Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Compliance Market - Stanford - Feb 26 2018


Published on

Talk by Marcel van der Heijden, SpeedInvest & Aircloak (Silicon Valley | AT | DE), at Stanford on Feb 26 2018, in our session: 'New EU Data Privacy Rules : Lessons & Risks for Silicon Valley Corporations & Startups || GDPR'.

YouTube Channel:
Twitter: @Europreneurs

  • Be the first to comment

Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Compliance Market - Stanford - Feb 26 2018

  1. 1. Speedinvest Vienna | Silicon Valley GDPRHow Large is GDPR’s Impact on Companies and Industry? Marcel van der Heijden Partner, Speedinvest Stanford Engineering School | Feb 26 2018 1
  2. 2. About Speedinvest Started mid-2011 in Vienna, Si 1 $12M from 34 LPs Si 2 $118M from more than 100 private LPs Si x $25M marketplace fund US$ 145M Capital Raised 55 | 7 In the past 7 years, we have looked at more than 7.000 startups and made 80 investments in 13 countries. By 2017, we have already exited 8 out of 20 startups from Si1 while having only 2 write-offs. 100% Digital We invest in early-stage digital startups. We focus on FinTech, DeepTech, Digital Media & Consumer Internet. Our target region is Central and Eastern Europe with a strong US link. We are a VC with entrepreneurial focus and unique operational approach. Working side by side with founders is key to our success. Investments Exits
  3. 3. Speedinvest Vienna | Silicon Valley | Munich | | KEY SUCCESS FACTORS Page 3Speedinvest Intro 2017 SUCCESS STORIES Operational involvement • 2 Speedinvest partners are located in Silicon Valley and support our companies in their go-to-market • New Enterprise Associates (NEA), the world’s largest VC fund by volume, is invested in Speedinvest 2 • Speedinvest invests operational resources of its senior partners in return for additional equity shares • The program significantly reduces the risk and leverages the capital base of investors Bridge to the US • Speedinvest clear market leader in Central Europe, FinTech ranked #1 in Europe • Close relationships with global VCs and Tier-1 investors Dealflow and partnerships Shpock Exit with >30 multiple CoC Hitbox Global #2 in eSports, exited Holvi Exited to BBVA Wikifolio Social trading with >500M AuM Wefox (FinanceFox) #1 InsurTech deal in Europe 2016 Bitmovin $10M by Atomico.
  4. 4. Speedinvest Vienna | Silicon Valley | Munich | | Size of Compliance Market 4 Enterprise GRC market: $22B (13% YoY). GRC consulting largest service category (39% share) GDPR growth driver in Security spend PwC Survey (US Multinationals) • > 50% say GDPR is their top data-protection priority (only 7% said it isn’t a top priority) • 77% plan to spend $1 million or more on GDPR Deloitte EMEA Survey • 39% of orgs spend < €100K, while 15% spend > €5M million.
  5. 5. Speedinvest Vienna | Silicon Valley | Munich | | Deloitte EMEA Survey Only 15% expect to be fully compliant by May 2018, (most aim to create a risk- based, defensible position) Ready? Survey FTSE 350/Fortune 500 94% believe they are on track to comply with the GDPR by 25 May 2018 But < 50% have set up an internal GDPR taskforce Only 45% had done a GDPR readiness assesment Page 519/04/17
  6. 6. Speedinvest Vienna | Silicon Valley Anecdotal… Last year in the US • Privacy budget sat with CPO/Legal • Service budget, less than $100K • No privacy budget with functional owners • Priorities: Assessments, Gap Analysis, Data Mapping • Exceptions: Tech companies with global footprint (e.g. Uber, Apple, Google, …) Europe > 1 year ahead of US This year • Functional owners now own the problem • Allocated technology budgets. • Priorities: fixing the data “plumbing” (fundamentals) – little retooling • No company considers itself “ready” by May – 2/3 year budgeting outlook (this is not Y2K).
  7. 7. Speedinvest Vienna | Silicon Valley | Munich | | Anecdotal… • Top Sectors: Financial Services, Healthcare - Additional US Sectors: Large/Global Online, SaaS players • Scrambling: Startups and US co’s that picked up EU users - More flexible – can act but not sure what to do, so wait and see… - Rise of the GDPR trolls - Existential threat for Ad/MarTech? • Limited platform tech updates from tech vendors • No GDPR tech sector emerged, no specific VC focus - Privitar: 16M round, Aircloak, 1.3M round 19/04/17 Page 7
  8. 8. Introducing Aircloak Deliver a simple, safe way for all organizations, use cases and data types to unlock sensitive datasets while retaining great data value / fidelity by using a general purpose anonymization technology
  9. 9. Example Use Cases 9 Finance • Include 3rd party data in customer analytics and credit scoring • Transaction analytics w/o need for third parties Online • High quality segmentation for targeting • Deeper customer insights • Monetize insights, share with partners and customers Healthcare • Open big health databases to insurance, researchers and government • Reporting and monetisation Communications • Central marketplace for brokering data from different organizations • Making geolocation data/metadata available to partners and customers
  10. 10. Case Study: Aircloak Introduction Deck CONFIDENTIAL 10 Situation •TeamBank (2nd largest bank in Germany) collects 1st and 2nd party financial transaction data. Wants to better use data analytics to improve the quality of its service and customer targeting – in a GDPR compliant way! Complication •Internal approval process for (exploratory) data analysis was complex and slow (weeks). Once approved, the data pseudonymization by a 3rd party vendor took another 1-2 weeks. •Some analysis was impossible as much of the customer intelligence resides in free text fields à non-compliant analytics Solution •With Aircloak the full data is accessible in real-time for analysis, yet individuals’ privacy fully protected by design •TeamBank’s approval process is now instant for analysis done through Aircloak, giving stakeholders full freedom to perform customer analytics. •Exploring sharing data beyond internal stakeholders, extend to DZ Bank group Why Aircloak? “Aircloak provides instant compliance, also when business conditions change – no need for lengthy case-by-case audits. Just run any analysis you need to and let Aircloak Insights automatically take care of privacy.”
  11. 11. Case Study: Global Airline Situation: Create better travel recommendations for Airline’s customers Complication: Privacy regulations prevent using 2nd party customer data in machine learning predictive analytics Using anonymized data presents compliance/risk challenges and reduces the quality of the analytics too much Solution: Using the Aircloak API the company is able to implement its selected predictive analytics methods using anonymized query results The company can now make improved travel recommendations, increasing frequency of purchased and basket sizes. Recommendation Engine use of some customer data legal (opt- in)… …use of others not. Aircloak unlocks data
  12. 12. Aircloak Introduction Deck 12 “Aircloak [...] opens up new opportunities for using data and increasing business intelligence, while mitigating security compliance risks.” Mike Flannagan, VP & GM Data Analytics “I am impressed by the simplicity of your approach and effective cloaking of results” Mical Ficek, Telefonica Research CNIL has “not identified any obstacle in the described principles to the three criteria of the WP29 on Anonymisation Techniques” CNIL “The Aircloak interface allows accessing full data fidelity while maintaining absolute privacy of end users.” TeamBank “Aircloak aims to allow for the collection of Big Data without also collecting little data about consumer’s life” IAPP “Remove the need for people to put their trust in a data collector” Forbes