Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers

Size: px
Start display at page:

Download "Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers"

Transcription

1 Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers March 2013

2

3 How Target Knew a High School Girl Was Pregnant Before Her Parents Did just because you can, doesn t mean you should geo-location and linkages in store offers targeted offers to individuals: the lowest common denominator problem 3

4 4

5 Source: Harvard Business Review, October 2012

6 Business Process of Customer Data Analytics phases: data cleansing, discovery and application data transformation predictive modeling data mining data visualisation combining data from B2Cs, B2Bs and other sources above and below line media mix strategy, media sales and media planning media analytics 6

7 Contracting for customer data analytics typical contracts architecting protection of data risk assessment in-house versus outsourced analytics risk mitigation - what is good industry practice? risk allocation is allocation of risk relevant to privacy by design? 7

8 _1 ppt 8 Source: UK ICO, Anonymisation Code of Practice, Nov 2012

9 Customer Data Analytics Business Model Shopper Shopper Transaction Data Loyalty Offers Public Data Source (e.g. Bureau of Statistics) Retailer A EDW Insights and visualisations Retailer B EDW Licensed Data Sets Raw Data Raw Data Transformed Data Analytics Provider DAP Transformed Data FMCG Fast Moving Consumer Goods DAP Data Analytics Platform EDW Enterprise Data Warehouse Product and Market Data Client Reports FMCG Provider

10 Customer Data Analytics Contract Architecture Loyalty Card Ts & Cs App Terms Shopper Retailer A Disclosure and Collection Statement Value Exchange Agreement Retailer B Analytics Services Agreement Analytics Services Agreement Data Licence Agreement Analytics Provider Confidentiality and Client agreement Client Agreement Licence Agreement and/or website terms FMCG Provider Public Data Source FMCG Fast Moving Consumer Goods 10

11 The Knotty Issues privacy, user consent and user expectations data minimisation, data retention and limited access (operational) safeguards the anonymisation problem DAS outsourcing as solution and as problem: making omelettes IP and CI in raw data, transformed data, transformational code, methodologies and scores, IP in source code patent peril liability for inferences 11

12 Getting personal.. Singapore: personal data means data about an individual who can be identified: (a) from that data; and (b) from that data and other information to which the organisation has or is likely to have access. EU proposed Art 4 def of data subject: an identified natural person or natural person who can be identified, directly or indirectly, by means reasonably likely to be used by the controller or by any other natural or legal person EU proposed Recital 23: The principles of data protection should not apply to data rendered anonymous in a way that the data subject is no longer identifiable. 12

13 the anonymisation problem Source: US Office of Civil Rights (HHS.gov), HIPPA De-identification Guidance, Nov

14 Source: Khaled El Emam, Privacy Analytics, Inc 14

15 UK ICO on limited access safeguards purpose limitation training, e.g. on security and data minimisation principles personnel background checks other arrangements for technical and organisational security e.g. staff confidentiality agreements; controls over other data brought into the environment limitation to particular project(s) restriction on disclosure prohibition on attempts at re-identification measures for destruction of any accidentally re-identified personal data encryption and key management penalties a pre-defined list of risk mitigations cannot be exhaustive. Data controllers must conduct their own risk assessment, e.g. using their organisation s normal data security risk assessment processes Source: UK ICO, Anonymisation Code of Practice, Nov

16 Global business, local rules what are the current rules? PII/non-PII bi-polar regulation: is graduated privacy an academic aspiration or is it achievable today? regulatory analyses of anonymisation EC, UK, HIPPA, Australia and Singapore extrapolating from the anonymisation debate to operational arrangements and privacy by design where does the EC profiling debate fit in? 16

17 EC discussion draft and profiling Every natural person shall have the right not to be subject to a measure which produces legal effects concerning this natural person or significantly affects this natural person, and which is based solely on automated processing intended to evaluate certain personal aspects relating to this natural person or to analyse or predict in particular the natural person s performance at work, economic situation, location, health, personal preferences, reliability or behaviour. Subject to (1) contract at express request of data subject or where suitable measures have been taken to safeguard the data subject s legitimate interests; or (2) express authorisation of State law (which also lays down suitable measures to safeguard the data subject s legitimate interests); or (3) affirmative express informed consent. 17

18 Looking forward are there general principles in doing global big data business? what regulators might do sector specific rules? 18

Risk management, information security and privacy compliance. new meeting of minds or ships in the night?

Risk management, information security and privacy compliance. new meeting of minds or ships in the night? Risk management, information security and privacy compliance new meeting of minds or ships in the night? Peter Leonard September 2015 page 1 ships in the night + narrowly focussed conversations reasonable

More information

Foundation Working Group

Foundation Working Group Foundation Working Group Proposed Recommendations on De-identifying Information for Disclosure to Third Parties The Foundation Working Group (FWG) engaged in discussions around protecting privacy while

More information

A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No!

A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No! A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No! Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada THE AGE OF

More information

The U.K. Information Commissioner s Office Report on Big Data and Data Protection

The U.K. Information Commissioner s Office Report on Big Data and Data Protection reau of National Affairs, Inc. (800-372-1033) http://www.bna.com WORLD DATA PROTECTION REPORT >>> News and analysis of data protection developments around the world. For the latest updates, visit www.bna.com

More information

Privacy & Big Data: Enable Big Data Analytics with Privacy by Design. Datenschutz-Vereinigung von Luxemburg Ronald Koorn DRAFT VERSION 8 March 2014

Privacy & Big Data: Enable Big Data Analytics with Privacy by Design. Datenschutz-Vereinigung von Luxemburg Ronald Koorn DRAFT VERSION 8 March 2014 Privacy & Big Data: Enable Big Data Analytics with Privacy by Design Datenschutz-Vereinigung von Luxemburg Ronald Koorn DRAFT VERSION 8 March 2014 Agenda? What is 'Big Data'? Privacy Implications Privacy

More information

Australia s unique approach to trans-border privacy and cloud computing

Australia s unique approach to trans-border privacy and cloud computing Australia s unique approach to trans-border privacy and cloud computing Peter Leonard Partner, Gilbert + Tobin Lawyers and Director, iappanz In Australia, as in many jurisdictions, there have been questions

More information

Article 29 Working Party Issues Opinion on Cloud Computing

Article 29 Working Party Issues Opinion on Cloud Computing Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,

More information

BHF Southern African Conference

BHF Southern African Conference BHF Southern African Conference Navigating the complexities of the new legislative framework Peter Hill, Director: IT Governance Network TOPICS TO BE COVERED The practical implementation of the PPI Act

More information

Big Data for Law Firms DAMIAN BLACKBURN

Big Data for Law Firms DAMIAN BLACKBURN Big Data for Law Firms DAMIAN BLACKBURN PUBLISHED BY IN ASSOCIATION WITH Big data means big business By Simon Briskman, partner, technology & outsourcing group, Field Fisher Waterhouse LLP BIG DATA is

More information

Multi-Jurisdictional Study: Cloud Computing Legal Requirements. Julien Debussche Associate January 2015

Multi-Jurisdictional Study: Cloud Computing Legal Requirements. Julien Debussche Associate January 2015 Multi-Jurisdictional Study: Cloud Computing Legal Requirements Julien Debussche Associate January 2015 Content 1. General Legal Framework 2. Data Protection Legal Framework 3. Security Requirements 4.

More information

Summary of feedback on Big data and data protection and ICO response

Summary of feedback on Big data and data protection and ICO response Summary of feedback on Big data and data protection and ICO response Contents Introduction... 2 Question 1... 3 Impacts and benefits; privacy impact assessments (PIAs)... 3 New approaches to data protection...

More information

Connected car, big data, big brother?

Connected car, big data, big brother? Connected car, big data, big brother? Using geolocation in a trustworthy and compliant way Simon.Hania@tomtom.com Trends that threaten trust 2 Connected cars with downloadable apps Location services, cloud,

More information

CONSUMER DATA RESEARCH CENTRE DATA SERVICE USER GUIDE. Version: August 2015

CONSUMER DATA RESEARCH CENTRE DATA SERVICE USER GUIDE. Version: August 2015 CONSUMER DATA RESEARCH CENTRE DATA SERVICE USER GUIDE Version: August 2015 Introduction The Consumer Data Research Centre (CDRC or Centre) is an academic led, multi-institution laboratory which discovers,

More information

1. Understanding Big Data

1. Understanding Big Data Big Data and its Real Impact on Your Security & Privacy Framework: A Pragmatic Overview Erik Luysterborg Partner, Deloitte EMEA Data Protection & Privacy leader Prague, SCCE, March 22 nd 2016 1. 2016 Deloitte

More information

The Information Commissioner s Office response to HM Treasury s Call for Evidence on Data Sharing and Open Data in Banking

The Information Commissioner s Office response to HM Treasury s Call for Evidence on Data Sharing and Open Data in Banking The Information Commissioner s Office response to HM Treasury s Call for Evidence on Data Sharing and Open Data in Banking The Information Commissioner has responsibility for promoting and enforcing the

More information

Tracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan. charlesrussellspeechlys.com

Tracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan. charlesrussellspeechlys.com Tracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan charlesrussellspeechlys.com Janine Regan Associate +44 (0)20 7427 6798 janine.regan@crsblaw.com Janine has extensive experience

More information

Roadmap. What is Big Data? Big Data for Educational Institutions 5/30/2014. A Framework for Addressing Privacy Compliance and Legal Considerations

Roadmap. What is Big Data? Big Data for Educational Institutions 5/30/2014. A Framework for Addressing Privacy Compliance and Legal Considerations Big Data for Educational Institutions A Framework for Addressing Privacy Compliance and Legal Considerations Roadmap Introduction What is Big Data? How are educational institutions using Big Data? What

More information

Trusted Personal Data Management A User-Centric Approach

Trusted Personal Data Management A User-Centric Approach GRUPPO TELECOM ITALIA Future Cloud Seminar Oulu, August 13th 2014 A User-Centric Approach SKIL Lab, Trento - Italy Why are we talking about #privacy and #personaldata today? 3 Our data footprint Every

More information

Dealing with data breaches in Europe and beyond

Dealing with data breaches in Europe and beyond Dealing with data breaches in Europe and beyond Karin Retzer and Joanna Łopatowska Morrison & Foerster LLP www.practicallaw.com/6-505-9638 The use of increasingly advanced technology means that the ways

More information

Helping to protect your business and your customers in the event of a data breach

Helping to protect your business and your customers in the event of a data breach Helping to protect your business and your customers in the event of a data breach Equifax Data Breach Assistance helps you respond more quickly and effectively, limiting the reputational damage to your

More information

The potential legal consequences of a personal data breach

The potential legal consequences of a personal data breach The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.

More information

Observations on international efforts to develop frameworks to enhance privacy while realising big data s benefits

Observations on international efforts to develop frameworks to enhance privacy while realising big data s benefits Big Data, Key Challenges: Privacy Protection & Cooperation Observations on international efforts to develop frameworks to enhance privacy while realising big data s benefits Seminar arranged by the Office

More information

Thinking small about big data: Privacy considerations for the public sector Shaun Brown Partner, nnovation LLP

Thinking small about big data: Privacy considerations for the public sector Shaun Brown Partner, nnovation LLP Thinking small about big data: Privacy considerations for the public sector Shaun Brown Partner, nnovation LLP March 30, 2016 Thinking small about big data: objectives Consider big data as a concept Focus

More information

Comments of the EDPS in response to the public consultation on

Comments of the EDPS in response to the public consultation on Comments of the EDPS in response to the public consultation on the planned guidelines on recommended standard licences, datasets and charging for the reuse of public sector information initiated by the

More information

Privacy Challenges in the Internet of Things (IoT) a European Perspective

Privacy Challenges in the Internet of Things (IoT) a European Perspective Privacy Challenges in the Internet of Things (IoT) a European Perspective Alicja Gniewek, PhD Student Interdisciplinary Centre for Security, Reliability and Trust Weicker Building, Université du Luxembourg

More information

Guidance for Data Users on the Collection and Use of Personal Data through the Internet 1

Guidance for Data Users on the Collection and Use of Personal Data through the Internet 1 Guidance for Data Users on the Collection and Use of Personal Data through the Internet Introduction Operating online businesses or services, whether by commercial enterprises, non-government organisations

More information

Ethical issues in accessing and using big data

Ethical issues in accessing and using big data Ethical issues in accessing and using big data Libby Bishop Research Data Management Team UK Data Service University of Essex Big Data and Analytics Summer School BD014 Secure Access Protocols for Big

More information

RESPONSE TO THE INFORMATION COMMISSIONER S OFFICE BIG DATA AND DATA PROTECTION PAPER 1. BACKGROUND

RESPONSE TO THE INFORMATION COMMISSIONER S OFFICE BIG DATA AND DATA PROTECTION PAPER 1. BACKGROUND HUNTON & WILLIAMS 30 ST MARY AXE LONDON, EC3A 8EP TEL +44 (0)20 7220 5700 FAX +44 (0)20 7220 5772 BOJANA BELLAMY DIRECT DIAL: +44 (0)20 7220 5703 EMAIL: BBELLAMY@HUNTON.COM RESPONSE TO THE INFORMATION

More information

Comments and proposals on the Chapter II of the General Data Protection Regulation

Comments and proposals on the Chapter II of the General Data Protection Regulation Comments and proposals on the Chapter II of the General Data Protection Regulation Ahead of the trialogue negotiations in September, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International

More information

Webinar Questions Local Government Data Security Help Improve Your Compliance, 30 July 2015

Webinar Questions Local Government Data Security Help Improve Your Compliance, 30 July 2015 Webinar Questions Local Government Data Security Help Improve Your Compliance, 30 July 2015 Here are the answers to the questions we were asked during the webinar. There are a few questions we are still

More information

Privacy, the Cloud and Data Breaches

Privacy, the Cloud and Data Breaches Privacy, the Cloud and Data Breaches Annelies Moens Head of Sales and Operations, Information Integrity Solutions Legalwise Seminars Sydney, 20 March 2013 About IIS Building trust and privacy through global

More information

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature Demystifying Cyber Insurance Jamie Monck-Mason & Andrew Hill Introduction What is cyber? Nomenclature 1 What specific risks does cyber insurance cover? First party risks - losses arising from a data breach

More information

Legal Aspects of the MonIKA-Project - Privacy meets Cybersecurity

Legal Aspects of the MonIKA-Project - Privacy meets Cybersecurity Legal Aspects of the MonIKA-Project - Privacy meets Cybersecurity Sebastian Meissner Security Incident Information Sharing Workshop Berlin, 26.07.2013 Introduction Opening question Privacy & cybersecurity:

More information

Presentation by: Dr. Nathalie Moreno Partner. Cloud Computing and Data Protection: an Update 4 October 2012

Presentation by: Dr. Nathalie Moreno Partner. Cloud Computing and Data Protection: an Update 4 October 2012 Presentation by: Dr. Nathalie Moreno Partner Cloud Computing and Data Protection: an Update 4 October 2012 Our team Speechly Bircham is an ambitious, international mid-size fullservice law firm head-quartered

More information

ACEA PRINCIPLES OF DATA PROTECTION IN RELATION TO CONNECTED VEHICLES AND SERVICES

ACEA PRINCIPLES OF DATA PROTECTION IN RELATION TO CONNECTED VEHICLES AND SERVICES ACEA PRINCIPLES OF DATA PROTECTION IN RELATION TO CONNECTED VEHICLES AND SERVICES September 2015 INTRODUCTION We, the member companies of ACEA, are committed to providing our customers with a high level

More information

E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY

E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY Oana Dolea 7 th Annual Leg@l.IT Conference March 26th, 2013 Montreal, Canada INTRODUCTION Mobile e-commerce vs. E-commerce Mobile e-commerce:

More information

Privacy Committee. Privacy and Open Data Guideline. Guideline. Of South Australia. Version 1

Privacy Committee. Privacy and Open Data Guideline. Guideline. Of South Australia. Version 1 Privacy Committee Of South Australia Privacy and Open Data Guideline Guideline Version 1 Executive Officer Privacy Committee of South Australia c/o State Records of South Australia GPO Box 2343 ADELAIDE

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

Data Management Session: Privacy, the Cloud and Data Breaches

Data Management Session: Privacy, the Cloud and Data Breaches Data Management Session: Privacy, the Cloud and Data Breaches Annelies Moens Head of Sales and Operations, IIS President, iappanz IACCM APAC Australia Sydney, 1 August 2012 Overview Changing privacy regulation

More information

Last updated: 30 May 2016. Credit Suisse Privacy Policy

Last updated: 30 May 2016. Credit Suisse Privacy Policy Last updated: 30 May 2016 Credit Suisse Please read this privacy policy (the ) as it describes how we intend to collect, use, store, share, and safeguard your information. By accessing, visiting or using

More information

Privacy Update for Australian Government Agencies. What we've seen in the first 12 months of the new APPs and what's next!

Privacy Update for Australian Government Agencies. What we've seen in the first 12 months of the new APPs and what's next! Privacy Update for Australian Government Agencies What we've seen in the first 12 months of the new APPs and what's next! Presented by Sharon Rowe and Alec Christie Canberra, 31 March 2015 What we are

More information

When things go wrong: information governance breaches and the role of the ICO. David Evans, Senior Policy Officer

When things go wrong: information governance breaches and the role of the ICO. David Evans, Senior Policy Officer When things go wrong: information governance breaches and the role of the ICO David Evans, Senior Policy Officer Where it did go wrong NHS Surrey 200,000 MPN June 2013 The events leading up to the MPN

More information

Online Ads: A new challenge for privacy? Jörg Polakiewicz*

Online Ads: A new challenge for privacy? Jörg Polakiewicz* 31st International Conference of Data Protection and Privacy Commissioners, Madrid Thursday 5 November 2009, 15.00-16.30 Parallel Session A Smile! There s a camera behind the ad or Send it to a friend

More information

ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION ISSUED 24 SEPTEMBER 2013

ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION ISSUED 24 SEPTEMBER 2013 ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION ISSUED 24 SEPTEMBER 2013 REVISED 16 MAY 2014 PART I: INTRODUCTION AND OVERVIEW...

More information

Privacy and Electronic Communications Regulations

Privacy and Electronic Communications Regulations ICO lo Notification of PECR security breaches Privacy and Electronic Communications Regulations Contents Introduction... 2 Overview... 2 Relevant security breaches... 3 What is a service provider?... 3

More information

Please read this Policy carefully. Your continued use of our sites means that you understand and consent to the terms of this Policy.

Please read this Policy carefully. Your continued use of our sites means that you understand and consent to the terms of this Policy. EFFECTIVE: February 2016 Version 1.2 CHECK 'N GO PRIVACY POLICY This Privacy Policy ("Policy") applies to the use of Check 'n Go (the "Company") online sites and any Company affiliate or subsidiary sites.

More information

Degrees of De-identification of Clinical Research Data

Degrees of De-identification of Clinical Research Data Vol. 7, No. 11, November 2011 Can You Handle the Truth? Degrees of De-identification of Clinical Research Data By Jeanne M. Mattern Two sets of U.S. government regulations govern the protection of personal

More information

Plus500UK Limited. Statement on Privacy and Cookie Policy

Plus500UK Limited. Statement on Privacy and Cookie Policy Plus500UK Limited Statement on Privacy and Cookie Policy Statement on Privacy and Cookie Policy This website is operated by Plus500UK Limited ("we, us or our"). It is our policy to respect the confidentiality

More information

The Promise of Industrial Big Data

The Promise of Industrial Big Data The Promise of Industrial Big Data Big Data Real Time Analytics Katherine Butler 1 st Annual Digital Economy Congress San Diego, CA Nov 14 th 15 th, 2013 Individual vs. Ecosystem What Happened When 1B

More information

INFORMATION SECURITY MANAGEMENT POLICY

INFORMATION SECURITY MANAGEMENT POLICY INFORMATION SECURITY MANAGEMENT POLICY Security Classification Level 4 - PUBLIC Version 1.3 Status APPROVED Approval SMT: 27 th April 2010 ISC: 28 th April 2010 Senate: 9 th June 2010 Council: 23 rd June

More information

privacy and credit reporting policy.

privacy and credit reporting policy. privacy and credit reporting policy. ME, we, us or our refers to Members Equity Bank Ltd and its subsidiary ME Portfolio Management Ltd. about ME Every Australian deserves to get the most out of their

More information

Legal compliance for developers. Training materials (prepared by Tilburg University)

Legal compliance for developers. Training materials (prepared by Tilburg University) Legal compliance for developers using FI-STAR ehealth platform Training materials (prepared by Tilburg University) Target audience: Target audience and objectives developers & other potential users of

More information

Data Protection Act. Conducting privacy impact assessments code of practice

Data Protection Act. Conducting privacy impact assessments code of practice Data Protection Act Conducting privacy impact assessments code of practice 1 Conducting privacy impact assessments code of practice Data Protection Act Contents Information Commissioner s foreword... 3

More information

FRANCE. Chapter XX OVERVIEW

FRANCE. Chapter XX OVERVIEW Chapter XX FRANCE Merav Griguer 1 I OVERVIEW France has an omnibus privacy, data protection and cybersecurity framework law. As a member of the European Union, France has implemented the EU Data Protection

More information

Privacy Impact Assessment: care.data

Privacy Impact Assessment: care.data High quality care for all, now and for future generations Document Control Document Purpose Document Name Information Version 1.0 Publication Date 15/01/2014 Description Associated Documents Issued by

More information

Binding Corporate Rules ( BCR ) Summary of Third Party Rights

Binding Corporate Rules ( BCR ) Summary of Third Party Rights Binding Corporate Rules ( BCR ) Summary of Third Party Rights This document contains in its Sections 3 9 all provision of the Binding Corporate Rules (BCR) for Siemens Group Companies and Other Adopting

More information

OUTSOURCING, HOSTING AND DATA PRIVACY ISSUES

OUTSOURCING, HOSTING AND DATA PRIVACY ISSUES OUTSOURCING, HOSTING AND DATA PRIVACY ISSUES 4 April 2013 James Castro-Edwards Solicitor Monica Salgado Advogada / Portuguese Lawyer OUR TEAM Speechly Bircham is an ambitious, full-service law firm with

More information

Smart Grid and Privacy An International View

Smart Grid and Privacy An International View Smart Grid and Privacy An International View 27 November 2013 By: Nader Farah President ESTA International One US Consumer s Reaction in Texas! 2 Source: SmartGridNews.com July 20, 2012 ESTA International

More information

St. Peter s C.E. Primary School Farnworth Email, Internet Security and Facsimile Policy

St. Peter s C.E. Primary School Farnworth Email, Internet Security and Facsimile Policy Learn, sparkle & shine St. Peter s C.E. Primary School Farnworth Email, Internet Security and Facsimile Policy Adopted from the LA Policy April 2015 CONTENTS Page No 1. Introduction 1 2. Guiding Principles

More information

Surveying with CustomerGauge - Legal Considerations:

Surveying with CustomerGauge - Legal Considerations: Resource Sheet Surveying with CustomerGauge - Legal Considerations: Adam Dorrell Please Note this is not a legal document, and should be used for guidance only. You are advised to seek legal advice before

More information

AlixPartners, LLP. General Data Protection Statement

AlixPartners, LLP. General Data Protection Statement AlixPartners, LLP General Data Protection Statement GENERAL DATA PROTECTION STATEMENT 1. INTRODUCTION 1.1 AlixPartners, LLP ( AlixPartners ) is committed to fulfilling its obligations under the data protection

More information

Big Data + Smart City = Weak Privacy + Weak Security?

Big Data + Smart City = Weak Privacy + Weak Security? Big Data + Smart City = Weak Privacy + Weak Security? Professor John Bacon-Shone Director, Social Sciences Research Centre The University of Hong Kong Benefits and Risks Is it an inevitable consequence

More information

Managing your data processors: legal requirements and practical solutions

Managing your data processors: legal requirements and practical solutions Managing your data processors: legal requirements and practical solutions Peggy Eisenhauer Privacy & Information Management Services This article has been published in the August 2007 issue of BNAI s World

More information

Research Data Management Plan (RDMP template)

Research Data Management Plan (RDMP template) DRAFT Research Data Management Plan (RDMP template) The Data Management Plan can be used in a number of ways to assist with data management planning. These include: To identify a series of issues and underlying

More information

YOUR PRIVACY IS IMPORTANT TO SANDERSONS ARCHIVING SOLUTIONS LIMITED

YOUR PRIVACY IS IMPORTANT TO SANDERSONS ARCHIVING SOLUTIONS LIMITED YOUR PRIVACY IS IMPORTANT TO SANDERSONS ARCHIVING SOLUTIONS LIMITED SANDERSONS ARCHIVING SOLUTIONS LIMITED WEB SITE PRIVACY POLICY Policy last updated: 22 nd December 2014 This Policy is adopted by Sandersons

More information

Captain Compare Privacy Policy

Captain Compare Privacy Policy Captain Compare Privacy Policy This Privacy Policy contains important information about the type of personal information we collect from you on the Captain Compare website (www.captaincompare.com.au) (Website),

More information

Privacy & data protection in big data: Fact or Fiction?

Privacy & data protection in big data: Fact or Fiction? Privacy & data protection in big data: Fact or Fiction? Athena Bourka ENISA ISACA Athens Conference 24.11.2015 European Union Agency for Network and Information Security Agenda 1 Privacy challenges in

More information

OFFICE OF CONTRACT ADMINISTRATION 60400 PURCHASING DIVISION. Appendix A HEALTHCARE INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPPA)

OFFICE OF CONTRACT ADMINISTRATION 60400 PURCHASING DIVISION. Appendix A HEALTHCARE INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPPA) Appendix A HEALTHCARE INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPPA) BUSINESS ASSOCIATE ADDENDUM This Business Associate Addendum ( Addendum ) supplements and is made a part of the contract ( Contract

More information

The Data Protection Landscape. Before and after GDPR: General Data Protection Regulation

The Data Protection Landscape. Before and after GDPR: General Data Protection Regulation The Data Protection Landscape Before and after GDPR: General Data Protection Regulation Data Protection regulations across Europe Current regulations & guidance European Directives 95/46/EC (Data Protection)

More information

Data Protection Act 1998. Bring your own device (BYOD)

Data Protection Act 1998. Bring your own device (BYOD) Data Protection Act 1998 Bring your own device (BYOD) Contents Introduction... 3 Overview... 3 What the DPA says... 3 What is BYOD?... 4 What are the risks?... 4 What are the benefits?... 5 What to consider?...

More information

Data Protection in Ireland

Data Protection in Ireland Data Protection in Ireland 0 Contents Data Protection in Ireland Introduction Page 2 Appointment of a Data Processor Page 2 Security Measures (onus on a data controller) Page 3 8 Principles Page 3 Fair

More information

Medical Technologies and Data Protection Issues - QUESTIONNAIRE

Medical Technologies and Data Protection Issues - QUESTIONNAIRE Medical Technologies and Data Protection Issues - QUESTIONNAIRE The questionnaire should ideally be completed by data protection authorities, health policy authorities, as well as healthcare providers.

More information

Declaration of Internet Rights Preamble

Declaration of Internet Rights Preamble Declaration of Internet Rights Preamble The Internet has played a decisive role in redefining public and private space, structuring relationships between people and between people and institutions. It

More information

Guidance on Personal Data Erasure and Anonymisation 1

Guidance on Personal Data Erasure and Anonymisation 1 Guidance on Personal Data Erasure and Anonymisation Introduction Data users engaged in the collection, holding, processing or use of personal data must carefully consider how to erase such personal data

More information

PUBLIC CONSULTATION ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION

PUBLIC CONSULTATION ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION PUBLIC CONSULTATION ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION PROPOSED ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS 05 FEBRUARY 2013 PART I: INTRODUCTION AND OVERVIEW...

More information

ONLINE PAYMENTS: Bridging the Gap between Fraud Prevention and Data Protection

ONLINE PAYMENTS: Bridging the Gap between Fraud Prevention and Data Protection ONLINE PAYMENTS: Bridging the Gap between Fraud Prevention and Data Protection IAPP EUROPE DATA PROTECTION CONGRESS 2014 19 November 2014 Brussels Increase of Payment Card Fraud on Internet Europe: USA:

More information

Portable Devices and Removable Media Acceptable Use Policy v1.0

Portable Devices and Removable Media Acceptable Use Policy v1.0 Portable Devices and Removable Media Acceptable Use Policy v1.0 Organisation Title Creator Oxford Brookes University Portable Devices and Removable Media Acceptable Use Policy Information Security Working

More information

Privacy policy. 1. Collecting Information We may collect Personal Data about you from a number of sources, including the following:

Privacy policy. 1. Collecting Information We may collect Personal Data about you from a number of sources, including the following: Privacy policy Protecting your personal details on our website. Last updated: 13 June 2013 Hartleys Skip Hire (registered number 01033645), whose registered office is at Draycott Cross Road Brookhouse

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY DATA PROTECTION POLICY Document Control Information Title Data Protection Policy Version V1.0 Author Diana Watt Date Approved 21 February 2013 Review Date Annually, on the anniversary

More information

European Commission initiatives on e- and mhealth

European Commission initiatives on e- and mhealth European Commission initiatives on e- and mhealth Fundamental Rights Forum, 22 June 2016 WG 24: E-health: improving rights fulfilment through innovation Claudia Prettner, Unit for Health and Well-Being,

More information

technical factsheet 176

technical factsheet 176 technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection

More information

APES GN 30 Outsourced Services

APES GN 30 Outsourced Services APES GN 30 Outsourced Services Prepared and issued by Accounting Professional & Ethical Standards Board Limited ISSUED: March 2013 Copyright 2013 Accounting Professional & Ethical Standards Board Limited

More information

PRIVACY POLICY NEXT BUSINESS ENERGY PTY LIMITED ABN 91 167 937 555

PRIVACY POLICY NEXT BUSINESS ENERGY PTY LIMITED ABN 91 167 937 555 PRIVACY POLICY NEXT BUSINESS ENERGY PTY LIMITED ABN 91 167 937 555 TABLE OF CONTENTS 1. INTRODUCTION 3 2. HOW WE COLLECT YOUR PERSONAL INFORMATION 3 3. TYPES OF INFORMATION WE COLLECT 4 4. HOW WE USE THE

More information

Tools for workplace monitoring - The all-seeing eye of the boss Legal newsletter

Tools for workplace monitoring - The all-seeing eye of the boss Legal newsletter Tools for workplace monitoring - The all-seeing eye of the boss Legal newsletter 18 June 2014 Tools for workplace monitoring - The all-seeing eye of the boss Deloitte Legal Szarvas, Erdős and Partners

More information

Mitigating and managing cyber risk: ten issues to consider

Mitigating and managing cyber risk: ten issues to consider Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed

More information

Information Management and Security Policy

Information Management and Security Policy Unclassified Policy BG-Policy-03 Contents 1.0 BG Group Policy 3 2.0 Policy rationale 3 3.0 Applicability 3 4.0 Policy implementation 4 Document and version control Version Author Issue date Revision detail

More information

A CHASE PAYMENTECH WHITEPAPER. Building customer loyalty in a multi-channel world Creating an optimised approach for e-tailers

A CHASE PAYMENTECH WHITEPAPER. Building customer loyalty in a multi-channel world Creating an optimised approach for e-tailers A CHASE PAYMENTECH WHITEPAPER Building customer loyalty in a multi-channel world Creating an optimised approach for e-tailers Table Of Contents Changing shopping habits... 3 The multi-channel journey...

More information

Privacy and Cloud Computing for Australian Government Agencies

Privacy and Cloud Computing for Australian Government Agencies Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide February 2013 Version 1.1 Introduction Despite common perceptions, cloud computing has the potential to enhance privacy

More information

Lunch & Learn: Big Data Analytics

Lunch & Learn: Big Data Analytics 239767 Lunch & Learn: Big Data Analytics 13 April 2015 Sue McLean Alex van der Wolk 2015 Morrison & Foerster (UK) LLP All Rights Reserved mofo.com Lunch & Learn 2 nd Monday of each month 45 minutes via

More information

PRIVACY AND DATA SECURITY MODULE

PRIVACY AND DATA SECURITY MODULE "This project has been funded under the fourth AAL call, AAL-2011-4. This publication [communication] reflects the views only of the author, and the Commission cannot be held responsible for any use which

More information

Data controllers and data processors: what the difference is and what the governance implications are

Data controllers and data processors: what the difference is and what the governance implications are ICO lo : what the difference is and what the governance implications are Data Protection Act Contents Introduction... 3 Overview... 3 Section 1 - What is the difference between a data controller and a

More information

Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion

Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion Page 1 sur 155 Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion Legal nature of the instrument Règlement Directive Directly applicable act in internal law 91 articles 34 articles Art.

More information

Big Data for Mutuals. Marc Dautlich 25 November 2013

Big Data for Mutuals. Marc Dautlich 25 November 2013 Big Data for Mutuals Marc Dautlich 25 November 2013 Agenda BIG DATA What is it? OPPORTUNITIES What are they? LEGAL CHALLENGES How do we overcome them? LEGAL REFORM What can we do now to minimise impact?

More information

BIG DATA AND THE INTERNET OF THINGS

BIG DATA AND THE INTERNET OF THINGS BIG DATA AND THE INTERNET OF THINGS 12 September 2013 Robert Bond Partner and Notary Public Janine Regan Solicitor Tughan Thuraisingam Paralegal Our team Speechly Bircham is an ambitious, full-service

More information

The De-identification of Personally Identifiable Information

The De-identification of Personally Identifiable Information The De-identification of Personally Identifiable Information Khaled El Emam (PhD) www.privacyanalytics.ca 855.686.4781 info@privacyanalytics.ca 251 Laurier Avenue W, Suite 200 Ottawa, ON Canada K1P 5J6

More information

Ann Cavoukian, Ph.D.

Ann Cavoukian, Ph.D. Protecting Privacy in an Era of Electronic Health Records Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario Barrie and Community Family Health Team Royal Victoria Hospital Georgian College

More information

EU Policy on RFID & Privacy

EU Policy on RFID & Privacy EU Policy on RFID & Privacy Developments 2007, Outlook 2008 Andreas Krisch http://www.edri.org/ http://www.unwatched.org/ 24C3, 30.12.2007 European Digital Rights (EDRi) Umbrella

More information

Workforce Optimization

Workforce Optimization Workforce Optimization What if your organization could improve everything about how it delivers customer service? What if you could serve customers better and more cost effectively while mining valuable

More information

FISHER & PAYKEL PRIVACY POLICY

FISHER & PAYKEL PRIVACY POLICY FISHER & PAYKEL PRIVACY POLICY 1. About this Policy Fisher & Paykel Australia Pty Limited (ABN 71 000 042 080) and its related companies ('we', 'us', 'our') understands the importance of, and is committed

More information

Somansa Data Security and Regulatory Compliance for Healthcare

Somansa Data Security and Regulatory Compliance for Healthcare Somansa White Paper Somansa Data Security and Regulatory Compliance for Healthcare How Somansa can protect ephi- electronic patient health information and meet the requirements for healthcare compliances,

More information