Data Scientists are going to need to pay attention to the EU General Data Protection Regulation (GDPR), set to be published early 2016. Fines for violation are massive.
Jual obat aborsi Bandung ( 085657271886 ) Cytote pil telat bulan penggugur ka...
Data science and pending EU privacy laws - a storm on the horizon
1. Data Science and EU Privacy
A Storm on the Horizon
David Stephenson, Ph.D.
dsiAnalytics.com
2. PRIVACY CONSIDERATIONS WITH DATA AND DATA SCIENCE
• Intro & Case Studies
• Data & Data Science: Growth and Usage
• Privacy: Storm on the Horizon
• Concluding Thoughts
Agenda
2
3. My Background
Intro & Case Studies
Head of Global Business
Analytics
Professor
(Advanced Analytics)
Ph.D. Analytics &
Computer Science
Financial Analytics,
Credit Risk and Insurance
Independent Consultant
3
6. PRIVACY CONSIDERATIONS WITH DATA AND DATA SCIENCE
• Intro & Case Studies
• Data & Data Science: Growth and Usage
– Data Science
– Modern Technology
• Privacy: Storm on the Horizon
Agenda
6
7. Data Usage
The Power of Data Science
Propensity Classification/Profiling
PersonalizationMarketing
7
8. More Data Means More Insights
Traditional Data
Big
Data
Smart
Devices
IoT
8
10. PRIVACY CONSIDERATIONS WITH DATA AND DATA SCIENCE
• Intro & Case Studies
• Data & Data Science: Growth and Usage
– Data Science
– Modern Technology
• Privacy: Storm on the Horizon
Agenda
10
11. Data Sources
The Power of Data Science
11
Brainstorm: Today’s Sources of Personal Data? 11
17. Source and Use of Customer Data
Privacy: A Brief Background
Can be
Known
Used
Stored
Shared with
3rd parties
Observed
Volunteered
Data
Science
17
18. PRIVACY CONSIDERATIONS WITH DATA AND DATA SCIENCE
18
• Intro & Case Studies
• Data & Data Science: Growth and Usage
• Privacy: Storm on the Horizon
Agenda
20. Preparing for compliance
Privacy: Storm on the Horizon
What are my
data assets?
Usage
Storage
Flow to/from
3rd parties
Observed
Volunteered
Data
Science
Right to be forgotten
De-anonymization
Cloud computing
Explicit and up-
front consent
Restricted profiling
Privacy by Design
Potential liabilities from
buying, selling and sharing
20
21. Moving Forward
Privacy: Storm on the Horizon
Become aware of your entire data ecosystem and how it may expose
you to privacy violations
Audit current data storage and governance for compliance
Ensure that all product roadmaps comply with the principles of
Privacy by Design
21
Ensure that proper user consent is in place from the moment of first
user registration
Initiate dialogue with corporate privacy officer or external expert
24. Privacy by Design
24
1 Proactive not Reactive; Preventative not Remedial
2 Privacy as the Default Setting
3 Privacy Embedded into Design
4 Full Functionality – Positive-Sum, not Zero-Sum
5 End-to-End Security – Full Lifecycle Protection
6 Visibility and Transparency – Keep it Open
7 Respect for User Privacy – Keep it User-Centric
25. Privacy by Design for Big Data (Jeff Jonas, IBM)
25
1. FULL ATTRIBUTION: Every observation (record) needs to know from where it came and when. There cannot be
merge/purge data survivorship processing whereby some observations or fields are discarded.
2. DATA TETHERING: Adds, changes and deletes occurring in systems of record must be accounted for, in real time, in sub-
seconds.
3. ANALYTICS ON ANONYMIZED DATA: The ability to perform advanced analytics (including some fuzzy matching) over
cryptographically altered data means organizations can anonymize more data before information sharing.
4. TAMPER-RESISTANT AUDIT LOGS: Every user search should be logged in a tamper-resistant manner — even the
database administrator should not be able to alter the evidence contained in this audit log.
5. FALSE NEGATIVE FAVORING METHODS: The capability to more strongly favor false negatives is of critical importance
in systems that could be used to affect someone’s civil liberties.
6. SELF-CORRECTING FALSE POSITIVES: With every new data point presented, prior assertions are re-evaluated to
ensure they are still correct, and if no longer correct, these earlier assertions can often be repaired — in real time.
7. INFORMATION TRANSFER ACCOUNTING: Every secondary transfer of data, whether to human eyeball or a tertiary
system, can be recorded to allow stakeholders (e.g., data custodians or the consumers themselves) to understand how
their data is flowing.
Editor's Notes
Photo from http://mac360.com/2012/02/free-make-your-own-photo-puzzles-on-a-mac/
Photo from http://www.retrooffice.com/vintage-store/vintage-filing-storage/mcdowell-craig-vintage-steel-retro-vertical-letter-and-legal-file-cabinets.html.