SlideShare a Scribd company logo

Compliance of the privacy regulations in an international Europe-Brazil context

ATMOSPHERE .
ATMOSPHERE .

Vasiliki Diamantopoulou, University of Piraeus - "Compliance of the privacy regulations in an international Europe-Brazil context"

Technology
1 of 10
Download to read offline
COMPLIANCE OF THE PRIVACY REGULATIONS IN AN INTERNATIONAL EUROPE-BRAZIL CONTEXT Rita Meneses, TRUST IT Regina Moraes, University of Campinas Vasiliki Diamantopoulou, University of Piraeus Ignacio Blanquer, Polytechnic University of Valencia
Challenges in the protection of personal data in cloud services environment ■ Globalisation of service providers ■ Use of provider complex APIs ■ Lack of knowledge of the backends ■ Combination of multiple providers – Services – Resources – Network – … ■ Multiple regulations 2
3
Common ground 4 ■ Establishment of the fundamental right of privacy for data subjects ■ Rules for processing of personal data (with special protection for sensitive data and minors’ data) ■ Extra-territorial application ■ Consent of data subjects (as one of the legal grounds for lawful processing) ■ Strict fines for non-compliance – EU 4% of turnover, or ~23M USD – BR 2% of turnover, or ~12.9M USD
Differences 5 ■ Retention period – EU: not specific time, or focus on specific applications, pending e-Privacy regulation – BR: ■ Telephone records and personal data: 5 years ■ Internet connection logs: 1 year
Application of the two regulations ■ Participants of international collaboration projects among EU-Brazil face both the regulations ■ The identification of the common grounds and the discrepancies is crucial for the lawful processing of personal data 6
The Atmosphere project ■ Focus on trustworthy federated clouds for critical applications (e.g., medical sector) ■ Analysis of trustworthiness attributes: – Security – Privacy – Isolation – Stability – Fairness – Transparency – Dependability 7
Atmosphere towards lawful processing in this context 1. Deployment of a federated infrastructure 2. Implementation of metric for privacy, providing a quantitative mechanism to evaluate the inherent privacy and the re-identification risk for an anonymised data set 3. Provision of measures for fairness and transparency 8 International data transfers Application of the same privacy techniques as of critical data Lawful processing and non-discrimination
Contribution of Atmosphere 1. Generation of quantitative evidence of the privacy risks – Provision of monitoring evidence of the trustworthiness of the services – Restriction of access to sensitive data to high-trustable services 2. Adoption of advanced techniques to reduce the vulnerabilities – Techniques based on the execution in encrypted memory areas through the SGX extensions – Non-trustable cloud infrastructures can be used without increasing the risk of information disclosure 3. Consideration of transparency and fairness at the same level as other properties – Provision of trustworthiness scores on complex matters (e.g. how ethical a service could be, by analysing the bias of specific critical data) – Information about how a data profiling decision is taken 9
Thank you for your attention… Contact me: vdiamant@unipi.gr 10

Recommended

Hannes astok digital_security_2012
Hannes astok digital_security_2012Hannes astok digital_security_2012
Hannes astok digital_security_2012
E-Government Center Moldova
 
Cybersecurity and Academic Research
Cybersecurity and Academic ResearchCybersecurity and Academic Research
Cybersecurity and Academic Research
Christian Schreiber, CISM, PMP
 
SocialUniversity:How Do Universities Use Social Media? An Empirical Survey of...
SocialUniversity:How Do Universities Use Social Media? An Empirical Survey of...SocialUniversity:How Do Universities Use Social Media? An Empirical Survey of...
SocialUniversity:How Do Universities Use Social Media? An Empirical Survey of...
Danube University Krems, Centre for E-Governance
 
International Journal of Advanced Smart Sensor Network Systems ( IJASSN )
International Journal of Advanced Smart Sensor Network Systems ( IJASSN ) International Journal of Advanced Smart Sensor Network Systems ( IJASSN )
International Journal of Advanced Smart Sensor Network Systems ( IJASSN )
ijassn
 
A Procedure and a Tool for Auditing the Implementation of Wireless Hotspot Pr...
A Procedure and a Tool for Auditing the Implementation of Wireless Hotspot Pr...A Procedure and a Tool for Auditing the Implementation of Wireless Hotspot Pr...
A Procedure and a Tool for Auditing the Implementation of Wireless Hotspot Pr...
Haris Stellakis
 
Ijisa
IjisaIjisa
Ijisa
MiajackB
 
Cloud security and compliance ppt
Cloud security and compliance pptCloud security and compliance ppt
Cloud security and compliance ppt
Krupa Rajani
 
International Journal of Wireless & Mobile Networks (IJWMN)
International Journal of Wireless & Mobile Networks (IJWMN)International Journal of Wireless & Mobile Networks (IJWMN)
International Journal of Wireless & Mobile Networks (IJWMN)
ijwmn
 

Recommended

Hannes astok digital_security_2012
Hannes astok digital_security_2012Hannes astok digital_security_2012
Hannes astok digital_security_2012
E-Government Center Moldova
 
Cybersecurity and Academic Research
Cybersecurity and Academic ResearchCybersecurity and Academic Research
Cybersecurity and Academic Research
Christian Schreiber, CISM, PMP
 
SocialUniversity:How Do Universities Use Social Media? An Empirical Survey of...
SocialUniversity:How Do Universities Use Social Media? An Empirical Survey of...SocialUniversity:How Do Universities Use Social Media? An Empirical Survey of...
SocialUniversity:How Do Universities Use Social Media? An Empirical Survey of...
Danube University Krems, Centre for E-Governance
 
International Journal of Advanced Smart Sensor Network Systems ( IJASSN )
International Journal of Advanced Smart Sensor Network Systems ( IJASSN ) International Journal of Advanced Smart Sensor Network Systems ( IJASSN )
International Journal of Advanced Smart Sensor Network Systems ( IJASSN )
ijassn
 
A Procedure and a Tool for Auditing the Implementation of Wireless Hotspot Pr...
A Procedure and a Tool for Auditing the Implementation of Wireless Hotspot Pr...A Procedure and a Tool for Auditing the Implementation of Wireless Hotspot Pr...
A Procedure and a Tool for Auditing the Implementation of Wireless Hotspot Pr...
Haris Stellakis
 
Ijisa
IjisaIjisa
Ijisa
MiajackB
 
Cloud security and compliance ppt
Cloud security and compliance pptCloud security and compliance ppt
Cloud security and compliance ppt
Krupa Rajani
 
International Journal of Wireless & Mobile Networks (IJWMN)
International Journal of Wireless & Mobile Networks (IJWMN)International Journal of Wireless & Mobile Networks (IJWMN)
International Journal of Wireless & Mobile Networks (IJWMN)
ijwmn
 
Janet in a changing world
Janet in a changing world Janet in a changing world
Janet in a changing world
Jisc
 
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Leonardo ENERGY
 
Witdom overview 2016
Witdom overview 2016Witdom overview 2016
Witdom overview 2016
Elsa Prieto
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Ulf Mattsson
 
GDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpGDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can Help
Jason Lackey
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
rajab ssemwogerere
 
GUL Network Infrastructure
GUL Network InfrastructureGUL Network Infrastructure
GUL Network Infrastructure
Muhammad Zeeshan
 
H2020 project WITDOM overview
H2020 project WITDOM overviewH2020 project WITDOM overview
H2020 project WITDOM overview
Elsa Prieto
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine Learning
Ulf Mattsson
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Leonardo ENERGY
 
2015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 050520152015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 05052015
Jan Dhont
 
General Data Protection Regulation and Compliance - GDPR: Sharique M Rizvi
General Data Protection Regulation and Compliance - GDPR: Sharique M RizviGeneral Data Protection Regulation and Compliance - GDPR: Sharique M Rizvi
General Data Protection Regulation and Compliance - GDPR: Sharique M Rizvi
Sharique Rizvi
 
Cloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challengesCloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challenges
Vaibhav Khanna
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...
Miguel A. Amutio
 
etfa2014-CR.pdf
etfa2014-CR.pdfetfa2014-CR.pdf
etfa2014-CR.pdf
John Paul
 
Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1
Maganathin Veeraragaloo
 
Security Model
Security ModelSecurity Model
Security Model
Sou Jana
 
IRJET- A Study of Privacy Preserving Data Mining and Techniques
IRJET- A Study of Privacy Preserving Data Mining and TechniquesIRJET- A Study of Privacy Preserving Data Mining and Techniques
IRJET- A Study of Privacy Preserving Data Mining and Techniques
IRJET Journal
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...
Ulf Mattsson
 
EUBraBIGSEA Project
EUBraBIGSEA Project EUBraBIGSEA Project
EUBraBIGSEA Project
EUBrasilCloudFORUM .
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
ATMOSPHERE .
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
ATMOSPHERE .
 

More Related Content

Similar to Compliance of the privacy regulations in an international Europe-Brazil context

GUL Network Infrastructure
GUL Network InfrastructureGUL Network Infrastructure
GUL Network Infrastructure
Muhammad Zeeshan
 
H2020 project WITDOM overview
H2020 project WITDOM overviewH2020 project WITDOM overview
H2020 project WITDOM overview
Elsa Prieto
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine Learning
Ulf Mattsson
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Leonardo ENERGY
 
2015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 050520152015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 05052015
Jan Dhont
 

Similar to Compliance of the privacy regulations in an international Europe-Brazil context (20)

Janet in a changing world
Janet in a changing world Janet in a changing world
Janet in a changing world
 
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
 
Witdom overview 2016
Witdom overview 2016Witdom overview 2016
Witdom overview 2016
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
 
GDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpGDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can Help
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
 
GUL Network Infrastructure
GUL Network InfrastructureGUL Network Infrastructure
GUL Network Infrastructure
 
H2020 project WITDOM overview
H2020 project WITDOM overviewH2020 project WITDOM overview
H2020 project WITDOM overview
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine Learning
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
 
2015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 050520152015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 05052015
 
General Data Protection Regulation and Compliance - GDPR: Sharique M Rizvi
General Data Protection Regulation and Compliance - GDPR: Sharique M RizviGeneral Data Protection Regulation and Compliance - GDPR: Sharique M Rizvi
General Data Protection Regulation and Compliance - GDPR: Sharique M Rizvi
 
Cloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challengesCloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challenges
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...
 
etfa2014-CR.pdf
etfa2014-CR.pdfetfa2014-CR.pdf
etfa2014-CR.pdf
 
Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1
 
Security Model
Security ModelSecurity Model
Security Model
 
IRJET- A Study of Privacy Preserving Data Mining and Techniques
IRJET- A Study of Privacy Preserving Data Mining and TechniquesIRJET- A Study of Privacy Preserving Data Mining and Techniques
IRJET- A Study of Privacy Preserving Data Mining and Techniques
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...
 
EUBraBIGSEA Project
EUBraBIGSEA Project EUBraBIGSEA Project
EUBraBIGSEA Project
 

More from ATMOSPHERE .

More from ATMOSPHERE . (20)

Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
 
On the development of a Visual-Temporal-awareness Rheumatic Heart Disease cla...
On the development of a Visual-Temporal-awareness Rheumatic Heart Disease cla...On the development of a Visual-Temporal-awareness Rheumatic Heart Disease cla...
On the development of a Visual-Temporal-awareness Rheumatic Heart Disease cla...
 
Control Plane Data Characterisation for an 5G NFV Environment
Control Plane Data Characterisation for an 5G NFV EnvironmentControl Plane Data Characterisation for an 5G NFV Environment
Control Plane Data Characterisation for an 5G NFV Environment
 
Designing an Open IoT Ecosystem
Designing an Open IoT EcosystemDesigning an Open IoT Ecosystem
Designing an Open IoT Ecosystem
 
Cloud Robotics: Cognitive Augmentation for Robots via the Cloud
Cloud Robotics: Cognitive Augmentation for Robots via the CloudCloud Robotics: Cognitive Augmentation for Robots via the Cloud
Cloud Robotics: Cognitive Augmentation for Robots via the Cloud
 
Artificial Neural Networks for Resource Allocation in 5G Remote Areas
Artificial Neural Networks for Resource Allocation in 5G Remote AreasArtificial Neural Networks for Resource Allocation in 5G Remote Areas
Artificial Neural Networks for Resource Allocation in 5G Remote Areas
 
Using Computational Back-ends for Artificial Intelligence in Childhood Cancer...
Using Computational Back-ends for Artificial Intelligence in Childhood Cancer...Using Computational Back-ends for Artificial Intelligence in Childhood Cancer...
Using Computational Back-ends for Artificial Intelligence in Childhood Cancer...
 
Optimization Models for on-demand GPUs in the Cloud
Optimization Models for on-demand GPUs in the CloudOptimization Models for on-demand GPUs in the Cloud
Optimization Models for on-demand GPUs in the Cloud
 
SBC Thematic Groups Organisation
SBC Thematic Groups OrganisationSBC Thematic Groups Organisation
SBC Thematic Groups Organisation
 
Cloud Computing Interest Group
Cloud Computing Interest GroupCloud Computing Interest Group
Cloud Computing Interest Group
 
5G-Range - 5G networks for remote areas
5G-Range - 5G networks for remote areas5G-Range - 5G networks for remote areas
5G-Range - 5G networks for remote areas
 
NECOS Project: Lightweight Slicing of CloudFederated Infrastructures
NECOS Project: Lightweight Slicing of CloudFederated InfrastructuresNECOS Project: Lightweight Slicing of CloudFederated Infrastructures
NECOS Project: Lightweight Slicing of CloudFederated Infrastructures
 
SWAMP: Smart Water Management Platform
SWAMP: Smart Water Management PlatformSWAMP: Smart Water Management Platform
SWAMP: Smart Water Management Platform
 
OCARIoT - Smart Childhood Obesity Caring Solution using IoT Potential
OCARIoT - Smart Childhood Obesity Caring Solution using IoT PotentialOCARIoT - Smart Childhood Obesity Caring Solution using IoT Potential
OCARIoT - Smart Childhood Obesity Caring Solution using IoT Potential
 
ATMOSPHERE - Adaptive, Trustworthy, Manageable, Orchestrated, Secure Privacy-...
ATMOSPHERE - Adaptive, Trustworthy, Manageable, Orchestrated, Secure Privacy-...ATMOSPHERE - Adaptive, Trustworthy, Manageable, Orchestrated, Secure Privacy-...
ATMOSPHERE - Adaptive, Trustworthy, Manageable, Orchestrated, Secure Privacy-...
 
Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunities Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunities
 
Integration of the Trustworthiness Assessment with Industry Systems
Integration of the Trustworthiness Assessment with Industry SystemsIntegration of the Trustworthiness Assessment with Industry Systems
Integration of the Trustworthiness Assessment with Industry Systems
 
Trustworthy cloud services for Medical Imaging Biomarkers
Trustworthy cloud services for Medical Imaging BiomarkersTrustworthy cloud services for Medical Imaging Biomarkers
Trustworthy cloud services for Medical Imaging Biomarkers
 
ATMOSPHERE: An architecture for trustworthy cloud services
ATMOSPHERE: An architecture for trustworthy cloud servicesATMOSPHERE: An architecture for trustworthy cloud services
ATMOSPHERE: An architecture for trustworthy cloud services
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 

Recently uploaded (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Compliance of the privacy regulations in an international Europe-Brazil context

  • 1. COMPLIANCE OF THE PRIVACY REGULATIONS IN AN INTERNATIONAL EUROPE-BRAZIL CONTEXT Rita Meneses, TRUST IT Regina Moraes, University of Campinas Vasiliki Diamantopoulou, University of Piraeus Ignacio Blanquer, Polytechnic University of Valencia
  • 2. Challenges in the protection of personal data in cloud services environment ■ Globalisation of service providers ■ Use of provider complex APIs ■ Lack of knowledge of the backends ■ Combination of multiple providers – Services – Resources – Network – … ■ Multiple regulations 2
  • 3. 3
  • 4. Common ground 4 ■ Establishment of the fundamental right of privacy for data subjects ■ Rules for processing of personal data (with special protection for sensitive data and minors’ data) ■ Extra-territorial application ■ Consent of data subjects (as one of the legal grounds for lawful processing) ■ Strict fines for non-compliance – EU 4% of turnover, or ~23M USD – BR 2% of turnover, or ~12.9M USD
  • 5. Differences 5 ■ Retention period – EU: not specific time, or focus on specific applications, pending e-Privacy regulation – BR: ■ Telephone records and personal data: 5 years ■ Internet connection logs: 1 year
  • 6. Application of the two regulations ■ Participants of international collaboration projects among EU-Brazil face both the regulations ■ The identification of the common grounds and the discrepancies is crucial for the lawful processing of personal data 6
  • 7. The Atmosphere project ■ Focus on trustworthy federated clouds for critical applications (e.g., medical sector) ■ Analysis of trustworthiness attributes: – Security – Privacy – Isolation – Stability – Fairness – Transparency – Dependability 7
  • 8. Atmosphere towards lawful processing in this context 1. Deployment of a federated infrastructure 2. Implementation of metric for privacy, providing a quantitative mechanism to evaluate the inherent privacy and the re-identification risk for an anonymised data set 3. Provision of measures for fairness and transparency 8 International data transfers Application of the same privacy techniques as of critical data Lawful processing and non-discrimination
  • 9. Contribution of Atmosphere 1. Generation of quantitative evidence of the privacy risks – Provision of monitoring evidence of the trustworthiness of the services – Restriction of access to sensitive data to high-trustable services 2. Adoption of advanced techniques to reduce the vulnerabilities – Techniques based on the execution in encrypted memory areas through the SGX extensions – Non-trustable cloud infrastructures can be used without increasing the risk of information disclosure 3. Consideration of transparency and fairness at the same level as other properties – Provision of trustworthiness scores on complex matters (e.g. how ethical a service could be, by analysing the bias of specific critical data) – Information about how a data profiling decision is taken 9
  • 10. Thank you for your attention… Contact me: vdiamant@unipi.gr 10