SlideShare a Scribd company logo

Open Source, Python based Privacy Engineering Tools

Cillian Kieran
Cillian Kieran

Presentation for #PyConUS2022 about Fides, the open-source, Python based privacy engineering platform. This presentation covers: 1. An overview of #privacyascode - The challenges of data privacy for engineering teams - How privacy-as-code can solve this 2. Getting started with Fides privacy engineering platform - Summary of Fides - Configuration and getting started - The Fides privacy taxonomy - Core Fides resources and concepts 3. Automating policy checks in your CI pipeline - Describing a systems privacy behavior - Declaring a dataset in Fides - Checking policies as part of your CI pipeline 4. Automated data subject rights (DSR) in your production runtime - Processing a data subject request (DSR) - Modifying a dataset and reflecting this in the runtime data model - Executing a new request in production against the updated model

Engineering
1 of 45
Download to read offline
@cillian
@cillian Today # What is Privacy-as-code # Overview of Fides # Use case 1: checking policies in CI # Use case 2: automating data rights requests
@cillian Privacy is a fundamental Human Right.
@cillian Privacy is really complicated.
@cillian Privacy today is considered after software is shipped, leading to pain for developers and lawyers. Privacy Software Development
@cillian Privacy today is considered after software is shipped, leading to pain for developers and lawyers. Privacy Software Development from Data Discovery Data Mapping Privacy Review Consent & Rights
@cillian New laws like GDPR, CCPA, and PIPL require privacy to be at the core of every system: “Privacy by Design”
@cillian These laws create tremendous complexity for engineers. Data Discovery Data Mapping DPIA Privacy Review DSR Consent Data Categories Data Purposes
@cillian Tools to add privacy to software development #privacyascode
@cillian Front End Back End Database Version Control Infrastructure as code Privacy-as-code Privacy-as-code are tools that make it effortless for developers to implement Privacy by Design
@cillian Open-source developer tools for Privacy By Design in any tech stack. A set of tools built in Python to help engineers and data teams ship privacy-compliant systems effortlessly. License License Apache 2 Apache 2 License License CC BY 4.0 CC BY 4.0
@cillian DEPLOYMENT CODE MANAGEMENT (SDLC) PRIVACY IN SDLC Privacy as Code, Risk Analysis & Reporting PRIVACY OPERATIONS User Data Rights, Consent Enforcement & Reporting With Fides, developers have tools to shift privacy left and solve complex privacy challenges at their source. RUNTIME (DATA QUERIED) How can we prevent privacy risk when our product is being built? “ How can we dynamically define 
 and enforce user privacy rights? LEGAL TEAM “
@cillian fidesctl Mgmt tool to validate fideslang and evaluate policy in CI pipeline. fidesops fideslang Description language and taxonomy to describe privacy as code. Data orchestration tool to automate privacy rights requests.
@cillian lang A description language that supports GDPR, CCPA, LGPD and ISO 19944. In other words: easily describe personal data in all systems. Explorer fid.es/taxonomy
@cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Categories 
 “What” type of data am I processing user.provided.identifiable.contact
@cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Subjects 
 “Who” is the owner of the data - user - customer - patient
@cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Uses 
 “How” is the data being used personalize.system
@cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Qualifier 
 How re-identifiable a person is aggregated.anonymized
@cillian fid.es/taxonomy
@cillian # Light-weight declarative language # Dot notation (mostly) # YAML in your projects (inline declarations coming soon) Fides Declarations # System operations data # User provided email address system.operations user.provided.identifiable.contact.email
@cillian Fides Primitives Organizations 
 1. Represents all or any part of an organization. 2. Establishes the root of the resource hierarchy. 3. Organizations are unique, i.e. you cannot reference other organization scopes. # Organizations # Systems # Datasets # Policies
@cillian # Organizations # Systems # Datasets # Policies Fides Primitives Systems 
 1. Represents the privacy properties of a single project, services, codebase or application. 2. Describes the categories of data being processed and use of the data in the system.
@cillian # Organizations # Systems # Datasets # Policies Fides Primitives Datasets 
 1. Represent any location data is stored; databases, data warehouses or other stores. 2. You can declare individual fields of data and describe the types of data they are storing.
@cillian # Organizations # Systems # Datasets # Policies Fides Primitives Policies 
 1. Represents a set of rules that a system must adhere to — your privacy policy as code. 2. Fidesctl evaluates these policies against system/dataset declarations for compliance.
@cillian # What type of data your application processes (data_category) # How your system uses that data (data_use) # What policies you want your system to adhere to # And more! Using Fides, you can describe…
@cillian # Developer tools # Pushing Privacy Left # Compliance checks in CI/CD pipelines # Runtime Application # Manage and automate Data Subject Requests to comply with GDPR et al.
@cillian @cillian Use Case 1 Policy Enforcement in Development
@cillian @cillian Fidesctl Database Fidesctl Webserver CI Pipelines Local CLI Components
@cillian @cillian Config docs fid.es/config Getting Started: Configuration Github repo fid.es/ctl [cli] server_url = “http://fidesctl:8080" [api] database_url = “postgresql+psycopg2://postgres:fidesctl@fidesctl-db:5423/fidesctl" 
 test_database_url = “postgresql+psycopg2://postgres:fidesctl@fidesctl-db:5423/fidesctl_test" log_destination = “” log_level = “INFO” log_serialization = “”
@cillian @cillian Getting Started: Commands # fidesctl -h fid.es/commands annotate Annotate fidesctl resource types. apply Validate local manifest files and persist any changes via the API server. db Database utility commands. delete Delete a resource on the server. evaluate Compare your System's Privacy Declarations with your Organization's Policies. export Export fidesctl resource types generate Generate fidesctl resource types get View a resource from the server as a JSON object. init Initializes a Fidesctl instance, creating the default directory. scan Scan external resource coverage against fidesctl resources
@cillian CNIL Docs bit.ly/cnil-pia
@cillian Privacy Dev Tools: Check Policy in CI # What type of data we’re processing and storing # What we’re doing with that data in our system # Check it against the policies set by our organization # Maintain an audit trail of evaluations
@cillian @cillian Use Case 2 Programmatic Data Rights Requests
Data Subject Access Requests look like this…
PROCESSING INFR/DEV OPS DATA PRIVACY 3rd PARTY APPLICATIONS DATA SOURCES COMPLIANCE CHECK PRIVACY, ENG, DATA JIRA/TICKETING WORKFLOW FRONTLINE CUSTOMER SERVICE SUPPORT TEAMS LETTERS, EMAILS, TICKETING & SUPPORT SYSTEMS TICKET/SUPPORT USER SUBJECT
@cillian Privacy Dev Tools: Automation Data Request # Construct a request policy # Retrieve data and collate data across systems # Make a development change that affects the data model # Re-run the request to see dev change reflected in model
@cillian Privacy Dev Tools: Summary # Described our system’s personal data characteristics # Run evaluations in CI to know we’re complying with policies # Automated retrieval of user data across systems # Automatically update requests against dev changes
@cillian @cillian Helpers: Simplifying Privacy Many helpers for simplifying privacy on the way… # ML classifier to automate dataset labeling/annotation # UI for better visual management of the data map and taxonomy # Roadmap tackles each major privacy engineering problem
@cillian Conclusion Privacy Engineering Platform
@cillian We’ve covered # What is Privacy-as-code # Overview of Fides # Use case 1: checking policies in CI # Use case 2: automating data rights requests
@cillian Fides is a free, open-source Python project on Github Up and running in 15 mins with the quick-start engineering guide Great documentation and Fides slack community to support you Easy to get your team using Fides
@cillian Open-source developer tools for privacy. Thank you. Comments, Issues, PRs welcome! License License Apache 2 Apache 2 License License CC BY 4.0 CC BY 4.0 fid.es/join fid.es/pycon2022
@cillian Appendix
@cillian
@cillian

Recommended

Embedding Privacy by Design Into Data Infrastructure
Embedding Privacy by Design Into Data InfrastructureEmbedding Privacy by Design Into Data Infrastructure
Embedding Privacy by Design Into Data InfrastructureCillian Kieran
 
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD ProcessCillian Kieran
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Steven Meister
 
IAPP PSR 2022: How do you engineer DSAR for Complexity?
IAPP PSR 2022: How do you engineer DSAR for Complexity?IAPP PSR 2022: How do you engineer DSAR for Complexity?
IAPP PSR 2022: How do you engineer DSAR for Complexity?Cillian Kieran
 
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DevOps.com
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analyticsMarc Vael
 
Lessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idLessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idDavid Kelts, CIPT
 
Data quality and data profiling
Data quality and data profilingData quality and data profiling
Data quality and data profilingShailja Khurana
 

Recommended

Embedding Privacy by Design Into Data Infrastructure
Embedding Privacy by Design Into Data InfrastructureEmbedding Privacy by Design Into Data Infrastructure
Embedding Privacy by Design Into Data InfrastructureCillian Kieran
 
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD ProcessCillian Kieran
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Steven Meister
 
IAPP PSR 2022: How do you engineer DSAR for Complexity?
IAPP PSR 2022: How do you engineer DSAR for Complexity?IAPP PSR 2022: How do you engineer DSAR for Complexity?
IAPP PSR 2022: How do you engineer DSAR for Complexity?Cillian Kieran
 
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DevOps.com
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analyticsMarc Vael
 
Lessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idLessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idDavid Kelts, CIPT
 
Data quality and data profiling
Data quality and data profilingData quality and data profiling
Data quality and data profilingShailja Khurana
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your InformationAIIM International
 
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredCountdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredPrecisely
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Overview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxOverview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxgerardkortney
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safeALI ANWAR, OCP®
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureDataWorks Summit
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Personally Identifiable Information Protection
Personally Identifiable Information ProtectionPersonally Identifiable Information Protection
Personally Identifiable Information ProtectionPECB
 
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareExplore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareKonverge Technologies Pvt. Ltd.
 
Trends in Data Modeling
Trends in Data ModelingTrends in Data Modeling
Trends in Data ModelingDATAVERSITY
 
Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Albert Hoitingh
 
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceeBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceKim Cook
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Ragnar Heil
 
How Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceHow Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceCloudera, Inc.
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptNANDHAKUMARA10
 
Bridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptxBridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptxnuruddin69
 

More Related Content

Similar to Open Source, Python based Privacy Engineering Tools

Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your InformationAIIM International
 
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredCountdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredPrecisely
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Overview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxOverview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxgerardkortney
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureDataWorks Summit
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Personally Identifiable Information Protection
Personally Identifiable Information ProtectionPersonally Identifiable Information Protection
Personally Identifiable Information ProtectionPECB
 
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareExplore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareKonverge Technologies Pvt. Ltd.
 
Trends in Data Modeling
Trends in Data ModelingTrends in Data Modeling
Trends in Data ModelingDATAVERSITY
 
Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Albert Hoitingh
 
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceeBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceKim Cook
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Ragnar Heil
 
How Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceHow Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceCloudera, Inc.
 

Similar to Open Source, Python based Privacy Engineering Tools (20)

Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
 
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredCountdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Overview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxOverview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docx
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safe
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant Architecture
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & Sensitivity
 
Personally Identifiable Information Protection
Personally Identifiable Information ProtectionPersonally Identifiable Information Protection
Personally Identifiable Information Protection
 
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareExplore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
 
Trends in Data Modeling
Trends in Data ModelingTrends in Data Modeling
Trends in Data Modeling
 
Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021
 
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015
 
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceeBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data Governance
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
 
How Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceHow Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR compliance
 

Recently uploaded

Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptNANDHAKUMARA10
 
Bridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptxBridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptxnuruddin69
 
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxS1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxSCMS School of Architecture
 
Online food ordering system project report.pdf
Online food ordering system project report.pdfOnline food ordering system project report.pdf
Online food ordering system project report.pdfKamal Acharya
 
Rums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdfRums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdfsmsksolar
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayEpec Engineered Technologies
 
Air Compressor reciprocating single stage
Air Compressor reciprocating single stageAir Compressor reciprocating single stage
Air Compressor reciprocating single stageAbc194748
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdfKamal Acharya
 
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...soginsider
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdfKamal Acharya
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.Kamal Acharya
 
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...HenryBriggs2
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxJuliansyahHarahap1
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptDineshKumar4165
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdfKamal Acharya
 
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Call Girls Mumbai
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxmaisarahman1
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptMsecMca
 

Recently uploaded (20)

Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
Bridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptxBridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptx
 
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxS1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
 
Online food ordering system project report.pdf
Online food ordering system project report.pdfOnline food ordering system project report.pdf
Online food ordering system project report.pdf
 
Rums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdfRums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdf
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
Air Compressor reciprocating single stage
Air Compressor reciprocating single stageAir Compressor reciprocating single stage
Air Compressor reciprocating single stage
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdf
 
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.
 
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 

Open Source, Python based Privacy Engineering Tools

  • 2. @cillian Today # What is Privacy-as-code # Overview of Fides # Use case 1: checking policies in CI # Use case 2: automating data rights requests
  • 3. @cillian Privacy is a fundamental Human Right.
  • 5. @cillian Privacy today is considered after software is shipped, leading to pain for developers and lawyers. Privacy Software Development
  • 6. @cillian Privacy today is considered after software is shipped, leading to pain for developers and lawyers. Privacy Software Development from Data Discovery Data Mapping Privacy Review Consent & Rights
  • 7. @cillian New laws like GDPR, CCPA, and PIPL require privacy to be at the core of every system: “Privacy by Design”
  • 8. @cillian These laws create tremendous complexity for engineers. Data Discovery Data Mapping DPIA Privacy Review DSR Consent Data Categories Data Purposes
  • 9. @cillian Tools to add privacy to software development #privacyascode
  • 10. @cillian Front End Back End Database Version Control Infrastructure as code Privacy-as-code Privacy-as-code are tools that make it effortless for developers to implement Privacy by Design
  • 11. @cillian Open-source developer tools for Privacy By Design in any tech stack. A set of tools built in Python to help engineers and data teams ship privacy-compliant systems effortlessly. License License Apache 2 Apache 2 License License CC BY 4.0 CC BY 4.0
  • 12. @cillian DEPLOYMENT CODE MANAGEMENT (SDLC) PRIVACY IN SDLC Privacy as Code, Risk Analysis & Reporting PRIVACY OPERATIONS User Data Rights, Consent Enforcement & Reporting With Fides, developers have tools to shift privacy left and solve complex privacy challenges at their source. RUNTIME (DATA QUERIED) How can we prevent privacy risk when our product is being built? “ How can we dynamically define 
 and enforce user privacy rights? LEGAL TEAM “
  • 13. @cillian fidesctl Mgmt tool to validate fideslang and evaluate policy in CI pipeline. fidesops fideslang Description language and taxonomy to describe privacy as code. Data orchestration tool to automate privacy rights requests.
  • 14. @cillian lang A description language that supports GDPR, CCPA, LGPD and ISO 19944. In other words: easily describe personal data in all systems. Explorer fid.es/taxonomy
  • 15. @cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Categories 
 “What” type of data am I processing user.provided.identifiable.contact
  • 16. @cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Subjects 
 “Who” is the owner of the data - user - customer - patient
  • 17. @cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Uses 
 “How” is the data being used personalize.system
  • 18. @cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Qualifier 
 How re-identifiable a person is aggregated.anonymized
  • 20. @cillian # Light-weight declarative language # Dot notation (mostly) # YAML in your projects (inline declarations coming soon) Fides Declarations # System operations data # User provided email address system.operations user.provided.identifiable.contact.email
  • 21. @cillian Fides Primitives Organizations 
 1. Represents all or any part of an organization. 2. Establishes the root of the resource hierarchy. 3. Organizations are unique, i.e. you cannot reference other organization scopes. # Organizations # Systems # Datasets # Policies
  • 22. @cillian # Organizations # Systems # Datasets # Policies Fides Primitives Systems 
 1. Represents the privacy properties of a single project, services, codebase or application. 2. Describes the categories of data being processed and use of the data in the system.
  • 23. @cillian # Organizations # Systems # Datasets # Policies Fides Primitives Datasets 
 1. Represent any location data is stored; databases, data warehouses or other stores. 2. You can declare individual fields of data and describe the types of data they are storing.
  • 24. @cillian # Organizations # Systems # Datasets # Policies Fides Primitives Policies 
 1. Represents a set of rules that a system must adhere to — your privacy policy as code. 2. Fidesctl evaluates these policies against system/dataset declarations for compliance.
  • 25. @cillian # What type of data your application processes (data_category) # How your system uses that data (data_use) # What policies you want your system to adhere to # And more! Using Fides, you can describe…
  • 26. @cillian # Developer tools # Pushing Privacy Left # Compliance checks in CI/CD pipelines # Runtime Application # Manage and automate Data Subject Requests to comply with GDPR et al.
  • 27. @cillian @cillian Use Case 1 Policy Enforcement in Development
  • 29. @cillian @cillian Config docs fid.es/config Getting Started: Configuration Github repo fid.es/ctl [cli] server_url = “http://fidesctl:8080" [api] database_url = “postgresql+psycopg2://postgres:fidesctl@fidesctl-db:5423/fidesctl" 
 test_database_url = “postgresql+psycopg2://postgres:fidesctl@fidesctl-db:5423/fidesctl_test" log_destination = “” log_level = “INFO” log_serialization = “”
  • 30. @cillian @cillian Getting Started: Commands # fidesctl -h fid.es/commands annotate Annotate fidesctl resource types. apply Validate local manifest files and persist any changes via the API server. db Database utility commands. delete Delete a resource on the server. evaluate Compare your System's Privacy Declarations with your Organization's Policies. export Export fidesctl resource types generate Generate fidesctl resource types get View a resource from the server as a JSON object. init Initializes a Fidesctl instance, creating the default directory. scan Scan external resource coverage against fidesctl resources
  • 32. @cillian Privacy Dev Tools: Check Policy in CI # What type of data we’re processing and storing # What we’re doing with that data in our system # Check it against the policies set by our organization # Maintain an audit trail of evaluations
  • 34. Data Subject Access Requests look like this…
  • 35. PROCESSING INFR/DEV OPS DATA PRIVACY 3rd PARTY APPLICATIONS DATA SOURCES COMPLIANCE CHECK PRIVACY, ENG, DATA JIRA/TICKETING WORKFLOW FRONTLINE CUSTOMER SERVICE SUPPORT TEAMS LETTERS, EMAILS, TICKETING & SUPPORT SYSTEMS TICKET/SUPPORT USER SUBJECT
  • 36. @cillian Privacy Dev Tools: Automation Data Request # Construct a request policy # Retrieve data and collate data across systems # Make a development change that affects the data model # Re-run the request to see dev change reflected in model
  • 37. @cillian Privacy Dev Tools: Summary # Described our system’s personal data characteristics # Run evaluations in CI to know we’re complying with policies # Automated retrieval of user data across systems # Automatically update requests against dev changes
  • 38. @cillian @cillian Helpers: Simplifying Privacy Many helpers for simplifying privacy on the way… # ML classifier to automate dataset labeling/annotation # UI for better visual management of the data map and taxonomy # Roadmap tackles each major privacy engineering problem
  • 40. @cillian We’ve covered # What is Privacy-as-code # Overview of Fides # Use case 1: checking policies in CI # Use case 2: automating data rights requests
  • 41. @cillian Fides is a free, open-source Python project on Github Up and running in 15 mins with the quick-start engineering guide Great documentation and Fides slack community to support you Easy to get your team using Fides
  • 42. @cillian Open-source developer tools for privacy. Thank you. Comments, Issues, PRs welcome! License License Apache 2 Apache 2 License License CC BY 4.0 CC BY 4.0 fid.es/join fid.es/pycon2022