Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

GDPR is no longer about compliance

181 views

Published on

GDPR is no longer about compliance. Tackle risk and meeting the future, lawyers and engineers together.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

GDPR is no longer about compliance

  1. 1. 1 © Nokia 2016 GDPR is no longer about compliance: Tackle risk and meeting the future, lawyers and engineers together. Public Dr. Ian Oliver Bell Labs, Finland Stockholm, Sweden, 27 May 2017 Cognizant Snapshot Breakfast - How can GDPR Generate New Business Opportunities?
  2. 2. 2 © Nokia 2016 Public What is compliance anyway?
  3. 3. 3 © Nokia 2016 Public What is compliance anyway? A set of rules that must be followed…?
  4. 4. 4 © Nokia 2016 Public What is compliance anyway? A set of rules that must be followed…?
  5. 5. 5 © Nokia 2016 Compliance is fragile Public char collectDataFlag = 'Y'; // Future proofed boolean // Y for yes, N for no void collectDataFunction(){ //collect IMEI, IMSI, MSISDN, TimeStamp and location //and send to the hardcoded IP address ... } void checkDataCollection(){ switch(collectDataFlag){ case 'N' : // don't do anything case 'Y' : // ok to collect everything collectDataFunction(); } }
  6. 6. 6 © Nokia 2016 Public The GDPR talks about risk
  7. 7. 7 © Nokia 2016 Public Which can solved by more processes and better compliance
  8. 8. 8 © Nokia 2016 Public Which can solved by more processes and better compliance?
  9. 9. 9 © Nokia 2016 Public Process Method (Technique, Skills): Requirements Ontology Modelling Metrics Risk Management and Comprehension Culture
  10. 10. 10 © Nokia 2016 Public Some industries have already understood this...
  11. 11. 11 © Nokia 2016 Public Privacy is a safety-critical concept.
  12. 12. 12 © Nokia 2016 Public Privacy is a safety-critical concept. Privacy lawyers vs Software engineers
  13. 13. 13 © Nokia 2016 Public Privacy is a safety-critical concept: Privacy lawyers & Software engineers: Integration of terminology Problem solving (never say ‘no’) Risk management not rules Comprehend risk, don’t avoid it Compliance = Rules & Hiding => Bad Tools Culture

×