Wp6 public
Your SlideShare is downloading.
×
Check these out next
Recommended
More Related Content
Slideshows for you (19)
Similar to Granular or holistic approaches - Antonio Kung (20)
More from Privacy Data Protection for Engineering (11)
Recently uploaded (20)
Granular or holistic approaches - Antonio Kung
- 1. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Granular or Holistic Approach? Enforcing Privacy Rights in Complex ICT Ecosystems Antonio Kung, Trialog 25 rue du Général Foy 75008 Paris, antonio.kung@trialog.com 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 1
- 2. Smart Cities Manage Privacy in Ecosystems ❑ISO/IEC 30145-1 ❑Smart city ICT reference framework – Part 1: Smart city business process framework 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 2 Governance processes Core processes Supporting processes Enterprise & Process Legal & Regulations Integrated portfolio management Open innovation Knowledge management Integrated management City Enterprise processes Health & Social Care & Wellness Education Legal & Regulatory Systems & Services Open Innovation Transport Resources Sustainability & Environment Safety, Security & Resilience External interfaces Leadership Stakeholder engagement Integrated management Sustainability & resilience management External interface management Infrastructure & Building
- 3. Smart Cities Manage Privacy in Ecosystems ISO/IEC 27570 – Privacy guidelines for smart cities 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 3 Data Controller Data processor Comply Privacy Obligations Integrator Contract (s) Supplier PIA and PbD Purpose known Requirements Purpose unknown Apply Apply Municipality stakeholder PIA (s) Citizen Give consent Agree Request (s) Agreement (s) For data exchange
- 4. A Data Sharing Agreement Viewpoint (ISO/IEC 23751) ❑Example ❑Five organisations ❑Granular? ❑ Holistic? ❑Two ecosystems 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 4 Ecosystem A Ecosystem B Broker 3 Data collector 1 Data collector 4 Cloud operator 2 Cloud operator 5 Data sharing agreements
- 5. SoS Emerging capability SoS Input SoS output A system of system viewpoint ❑ISO/IEC/IEEE 21839, 21840, 21841 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 5 Organisation A System X capability input output Organisation B System Y capability input output Risk Risk Risk
- 6. Panelists ❑Naomi Lefkowitz – NIST ❑Massimo Attoresi – EDPS ❑Dimitri Van Landuyt – Distrinet-KU Leuven (Computer science dept.) ❑Alejandra Ruiz Lopez - Tecnalia 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 6
- 7. Question 1 on framework ❑What kind of framework is needed? ❑Can it help address data protection issues raised by ecosystems? ❑Can it help create an ecosystem practice? ▪ for instance in a data space? 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 7
- 8. Question 2 on collaboration needs ❑What kind of collaboration is needed? ❑Are there specific collaboration needs between stakeholders in the ecosystem, concerning ▪ Risk management ▪ Architecture and engineering practice ▪ Contractual agreements 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 8
- 9. Question 3 on the way forward ❑How can this work? ❑Do we need a roadmap? ❑Can we have a community? 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 9 Community Models for application privacy protection Health Social network e-Commerce Fintech IoT … Models for privacy engineering Risk management Requirement engineering Privacy-by- design Privacy assurance …
- 10. Question? antonio.kung@trialog.com www.trialog.com 25 January 2021 - CPDP 2021 https://www.pdp4e-project.eu/ Slide 10
