Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Presentation for the LSEC GDPR event - 20171130

110 views

Published on

Presentation given on the experience of privacy design labs on the LSEC Belgium GDPR event of 30 November 2017.

Event page: https://www.leadersinsecurity.org/events-old/icalrepeat.detail/2017/11/30/186/-/gdpr-plan-to-be-ready-prepare-to-set-change-to-go-session-3-privacy-impact-assessment-scenario-planning-data-loss-management.html?filter_reset=1

Privacy Design lab page: https://sites.google.com/site/pbd20171106

Example of a privacy design jam by Facebook (Berlin 2017) : https://www.facebook.com/facebookbrussels/videos/1419793831400471/

Published in: Education
  • Be the first to comment

Presentation for the LSEC GDPR event - 20171130

  1. 1. Privacy (by) Design GDPR event - 30 Nov 2017 Tommy Vandepitte
  2. 2. http://www.legaltechdesign.com/LegalDesignToolbox/
  3. 3. Case 1
  4. 4. Participant
  5. 5. Case 2
  6. 6. Co-organiser
  7. 7. Master of ceremony Arthur Christmas
  8. 8. Timekeeper Arthur Christmas
  9. 9. Experts Arthur Christmas
  10. 10. Helpers Arthur Christmas
  11. 11. https://sites.google.com/site/pbd20171106
  12. 12. Questions / Go on Take your pick
  13. 13. What’s in it for you? (externally) Qualifier
  14. 14. What’s in it for you? (externally) Differentiator
  15. 15. What’s in it for you? (externally)
  16. 16. What’s in it for you? (externally) • Decision makers • Future users • CIOs • CISOs • DPOs • Legal • …
  17. 17. What’s in it for you? (externally)  Our agreeent is in line with (article 28) GPDR  Our product helps you comply with GDPR…  We thought about the principles, give a baseline, but you can tweak  We thought about data subject rights, and have implemented like this  We have a dashboard for the end customers preference, and it works like this  We have audit logs, a compliance role, …  … and I have the documentation to back it up
  18. 18. What’s in it for you? (internally) � Bring people together � Better understanding of each others’ position � Creates awareness � People unknowingly learn � Tackle big problems early, small problems later… � Overall less rework (and thus lower cost)
  19. 19. Challenges � It is a time investment � First, you have to speak the same language � DPO must stand strong in his/her shoes � DPO must be honest � DPO must be willing to invest in understanding the business � DPO needs to learn to give advice in uncertainty � Business needs to learn that first advice may need to be adjusted due to incremental insight �…
  20. 20. The Justice League https://www.youtube.com/watch?v=ZJVvrmLSTsg Quis custodiet ipsos custodes?
  21. 21. Sidedeck
  22. 22. Think it through
  23. 23. International
  24. 24. Legal perspective
  25. 25. Legal perspective
  26. 26. In fact… it is a tale of old
  27. 27. Take different perspectives
  28. 28. Data subject centric in mind around the table
  29. 29. Bring the bunch together
  30. 30. A challenge
  31. 31. Analysis
  32. 32. Start with why?
  33. 33. Look at the general UI
  34. 34. Overcome the human nature
  35. 35. Think like an “attacker” …but also
  36. 36. Multiple iterations
  37. 37. Lean
  38. 38. No (full) checklist ?  “Ethics cannot be captured in checklists.”  Legislation is vague (on purpose).  Parties are not “out” on the matter yet.  No checklist can ever be “exhaustive”.
  39. 39. Academic frameworks
  40. 40. Academic frameworks
  41. 41. Academic frameworks
  42. 42. Where the rubber hits the road
  43. 43. Open innovation
  44. 44. Co-creation Vodafone / Thomson Reuters
  45. 45. https://www.ted.com/talks/seth_godin_this_is_broken_1
  46. 46. Game design Marlous Theunissen

×