CSA CSA Guidance approach to Addressing Risks Research
More informationWritten Contribution of the National Association of Statutory Health Insurance Funds of 16.11.2015
Written Contribution of the National Association of Statutory Health Insurance Funds of 16.11.2015 to the Public Consultation of the European Commission on Standards in the Digital : setting priorities
More informationUnited Kingdom. London W1J 6QE. FCA Register No: 446677 HA6 1NW. United Kingdom
Privacy Policy For the purposes of trading CFDs and Spread Betting, 3D Markets Ltd has introduced you to 3D Market Trading, which is a trading name of Spread Co Limited ('Spread Co'), registered office
More informationEUROPEAN UNION. Brussels, 12 July 2002 (OR. en) PE-CONS 3636/02 2000/0189 (COD) LEX 365 ECO 217 CODEC 778
EUROPEAN UNION THE EUROPEAN PARLIAMT THE COUNCIL Brussels, 12 July 2002 (OR. en) 2000/0189 (COD) LEX 365 PE-CONS 3636/02 ECO 217 CODEC 778 DIRECTIVE 2002/58/EC OF THE EUROPEAN PARLIAMT AND OF THE COUNCIL
More informationGDPR & Cloud Providers Keynote Presentation
Cloudscape VII 9 March 2015 GDPR & Cloud Providers Keynote Presentation Kuan Hon Research Consultant, Cloud Legal Project & MCCRC Centre for Commercial Law Studies Queen Mary, University of London w.k.hon@qmul.ac.uk
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1
Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees
More informationPUBLIC PROCUREMENT CONTRACTS
PUBLIC PROCUREMENT CONTRACTS Public authorities conclude contracts to ensure the supply of works and delivery of services. These contracts, concluded in exchange for remuneration with one or more operators,
More informationCloud Security Introduction and Overview
Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationCloud Computing Security Considerations
Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction
More informationNet-ID 2006 Berlin PROTECTING IDENTITY IN THE DIGITAL ERA. Robin Wilton
Net-ID 2006 Berlin PROTECTING IDENTITY IN THE DIGITAL ERA Robin Wilton Corporate Architect (Federated Identity) Sun Microsystems robin.wilton@sun.com +44 705 005 2931 http://blogs.sun.com/racingsnake Aim
More informationSmart City Live! 9-10 May 2016, Nice
Monday, May 9, 2016 Smart City Live! 9-10 May 2016, Nice Draft agenda as of November 20, 2015 SMART LIVING SMART CITY SERVICES 9:00 AM CASE STUDY: Developing Smart Energy communities Understanding the
More informationPersonal Data Protection Policy
Personal Data Protection Policy Please take a moment to read the following Policy. If there is anything you do not understand then please contact us. We are committed to protecting privacy. This Personal
More informationPRIVACY & DATA PROTECTION ANNUAL REPORT
2012 2013 PRIVACY & DATA PROTECTION ANNUAL REPORT CONTENTS 2 Leading the Way 4 A Strong Privacy Advocate 7 Protecting Our Customers 16 The Mobile Revolution PREFACE by Dr. Larry Ponemon Chairman & Founder,
More informationGUESTBOOK REWARDS, INC. Privacy Policy
GUESTBOOK REWARDS, INC. Privacy Policy Welcome to Guestbook Rewards, Inc. the online and mobile service of Guestbook Rewards, Inc. ( The Guestbook, we, or us ). Our Privacy Policy explains how we collect,
More informationThe Information Commissioner s Office response to HM Treasury s Call for Evidence on Data Sharing and Open Data in Banking
The Information Commissioner s Office response to HM Treasury s Call for Evidence on Data Sharing and Open Data in Banking The Information Commissioner has responsibility for promoting and enforcing the
More informationNIST Big Data Public Working Group
NIST Big Data Public Working Group Requirements May 13, 2014 Arnab Roy, Fujitsu On behalf of the NIST BDWG S&P Subgroup S&P Requirements Emerging due to Big Data Characteristics Variety: Traditional encryption
More informationOPEN DATA: ADOPTING A SECURITY-MINDED APPROACH
OFFICIAL OPEN DATA: ADOPTING A SECURITY-MINDED APPROACH November 2015 Disclaimer Reference to any specific commercial product, process or service by trade name, trademark, manufacturer, or otherwise, does
More informationDelivery date: 18 October 2014
Genomic and Clinical Data Sharing Policy Questions with Technology and Security Implications: Consensus s from the Data Safe Havens Task Team Delivery date: 18 October 2014 When the Security Working Group
More informationFor ONC S&I DS4P. Dennis Giokas Chief Technology Officer Canada Health Infoway Inc. January 25, 2012
For ONC S&I DS4P Dennis Giokas Chief Technology Officer Canada Health Infoway Inc. January 25, 2012 1 Outline EHR Business Architecture EHR Solution Blueprint EHR Privacy and Security Summary & Conclusion
More informationForthcoming EU Data Protection Law
Forthcoming EU Data Protection Law How Oracle can Help Patrick McLaughlin Security Architect & Oracle Fellow EMEA Technology Solutions 22 October 2015, Riga Copyright 2014 Oracle and/or its affiliates.
More informationWhat's Up with Apps in Hong Kong July 2013
What's Up with Apps in Hong Kong July 2013 In May this year, the Hong Kong Privacy Commissioner for Personal Data ("Privacy Commissioner") joined the Global Privacy Enforcement Network ("GPEN") to conduct
More informationDATA AND PAYMENT SECURITY PART 1
STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of
More informationThe era of hacks and cyber regulation
6 February 2014 The era of hacks and cyber regulation We trust that you are well versed with the details of the various cyber-attacks that made the headlines towards the end of 2014, and early this year,
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationLEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction
LEEDS BECKETT UNIVERSITY Information Security Policy 1.0 Introduction 1.1 Information in all of its forms is crucial to the effective functioning and good governance of our University. We are committed
More informationPosition Paper: Berlin, 31 March 2014. Legislative intentions to increase IT Security
Position Paper: Berlin, 31 March 2014 Legislative intentions to increase IT Security eco the Association of the sees itself as lobbyist and supporter of all companies that are involved in the economic
More informationDraft Code of Conduct on privacy for mobile health applications
Draft Code of Conduct on privacy for mobile health applications I. About this Code 1) Introduction To be drafted as a last step, when the rest of the Code is more or less stable Ed. 2) Purpose The purpose
More informationGuidelines on the protection of personal data in mobile devices used by European institutions
Guidelines on the protection of personal data in mobile devices used by European institutions December 2015 TABLE OF CONTENTS I. Introduction... 3 I.1. THE GUIDELINES... 3 I.2. TECHNICAL BACKGROUND...
More informationI. Need for Federal Privacy Legislation
Intel Corporation is pleased to file comments on the Department of Commerce National Telecommunications and Information Administration s Notice of Inquiry, Information Privacy and Innovation in the Internet
More informationInformation Security and Internet of Things
Information Security and Internet of Things 2 nd Open China ICT Thematic Workshop On Internet of Things and Future Internet Beijing, 23 August 2013 Contents The growing Internet of Things Internet of Things
More informationMobile Privacy Principles
Mobile Privacy Principles Document: Promoting a user-centric privacy framework for the mobile ecosystem Version 1.0 2 Contents Introduction... 3 High-level Privacy Principles... 6 Mobile Privacy Principles
More informationInternational Working Group on Data Protection in Telecommunications
International Working Group on Data Protection in Telecommunications 675.48.12 Working Paper on Big Data and Privacy Privacy principles under pressure in the age of Big Data analytics 55th Meeting, 5 6
More information