Data protection laws are coming to Asia. The document discusses the concept of privacy and how it is recognized as a human right. It outlines several international instruments that have influenced the development of data protection laws, including the OECD Guidelines from 1980, the Council of Europe Convention from 1981, the European Union Directive from 1995, and the APEC Privacy Framework from 2004. The document also discusses different national approaches to data protection legislation, including comprehensive legislation, legislation with self-regulation, self-regulation only, and doing nothing. It provides examples of countries that have taken each approach. The document concludes by noting that several Asian countries, including China, India, Indonesia, and Thailand are in the process of developing data protection laws.
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
The document discusses privacy and data protection. It defines privacy as an individual's ability to control how and when personal information is shared with others. It outlines several international agreements that establish privacy as a universal human right. The document also discusses the three dimensions of privacy - personal, territorial, and informational - and basic privacy principles like transparency and purpose limitation.
This document is to guide in the basic topics of cryptographic and network security. The detail insight of classical encryption algorithm is given here. The step by step process is clearly explained in this document.
This document discusses information privacy and related topics. It defines information and privacy, explaining that information privacy relates to the collection and dissemination of data, technology, and public expectations of privacy. It outlines various types of information and privacy, including healthcare records, criminal records, and different forms of online privacy. Laws around privacy are classified as general privacy laws and specific privacy laws regulating certain information types. The document provides ways to protect privacy, such as using firewalls, encryption, and anti-spam software. It also summarizes privacy index rankings for different countries and discusses future concerns regarding defining private information and preventing data breaches.
This document discusses information privacy and security. It begins by defining information privacy and outlining different types of information. It then discusses various laws and authorities related to privacy protection in different countries. Several privacy protocols, technologies, and algorithms are presented, along with methods for information security. Common threats to digital information are listed. The relationship between privacy and security is examined, noting that privacy cannot exist without security. Concerns regarding privacy in various contexts are raised and the conclusion reiterates the close link between privacy and security while underscoring common threats.
Keeping Information Safe: Privacy and Security Issuesipspat
This document summarizes the presentation "Managing Intellectual Property Rights And Privacy Issues In Outsourcing" which discusses privacy and security issues related to outsourcing. It outlines key US and international laws regarding privacy, risks of privacy breaches, and provides tips for conducting proper due diligence and drafting outsourcing contracts to reduce privacy and security risks when transferring data abroad.
Personal privacy and computer technologiessidra batool
This document discusses personal privacy and computer technologies. It begins by defining privacy as the protection of an individual's personal information and their rights regarding how organizations collect, use, retain, disclose, and dispose of personal information. It notes that privacy is important for maintaining individual autonomy and enabling trust in economic transactions. New computer technologies like databases, surveillance tools, and data analysis pose new risks to privacy through invisible information gathering, secondary data use, data mining, and computer profiling. The document outlines principles for responsible data collection and use. It also discusses privacy legislation and the UK's Data Protection Act, which establishes eight principles governing fair and lawful use of personal information.
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
The document discusses privacy and data protection. It defines privacy as an individual's ability to control how and when personal information is shared with others. It outlines several international agreements that establish privacy as a universal human right. The document also discusses the three dimensions of privacy - personal, territorial, and informational - and basic privacy principles like transparency and purpose limitation.
This document is to guide in the basic topics of cryptographic and network security. The detail insight of classical encryption algorithm is given here. The step by step process is clearly explained in this document.
This document discusses information privacy and related topics. It defines information and privacy, explaining that information privacy relates to the collection and dissemination of data, technology, and public expectations of privacy. It outlines various types of information and privacy, including healthcare records, criminal records, and different forms of online privacy. Laws around privacy are classified as general privacy laws and specific privacy laws regulating certain information types. The document provides ways to protect privacy, such as using firewalls, encryption, and anti-spam software. It also summarizes privacy index rankings for different countries and discusses future concerns regarding defining private information and preventing data breaches.
This document discusses information privacy and security. It begins by defining information privacy and outlining different types of information. It then discusses various laws and authorities related to privacy protection in different countries. Several privacy protocols, technologies, and algorithms are presented, along with methods for information security. Common threats to digital information are listed. The relationship between privacy and security is examined, noting that privacy cannot exist without security. Concerns regarding privacy in various contexts are raised and the conclusion reiterates the close link between privacy and security while underscoring common threats.
Keeping Information Safe: Privacy and Security Issuesipspat
This document summarizes the presentation "Managing Intellectual Property Rights And Privacy Issues In Outsourcing" which discusses privacy and security issues related to outsourcing. It outlines key US and international laws regarding privacy, risks of privacy breaches, and provides tips for conducting proper due diligence and drafting outsourcing contracts to reduce privacy and security risks when transferring data abroad.
Personal privacy and computer technologiessidra batool
This document discusses personal privacy and computer technologies. It begins by defining privacy as the protection of an individual's personal information and their rights regarding how organizations collect, use, retain, disclose, and dispose of personal information. It notes that privacy is important for maintaining individual autonomy and enabling trust in economic transactions. New computer technologies like databases, surveillance tools, and data analysis pose new risks to privacy through invisible information gathering, secondary data use, data mining, and computer profiling. The document outlines principles for responsible data collection and use. It also discusses privacy legislation and the UK's Data Protection Act, which establishes eight principles governing fair and lawful use of personal information.
The document discusses and compares the Mobile Privacy Principles developed by GSMA and the African Union Convention on Cyber Security and Personal Data Protection.
The Mobile Privacy Principles were created in 2011 to describe how mobile users' privacy should be respected and protected when using mobile apps and services that access personal information. The African Union convention establishes a regulatory framework for cybersecurity and personal data protection that respects citizens' rights under domestic and international law.
While there is some overlap between the key principles of openness, purpose limitation, and security in both frameworks, the Mobile Privacy Principles include additional elements around children's privacy, accountability, and privacy by design that are not specifically addressed in the African Union convention. Harmonizing these frameworks to
This document discusses data privacy fundamentals and attacks. It begins with definitions of data privacy and the need to protect personally identifiable information. It then outlines common data privacy threats like phishing, malware, and improper access. The document also examines access control models and regulations around data protection. Overall, it provides an introduction to key concepts in data privacy and security risks to consider.
Presented at: 2nd Annual Gulf Cooperation Council e-Participation & e-Governance Forum – Organised by: Abu Dhabi University Knowledge Group and UAE Telecommunications Regulatory Authority.
9 – 11 September 2013 | Dusit Thani Hotel | Abu Dhabi | UAE.
Chapter 11 laws and ethic information securitySyaiful Ahdan
This document provides an overview of key concepts regarding law and ethics in information security. It discusses the differences between laws and ethics, and how policies function similarly to laws within an organization. Several major US laws are outlined, including those covering general computer crimes, privacy, identity theft, export and espionage, copyright, and financial reporting. International agreements and professional organizations relevant to information security ethics are also mentioned. The document aims to help readers understand the legal and ethical responsibilities for information security practitioners.
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...Prof. (Dr.) Tabrez Ahmad
The document discusses the concept of privacy in relation to social media and technology. It covers several topics related to privacy rights in India and other countries, the threats to privacy posed by new technologies, and initiatives by industry and governments to protect privacy. It also discusses how personal information is increasingly being collected and used online through social networks and digital footprints, posing risks to individual privacy that laws and regulations aim to address.
Data Security is an information security company with over 15 years of experience that offers various services such as incident response, risk analysis, gap analysis, penetration testing, business continuity planning, security policies, computer forensics, and courses on information security and cybercrime investigation. The company aims to protect information from threats to ensure confidentiality, integrity, and availability through adequate security measures and response to security incidents when they occur. Data Security conducts investigations of devices like computers and phones to determine the cause of incidents and identify responsible parties through forensic procedures.
India'a Proposed Privacy & Personal Data Protection Law Priyanka Aash
This document summarizes key aspects of India's proposed Personal Data Protection Bill, 2019. It discusses the bill's applicability, categories of protected data, data controller obligations, rights of data subjects, provisions around children's data, and penalties. It also outlines rules for data localization and cross-border data transfers, noting sensitive personal data must stay in India unless an exception applies. The bill aims to strengthen data protection for Indian citizens and regulate how their personal information is collected and used.
The “Privacy Today” presentation was written for the IAPP by Professor Peter Swire of the Moritz College of Law of the Ohio State University. The materials cover the definition of privacy, ways to protect privacy, privacy harms, and fair information practices. The “Privacy Today” presentation is designed for college and university students.
Licensed under Creative Commons Attribution 3.0 Unported
The document discusses data protection in India as the country transitions to a digital economy. It notes that India has over 450 million internet users and the government has launched a "Digital India" initiative. However, with increased data collection and use, protection of personal data has become important. The government has drafted a white paper that outlines key principles for a data protection law, including technology neutrality, informed consent, data minimization, and accountability. The white paper was released for public consultation to help shape India's comprehensive data protection law and ensure privacy protections are balanced with enabling innovation.
This document discusses laws and ethics related to information security. It begins with an overview of the differences between laws and ethics. It then provides details on several relevant US and international laws, such as the Computer Fraud and Abuse Act, Sarbanes-Oxley Act, and various privacy and copyright laws. The document also discusses ethics, fair use, and how culture influences conceptions of ethical behavior.
Copyright Notice:
This presentation is prepared by Author for Perbanas Institute as a part of Author Lecture Series. It is to be used for educational and non-commercial purposes only and is not to be changed, altered, or used for any commercial endeavor without the express written permission from Author and/or Perbanas Institute. Appropriate legal action may be taken against any person, organization, or entity attempting to misrepresent, charge, or profit from the educational materials contained here.
Authors are allowed to use their own articles without seeking permission from any person, organization, or entity.
This document provides an overview of data privacy issues and insurance coverage options. It discusses the foundations for privacy concerns, types of data breaches and their costs, applicable privacy laws, hypothetical breach scenarios and potential resulting losses. It then outlines various insurance options that could apply, including first party coverage for breach response costs, third party coverage for privacy claims, network security policies, and cyber extortion coverage. Finally, it notes some common exclusions around system failures, employee acts, operations, and independent contractors.
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
Laws define prohibited and mandated behaviors while ethics define socially acceptable behaviors based on cultural mores. Relevant US laws include the Computer Fraud and Abuse Act, National Information Infrastructure Protection Act, USA Patriot Act, and others. Organizations can establish codes of ethics and reduce liability by exercising due care and due diligence in protecting information.
This chapter discusses privacy and personal information in the context of computer technology. It covers how computers enable new threats to privacy through invisible information gathering, secondary use, computer matching, and profiling of personal data. Examples are given of government and consumer databases containing personal information. The chapter also discusses risks to privacy such as the use of social security numbers and potential national ID systems. It concludes by examining approaches to protecting privacy through education, technology, markets, and laws/regulations.
This document discusses information privacy and its technical, organizational, and social implications. It begins by defining information privacy and the relationship between data collection, technology, public expectations of privacy, and legal issues. It then covers topics like personally identifiable information, the types of data collected online, and technical tools and devices related to privacy. The document also addresses the costs of information privacy for governments, companies, and consumers. It discusses perspectives on privacy from different generations and countries. Finally, it covers organizational privacy policies and standards, as well as some high-profile data breach cases and the importance of information security.
Explores:
1. Introduction to Privacy Regimes in the United States and Abroad
2. Mobile Applications and Devices
3. Lawful Collection and Use of “Big Data”
4. International Privacy and Cross-Border Data Transfers
5. Data Security Requirements and Data Breach Response
6. IT Outsourcing and the Cloud
7. Recent Developments and Emerging Issues
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalDr. Donald Macfarlane
The document summarizes an IBM breakfast briefing on data protection, security, and regulatory updates. The briefing covered the changing EU General Data Protection Regulations and implications for organizations, including increased fines for noncompliance. It also discussed privacy rights for individuals, such as the "right to be forgotten" and access to their own data. The briefing addressed how analytics can help adhere to new rules and regulations.
The document discusses best practices for privacy, data security, and IP protection for Internet of Things devices. It summarizes challenges like limited computing power, privacy concerns from data collection, and intellectual property issues. It then outlines regulatory background, industry guidelines, and recommendations including prioritizing security and privacy by design, limiting data collection and retention, providing notice and choice to consumers, and considering intellectual property protection early.
This document summarizes regulatory compliance under the Information Technology Act, 2000 regarding data protection in India. It discusses key cases related to data protection, the liability of companies under Section 85 of the act, and compensation for failure to protect data under Section 43A. It also examines what constitutes sensitive personal data, reasonable security practices and procedures, roles of adjudicating officers and courts, and guidelines around collection, use and transfer of personal information. Overall, the document provides an overview of the IT Act's provisions for data protection in India.
The Personal Data Protection Act 2010 has come into force in Malaysia. These slides explain the governing principles in order for you to have an overview whether your company is ready to comply.
Dokumen ini membahas deklarasi gerakan nasional untuk mendukung interoperabilitas dokumen di Indonesia menggunakan format ODF. Format ODF sudah diadopsi banyak negara dan organisasi karena standar terbuka dan mendukung kompetisi. Aplikasi LibreOffice direkomendasikan karena fleksibel, didukung komunitas besar, dan sesuai dengan prinsip ODF.
The document discusses and compares the Mobile Privacy Principles developed by GSMA and the African Union Convention on Cyber Security and Personal Data Protection.
The Mobile Privacy Principles were created in 2011 to describe how mobile users' privacy should be respected and protected when using mobile apps and services that access personal information. The African Union convention establishes a regulatory framework for cybersecurity and personal data protection that respects citizens' rights under domestic and international law.
While there is some overlap between the key principles of openness, purpose limitation, and security in both frameworks, the Mobile Privacy Principles include additional elements around children's privacy, accountability, and privacy by design that are not specifically addressed in the African Union convention. Harmonizing these frameworks to
This document discusses data privacy fundamentals and attacks. It begins with definitions of data privacy and the need to protect personally identifiable information. It then outlines common data privacy threats like phishing, malware, and improper access. The document also examines access control models and regulations around data protection. Overall, it provides an introduction to key concepts in data privacy and security risks to consider.
Presented at: 2nd Annual Gulf Cooperation Council e-Participation & e-Governance Forum – Organised by: Abu Dhabi University Knowledge Group and UAE Telecommunications Regulatory Authority.
9 – 11 September 2013 | Dusit Thani Hotel | Abu Dhabi | UAE.
Chapter 11 laws and ethic information securitySyaiful Ahdan
This document provides an overview of key concepts regarding law and ethics in information security. It discusses the differences between laws and ethics, and how policies function similarly to laws within an organization. Several major US laws are outlined, including those covering general computer crimes, privacy, identity theft, export and espionage, copyright, and financial reporting. International agreements and professional organizations relevant to information security ethics are also mentioned. The document aims to help readers understand the legal and ethical responsibilities for information security practitioners.
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...Prof. (Dr.) Tabrez Ahmad
The document discusses the concept of privacy in relation to social media and technology. It covers several topics related to privacy rights in India and other countries, the threats to privacy posed by new technologies, and initiatives by industry and governments to protect privacy. It also discusses how personal information is increasingly being collected and used online through social networks and digital footprints, posing risks to individual privacy that laws and regulations aim to address.
Data Security is an information security company with over 15 years of experience that offers various services such as incident response, risk analysis, gap analysis, penetration testing, business continuity planning, security policies, computer forensics, and courses on information security and cybercrime investigation. The company aims to protect information from threats to ensure confidentiality, integrity, and availability through adequate security measures and response to security incidents when they occur. Data Security conducts investigations of devices like computers and phones to determine the cause of incidents and identify responsible parties through forensic procedures.
India'a Proposed Privacy & Personal Data Protection Law Priyanka Aash
This document summarizes key aspects of India's proposed Personal Data Protection Bill, 2019. It discusses the bill's applicability, categories of protected data, data controller obligations, rights of data subjects, provisions around children's data, and penalties. It also outlines rules for data localization and cross-border data transfers, noting sensitive personal data must stay in India unless an exception applies. The bill aims to strengthen data protection for Indian citizens and regulate how their personal information is collected and used.
The “Privacy Today” presentation was written for the IAPP by Professor Peter Swire of the Moritz College of Law of the Ohio State University. The materials cover the definition of privacy, ways to protect privacy, privacy harms, and fair information practices. The “Privacy Today” presentation is designed for college and university students.
Licensed under Creative Commons Attribution 3.0 Unported
The document discusses data protection in India as the country transitions to a digital economy. It notes that India has over 450 million internet users and the government has launched a "Digital India" initiative. However, with increased data collection and use, protection of personal data has become important. The government has drafted a white paper that outlines key principles for a data protection law, including technology neutrality, informed consent, data minimization, and accountability. The white paper was released for public consultation to help shape India's comprehensive data protection law and ensure privacy protections are balanced with enabling innovation.
This document discusses laws and ethics related to information security. It begins with an overview of the differences between laws and ethics. It then provides details on several relevant US and international laws, such as the Computer Fraud and Abuse Act, Sarbanes-Oxley Act, and various privacy and copyright laws. The document also discusses ethics, fair use, and how culture influences conceptions of ethical behavior.
Copyright Notice:
This presentation is prepared by Author for Perbanas Institute as a part of Author Lecture Series. It is to be used for educational and non-commercial purposes only and is not to be changed, altered, or used for any commercial endeavor without the express written permission from Author and/or Perbanas Institute. Appropriate legal action may be taken against any person, organization, or entity attempting to misrepresent, charge, or profit from the educational materials contained here.
Authors are allowed to use their own articles without seeking permission from any person, organization, or entity.
This document provides an overview of data privacy issues and insurance coverage options. It discusses the foundations for privacy concerns, types of data breaches and their costs, applicable privacy laws, hypothetical breach scenarios and potential resulting losses. It then outlines various insurance options that could apply, including first party coverage for breach response costs, third party coverage for privacy claims, network security policies, and cyber extortion coverage. Finally, it notes some common exclusions around system failures, employee acts, operations, and independent contractors.
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
Laws define prohibited and mandated behaviors while ethics define socially acceptable behaviors based on cultural mores. Relevant US laws include the Computer Fraud and Abuse Act, National Information Infrastructure Protection Act, USA Patriot Act, and others. Organizations can establish codes of ethics and reduce liability by exercising due care and due diligence in protecting information.
This chapter discusses privacy and personal information in the context of computer technology. It covers how computers enable new threats to privacy through invisible information gathering, secondary use, computer matching, and profiling of personal data. Examples are given of government and consumer databases containing personal information. The chapter also discusses risks to privacy such as the use of social security numbers and potential national ID systems. It concludes by examining approaches to protecting privacy through education, technology, markets, and laws/regulations.
This document discusses information privacy and its technical, organizational, and social implications. It begins by defining information privacy and the relationship between data collection, technology, public expectations of privacy, and legal issues. It then covers topics like personally identifiable information, the types of data collected online, and technical tools and devices related to privacy. The document also addresses the costs of information privacy for governments, companies, and consumers. It discusses perspectives on privacy from different generations and countries. Finally, it covers organizational privacy policies and standards, as well as some high-profile data breach cases and the importance of information security.
Explores:
1. Introduction to Privacy Regimes in the United States and Abroad
2. Mobile Applications and Devices
3. Lawful Collection and Use of “Big Data”
4. International Privacy and Cross-Border Data Transfers
5. Data Security Requirements and Data Breach Response
6. IT Outsourcing and the Cloud
7. Recent Developments and Emerging Issues
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalDr. Donald Macfarlane
The document summarizes an IBM breakfast briefing on data protection, security, and regulatory updates. The briefing covered the changing EU General Data Protection Regulations and implications for organizations, including increased fines for noncompliance. It also discussed privacy rights for individuals, such as the "right to be forgotten" and access to their own data. The briefing addressed how analytics can help adhere to new rules and regulations.
The document discusses best practices for privacy, data security, and IP protection for Internet of Things devices. It summarizes challenges like limited computing power, privacy concerns from data collection, and intellectual property issues. It then outlines regulatory background, industry guidelines, and recommendations including prioritizing security and privacy by design, limiting data collection and retention, providing notice and choice to consumers, and considering intellectual property protection early.
This document summarizes regulatory compliance under the Information Technology Act, 2000 regarding data protection in India. It discusses key cases related to data protection, the liability of companies under Section 85 of the act, and compensation for failure to protect data under Section 43A. It also examines what constitutes sensitive personal data, reasonable security practices and procedures, roles of adjudicating officers and courts, and guidelines around collection, use and transfer of personal information. Overall, the document provides an overview of the IT Act's provisions for data protection in India.
The Personal Data Protection Act 2010 has come into force in Malaysia. These slides explain the governing principles in order for you to have an overview whether your company is ready to comply.
Dokumen ini membahas deklarasi gerakan nasional untuk mendukung interoperabilitas dokumen di Indonesia menggunakan format ODF. Format ODF sudah diadopsi banyak negara dan organisasi karena standar terbuka dan mendukung kompetisi. Aplikasi LibreOffice direkomendasikan karena fleksibel, didukung komunitas besar, dan sesuai dengan prinsip ODF.
Dokumen tersebut membahas pentingnya perlindungan data pribadi di Indonesia. Indonesia belum memiliki undang-undang khusus tentang privasi, namun UU KIP mengecualikan informasi yang berkaitan dengan hak-hak pribadi. Dokumen tersebut menjelaskan berbagai tema kerahasiaan pribadi dan prinsip-prinsip perlindungan data pribadi yang diterapkan di berbagai negara.
The document discusses user and device management in Microsoft. It states that users expect to access corporate resources from any location using various devices, but this creates challenges for IT departments. The document outlines how Microsoft's user and device management tools enable users by providing consistent access across devices, simplifying device enrollment, and synchronizing corporate data. It also allows IT to unify management of on-premises and cloud-based devices from a single console. Further, it discusses how these tools help protect corporate information by selectively wiping devices and identifying compromised ones.
Ringkasan dokumen tersebut adalah:
(1) KAN (Komite Akreditasi Nasional) bertanggung jawab untuk melakukan akreditasi terhadap lembaga sertifikasi, laboratorium, dan lembaga inspeksi di Indonesia. (2) KAN telah mendapatkan pengakuan internasional (MLA/MRA) untuk berbagai skema akreditasi. (3) KAN sedang mengembangkan skema akreditasi untuk sertifikasi Sistem Manajemen Keamanan Informasi berdasarkan stand
The document summarizes global information security threats trends from 2010 to 2011 based on a presentation given by Dr. Yoichi Shinoda. It discusses:
1. Updates on threats like drive-by downloads, Stuxnet, route hijacking and DDoS attacks. New threats from hacktivists, advanced persistent threats, and growing mobile malware were also noted.
2. Changes in the long term threat landscape showing a shift from network to web and malware attacks. Target areas have expanded from internet to intranet systems.
3. The need to change approaches through increased awareness, improved defenses, economic incentives, and synergistic collaborations between groups. Continued investments in research and development were also emphasized
This document provides information and recommendations for protecting personal computers and information from security threats. It discusses using updated operating systems and software, regular backups, safe wireless network usage, caution with external devices, secure email practices, password management, and protecting portable devices. The overall message is to remain vigilant against hacking, viruses, and data theft by maintaining secure systems and practices.
This presentation presentated by Gildas Deograt Lumy "Simulasi Scirital Information Infrastructure Protection (CIIP)" , Bandung, Indonesia 10th September 2013 on #IISF2013
This document discusses sovereignty and governance in cyberspace, focusing on three key sites: the NSA and encryption policy, WIPO and anti-circumvention measures, and ICANN and internet identifier management. For each site, it analyzes the rhetoric used, realpolitik motivations, governance processes and challenges, and lack of legitimacy and effectiveness due to limited stakeholder participation and global technical constraints. Overall it argues that regulating technology and technologizing regulation in these areas has faced major challenges due to differing stakeholder positions and the difficulty of controlling cryptography, code, and network protocols on an open global internet.
Dokumen tersebut membahas tentang pentingnya interoperabilitas dokumen perkantoran dalam pemerintahan berbasis elektronik (e-government) untuk mempercepat proses pengambilan keputusan, meningkatkan transparansi dan akuntabilitas, serta mengurangi biaya transaksi. Ada beberapa tantangan dalam implementasinya seperti kepemimpinan, SDM, kesadaran akan teknologi informasi, dan budaya dokumentasi yang perlu diatasi dengan berbagai
This presentation presentated by Gildas Deograt Lumy "Simulasi Scirital Information Infrastructure Protection (CIIP)" , Bandung, Indonesia 10th September 2013 on #IISF2013
Dokumen tersebut membahas tentang sinkronisasi waktu dan solusi terbaik untuk mengatasi masalah sinkronisasi waktu di jaringan perusahaan. Solusi terbaik adalah menggunakan server waktu jaringan khusus yang menjalankan NTP atau SNTP dan diisolasi dari internet untuk menyediakan keamanan yang lebih baik.
The document discusses critical infrastructure protection (CIP). It outlines recent and past failures of CIP and possible causes. It then discusses taking a practical "inside-out" approach to CIP that involves identifying assets, exploring threats to each type of asset, assessing impacts and likelihoods, and determining controls. Key messages are that there is no single solution; organizations must know their assets, review existing plans and controls, and continue user education.
ISO/IEC 27001, ISO/IEC 27701, and Data Privacy Laws: Key threats in 2022PECB
In recent years, there has been a significant number of data privacy laws and regulations which have impacted business in different areas.
In this regard, many organizations are training their staff in order to avoid heavy penalties that are coming as a result of noncompliance.
Amongst others, the webinar covers:
• Some of the points that this webinar will cover:
• Privacy history - United Nations, EU/APAC/NA
• The GDPR and implications for global companies
• Practical Guide for Privacy Governance
• How Security and Privacy intersect
Presenters:
Ken Fishkin, CISSP, CIPT, CIPP/US, CIPM, ISO/IEC 27001 Lead Implementer, leads Lowenstein Sandler’s information security and data privacy programs, and mitigates their security and privacy risks to comply with client and regulatory requirements. He has more than 20 years of experience implementing and supporting secure, complex information technology infrastructures. Ken’s detailed knowledge of security and network methodologies, techniques, and best practices enables him to thoroughly assess and remediate cybersecurity threats and vulnerabilities.
He is President of the New Jersey Chapter of (ISC)2, a charitable, nonprofit organization focused on disseminating knowledge, exchanging ideas, and encouraging community outreach efforts in an effort to advance information security practice and awareness.
Ken is also on the Executive and Threat Intelligence Committees of the Legal Services Information Sharing and Analysis Organization (LS-ISAO), a member-driven community providing a secure framework for sharing actionable threat intelligence and vulnerability information.
Alfonso (Al) is currently the Vice President of Data Privacy & Security at a public SaaS-based real estate management firm based in California. Prior to this role, he was the Head of IT Risk & Privacy and Data Protection Officer (DPO) for a global Fortune 500 luxury retailer responsible for protecting $6Bn in annual revenue from traditional brick and mortar and e-Commerce channels. He has also been the Chief Information Security Officer (CISO) for a private consulting firm specialized in regulatory advisory services, and held various Governance, Risk, Compliance, and Privacy leadership roles in Energy, Financial Services, Security and Insurance industries.
Alfonso holds a Masters in Information Systems from Stevens Institute of Technology in Hoboken, New Jersey, and a Bachelor’s degree in Computer Science & Engineering from New York University, Tandon School of Engineering, Polytechnic Institute in Brooklyn, New York.
-------------------------------------------------------------------------------
YouTube video: https://youtu.be/UdE3aaZKCH8
Website link: https://pecb.com/
Compliance audit under the Information Technology Act, 2000Sagar Rahurkar
The document discusses data privacy under the Information Technology Act, 2000 in India. It outlines key cases, issues, and provisions around organizational liability for failing to protect sensitive personal data, what constitutes reasonable security practices and procedures, and the role of the IT Act and IT Rules of 2011 in establishing India's data privacy framework. It also compares India's laws with data privacy regulations in other jurisdictions like the EU and US.
The document discusses principles for protecting student privacy in schools. It outlines five key principles: transparency about any data disclosures, prohibiting commercial uses of student data, implementing security protocols like encryption, giving parents rights to access and delete their child's data, and enforcing privacy laws with fines for non-compliance. The principles aim to address privacy risks students face when using school technology and ensure their personal data is not exploited. Protecting student privacy is important as more digital tools are used in classrooms but few consider the data privacy implications.
Data protection law in India is currently facing many problem and resentments due the absence of proper legislative framework. There is an ongoing explosion of cyber crimes on a global scale. The theft and sale of stolen data is happening across vast continents where physical boundaries pose no restriction or seem non-existent in this technological era. India being the largest host of outsourced data processing in the world could become the epicentre of cyber crimes this is mainly due absence of the appropriate legislation
Urgensi Perlindungan Data Pribadi Menuju ASEAN Community 2015ICT Watch
This document discusses personal data protection and privacy in the context of Indonesia preparing for the ASEAN Community in 2015. It begins with an introduction to key concepts like digital identity, personal data, and privacy. It then discusses different paradigms and approaches to privacy regulation between the OECD and APEC models. The document also outlines the Safe Harbor principles from the EU, eight principles of data protection, and rights of data subjects. It discusses future identity systems like STORK and the EU's new General Data Protection Regulation. The summary provides high-level context and overview of the key topics and issues covered in the document relating to personal data protection frameworks and regulations.
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
In the shadow of the global pandemic and the associated economic downturn, organizations are focused on cost optimization, which often leads to impulsive decisions to deprioritize compliance with all nonrevenue programs.
Regulators have evolved to adapt with the notable increase in data subject complaints and are getting more serious about organizations that don’t properly protect consumer data. Marriott was hit with a $124 million fine while Equifax agreed to pay a minimum of $575 million for its breach. The US Federal Trade Commission, the US Consumer Financial Protection Bureau (CFPB), and all 50 U.S. states and territories sued over the company’s failure to take “reasonable steps” to secure its sensitive personal data.
Privacy and data protection are enforced by a growing number of regulations around the world and people are actively demanding privacy protection — and legislators are reacting. More than 60 countries have introduced privacy laws in response to citizens’ cry for transparency and control. By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today, according to Gartner. There is a convergence of data privacy principles, standards and regulations on a common set of fundamental principles.
The opportunities to use data are growing exponentially, but so too are the business and financial risks as the number of data protection and privacy regulations grows internationally.
Join this webinar to learn more about:
- Trends in modern privacy regulations
- The impact on organizations to protect and use sensitive data
- Data privacy principles
- The impact of General Data Protection Regulation (GDPR) and data transfer between US and EU
- The evolving CCPA, the new PCI DSS version 4 and new international data privacy laws or regulations
- Data privacy best practices, use cases and how to control sensitive personal data throughout the data life cycle
Overview of privacy and data protection considerations for DEVELOPTrilateral Research
This document discusses ethical, privacy, and data protection considerations for a project called DEVELOP. It outlines relevant ethical values like autonomy, dignity, inclusion and beneficence. It also discusses the right to privacy under the European Convention on Human Rights and EU data protection law. The document provides an overview of the EU Data Protection Directive and the new General Data Protection Regulation. It raises specific privacy and data protection issues like informed consent, data minimization, and anonymity that DEVELOP should address.
Data protection & security breakfast briefing master slides 28 june-finalDr. Donald Macfarlane
The document summarizes an IBM breakfast briefing on data protection, security, and regulatory updates. The briefing covered the changing EU General Data Protection Regulations and implications for organizations, including increased fines for noncompliance. It also discussed practical strategies for organizations to build a culture of data protection compliance, including data discovery, classification, retention, and disposal. Speakers included experts from IBM, law firms, and other companies to discuss analytics and best practices to help organizations adhere to new rules and regulations.
The document discusses privacy laws in India related to digital data and personally identifiable information. It outlines key concepts around data privacy, categories of private data under Indian law, and relevant sections of the Information Technology Act 2000 regarding unauthorized access to data, compensation for failure to protect sensitive personal data, and criminal offenses for disclosure of private information. It also briefly mentions some global privacy laws like the Gramm–Leach–Bliley Act in the US.
The document discusses the Data Protection Act, which is designed to protect personal data by creating rights for individuals to control how their data is collected and used, making organizations responsible for securely storing and processing data in accordance with certain principles, and establishing penalties for violations. It outlines the main provisions of the Act, including what is considered personal data, the rights it provides to data subjects, and exceptions to the law.
OVERVIEW OF NIGERIA DATA PROTECTION ACT 2014UsmanMAmeer
This slide dive into Nigeria Data Protection Act 2014 to understand the right and roles of people that deals with Data, from Data Subject, Data Protection Officer to Data Compliance Officers.
The document discusses the macro-environment factors affecting the internet: social, legal/ethical, economic, political, and technological. Socially, perceptions and adoption are influenced by perceived benefits and risks like security and skills. Legally, privacy laws regulate the collection and use of personal information. Economically, e-commerce requires legislation around marketing, payments, and contracts. Politically, governments influence internet development through regulations. Technologically, new mobile technologies present challenges and opportunities for managers regarding adoption approaches.
This document discusses data protection and risk mitigation under South Africa's Protection of Personal Information Act (POPI). It addresses key issues like identifying personal data and systems impacted by POPI, information security safeguards, records management policies, digital content and app ownership, and considerations for protecting young people's data. The document provides recommendations like conducting a POPI audit, appointing an information officer, and establishing policies regarding privacy, security, and intellectual property.
This document summarizes a presentation on privacy trends in the age of technology. It discusses how new technologies like social media, big data analytics, and the internet of things present privacy challenges. It also outlines the 8 data protection principles in Ghana's Data Protection Act and how organizations can apply them. The presentation argues that privacy protection is as much about governance and innovation within organizations as it is about regulations. Coordinated efforts are needed between governments, organizations, and individuals to safeguard privacy in the digital era.
C8-Ethical, Social, & Political Issues in Ecommerce.PPTSyazwaniYa
This document outlines some of the key ethical, social, and political issues related to e-commerce, organized into four main categories: information rights, property rights, governance, and public safety/welfare. It discusses challenges like privacy and how personal information is collected and used online. It also covers intellectual property rights around copyright, patents, and trademarks. Governance issues involve questions around who will control the internet and elements of e-commerce. Additional topics include taxation of online sales, net neutrality, and efforts to protect children from inappropriate content.
This chapter discusses various public policy issues related to electronic commerce including legal issues, privacy, intellectual property, ethics, free speech, taxation, and consumer protection. It covers topics such as protecting privacy and intellectual property, debates around free speech and censorship, approaches to protecting children online, controlling spam, and taxation policies for e-commerce. The chapter provides an overview of the key considerations and challenges around these important policy areas.
Ethical, Social, and Political Issues in E-commerceNor Ayuzi Deraman
Internet, like other technologies, can:
Enable new crimes
Affect environment
Threaten social values
Costs and benefits must be carefully considered, especially when there are no clear-cut legal or cultural guidelines
Dokumen ini membahas tentang pentingnya keamanan informasi di sektor kesehatan. Informasi dan sistem informasi sangat dibutuhkan untuk perencanaan kesehatan, layanan kesehatan, rantai pasok farmasi dan kebutuhan medis lainnya, serta monitoring dan evaluasi pembangunan kesehatan. Untuk itu, dokumen ini menyarankan penerapan manajemen keamanan sistem informasi berdasarkan standar ISO, peningkatan kapasitas SDM dan infrastrukt
Dokumen tersebut membahas kebijakan dan standar keamanan informasi di sektor transportasi Kemenhub. Dokumen menjelaskan pentingnya keamanan informasi, ancaman terhadap sistem informasi, pengendalian sistem informasi, tujuan keamanan sistem informasi, kebijakan terkait keamanan informasi, sektor-sektor strategis transportasi beserta sistem informasinya, serta peranan Pusdatin Kemenhub dalam menjamin keamanan sistem informasi.
Dokumen tersebut membahas ancaman keamanan penerbangan khususnya terkait serangan siber, dan langkah-langkah pencegahan yang ditempuh Indonesia untuk meningkatkan keamanan penerbangan dari ancaman tersebut, seperti memperbaharui peraturan, meningkatkan pengawasan, dan kerja sama internasional.
Dokumen ini membahas tentang isu-isu strategis terkait keamanan informasi di subsektor ketenagalistrikan. Mencakup overview sistem TI Direktorat Jenderal Ketenagalistrikan yang mengelola aplikasi dan data penting seperti rencana kelistrikan nasional, program 35.000 MW, dan sertifikasi tenaga ahli. Dokumen ini juga menjelaskan perlunya mengamankan data-data strategis tersebut.
Dokumen tersebut merupakan laporan dari Kementerian Energi dan Sumber Daya Mineral Republik Indonesia yang membahas tentang kerangka regulasi, tugas, fungsi, kebijakan, sistem penyediaan dan pemanfaatan energi baru terbarukan dan konservasi energi, informasi layanan publik, serta aplikasi yang digunakan di lingkungan Direktorat Jenderal Energi Baru Terbarukan dan Konservasi Energi.
This document discusses IT governance and its importance for top-performing enterprises. It notes that successful enterprises understand both the risks and benefits of IT, and find ways to align IT strategy with business strategy. Top areas of focus for IT governance include strategic alignment, value delivery, resource management, risk management, and performance measurement. The goal of IT governance is to ensure IT is managed responsibly and supports business goals, enables new opportunities, and delivers services efficiently while risks are known and managed.
Dokumen tersebut membahas tentang dependabilitas pada perangkat lunak elektronik, termasuk ancaman keamanan, user sebagai titik terlemah, forensik digital, dan membangun sistem yang aman.
Dokumen tersebut membahas skema regulasi penyelenggaraan sistem dan transaksi elektronik berdasarkan UU ITE dan PP PSTE. Terdapat penjelasan tentang penyelenggara layanan publik dan non-publik, kewajiban hukum, ketentuan umum dan khusus, serta perbandingan dengan PM tentang pendaftaran sistem elektronik.
Dokumen tersebut membahas tentang sistem akreditasi dan sertifikasi di Indonesia. Ia menjelaskan dasar hukum akreditasi nasional dan peran Komite Akreditasi Nasional (KAN) dalam mengakreditasikan lembaga-lembaga uji kesesuaian seperti laboratorium, lembaga inspeksi, dan lembaga sertifikasi untuk mendukung kebijakan dan perdagangan nasional. Dokumen ini juga menyinggung kerja sama internasional KAN dalam pengakuan timbal balik
This document discusses current IT challenges including lights-out IT, mobile, cloud and social media, securing legacy technologies, and IT human resources. It also mentions the threat landscape and vulnerabilities as current issues. It suggests that standards may provide solutions to some of these problems.
Rangkuman dokumen tersebut adalah:
Peraturan Menteri ini mengatur penerapan sistem manajemen pengamanan informasi bagi penyelenggara sistem elektronik untuk pelayanan publik berdasarkan kategori risiko sistem. Sistem elektronik dikategorikan menjadi strategis, tinggi, dan rendah, dengan standar pengamanan yang berbeda. Penyelenggara sistem elektronik strategis dan tinggi wajib memiliki sertifikat, sedangkan rendah dapat
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
The Microsoft 365 Migration Tutorial For Beginner.pptxoperationspcvita
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
Session 1 - Intro to Robotic Process Automation.pdfUiPathCommunity
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Abubakar munir iisf2011
1. DATA PROTECTION LAW IS COMING TO ASIA
Professor Abu Bakar Munir
Faculty of Law, University of Malaya
Adviser to the Malaysian Government
(2007-2010)
INDONESIA INFORMATION SECURITY FORUM 2011
14 December 2011
Bandung, Indonesia
#IISF2011 1
4. Concept of Privacy
Definition
Privacy is our right to keep a domain around us,
which includes all those things that are part of us,
such as our body, home, thoughts, feelings,
secrets and identity. The right to privacy gives us
the ability to choose which parts in this domain
can be accessed by others, and to control the
extent, manner and timing of the use of those
parts we choose to disclose.
#IISF2011 4
5. Types of Privacy
The right to be left alone
Bodily privacy
Privacy of communications
Territorial privacy
Informational privacy
#IISF2011 5
6. Privacy as Human Rights
Article 12 Universal Declaration on Human Rights 1948
No one shall be subjected to arbitrary interference with his privacy,
family, home or correspondence, nor to attacks upon his honour and
reputation. Everyone has the right to the protection of the law against
such interference or attacks.
Some Other Instruments
Article 17, International Covenant on Civil and Political Rights 1966
Article 16, Conventions on the Rights of the Child 1989
Article 8, Convention for the Protection of Human Rights and
Fundamental Freedoms 1950
Article 18, OIC Cairo Declaration on Human Rights in Islam 1990
Article 4.3, Declaration of Principles on Freedom of Expression in Africa
2002
Article 5, American Declaration of the Rights and Duties of Man
#IISF2011 6
7. Informational Privacy
The rights of an individual to have
control over his personal information
Informational Privacy = Personal
Data Protection
#IISF2011 7
8. Why countries protect personal data?
International obligation
Competitiveness
Human right
International influence
#IISF2011 8
9. Why Protect Personal Data?
What Customers Say…
Nearly 90% of online consumers want the right to control
how their personal information is used after it is collected
(Forrester Research 2003)
87 % of Americans are concern about the security of their
information on the Internet
(Zogby International 2010)
61 % of adult Americans said that they were extremely
concerned about the privacy of their personal information
when buying online
(University of Southern California 2007)
#IISF2011 9
10. Cont……..
Our research shows that 80% of our customer would
walk away if we mishandled their information
(Royal Bank of Canada 2003)
Concerns about the use of personal information led
64% of respondents to decide not to purchase from a
company
(Privacy and American 2005)
67% respondents decided not to register at a website
or shop online because they found privacy policy to be
too complicated or unclear
(Privacy and American 2005)
#IISF2011 10
11. Malaysian Consumers Say…..
75.3% respondents say that they were “somehow
concerned” and “very concerned” with their personal
privacy even when not online
94.2 % respondents felt that their personal privacy
might be threatened when using the Internet
50.8 % of non Internet Banking customers have not
migrated to the online services mainly due to security,
trust and privacy concerns
(Muniruddeen Lallmahamood 2007/2008)
#IISF2011 11
12. Therefore….
Trust and risk are major determinants
towards purchasing and of intention to
purchase
Trust is difficult to gain but easy to lose
Consumers are concern about their privacy
Consumers are very concern about privacy
when transact online
#IISF2011 12
13. GOOD PRIVACY, GOOD BUSINESS
“Privacy is good for
business”
Harriet Pearson
IBM Chief Privacy Officer
#IISF2011 13
14. How?
Potential Risks
Breaches of data protection law
Damage to organization’s reputation and brand
Physical, psychological and economic harm to
customers
Financial losses associated with deterioration in
quality and integrity of personal data due to
customers’ distrusts
Loss of market share or a drop in stock prizes
due to negative publicity/ failure or delay in the
implementation of new product / service due to
privacy concern
#IISF2011 14
15. Benefits
More positive organizational image and
significant edge over the competition
Business development via expansion into
jurisdiction requiring clear privacy standard
Enhanced data quality and integrity
Fostering better customer service and more
strategic business decision making
Enhanced customer trusts and loyalty
#IISF2011 15
18. International Instruments
OECD Guidelines 1980
Council of Europe Convention 1981
European Directive 1995
APEC Privacy Framework 2004
Madrid Resolution 2009
#IISF2011 18
20. Council of Europe Convention 1981
Personal Data shall be:
obtained fairly and lawfully
stored for specified and legitimate purposes and not
used in a way incompatible with those purposes
adequate, relevant and not excessive
accurate and, where necessary kept up to date
preserved in a form which permits identification of the
data subjects for no longer than is required for the
purpose for which those data are stored
#IISF2011 20
21. European Directive 1995
Personal data must be;
Processed fairly and lawfully
Collected for specified, explicit and legitimate purposes
and not further processed in a way incompatible with
those purposes
adequate, relevant and not excessive
accurate and, where necessary kept up to date
#IISF2011 21
22. APEC Privacy Framework 2004 (9 Principles)
Preventing harm
Notice
Collection Limitation
Uses of personal information
Choice
Integrity
Security safeguards
Access and correction
accountability
#IISF2011 22
23. Madrid Resolution 2009 (6 Principles)
Lawfulness and fairness
Purpose specification
Proportionality
Data quality
Openness
Accountability
#IISF2011 23
24. Innovative ideas on proactive measures to protect
personal data:
Procedures to prevent and detect breaches
Appointment of data protection or privacy officers
Training, education and awareness programmes
Audit
Adaptation of information systems and /or technologies
Implementation of privacy impact assessment prior to
implementing new systems or technologies
Adoption of codes of practice
Implementation of a response plan
The Madrid Resolution has received support from
Oracle, Walt Disney, Accenture, Microsoft, Google,
Intel, Procter & Gamble, General Electric, IBM and
Hewlett Packard #IISF2011 24
26. Comprehensive Legislation
All EU countries, including the 10 new
member states (Cyprus, Czech Republic,
Estonia, Hungary, Latvia, Lithuania, Malta,
Poland, Slovakia and Slovenia)
Japan, Korea, New Zealand, Australia, Hong
Kong, Macao, Taiwan, Philippines
Chile, Argentina, Brazil, Mexico
In Middle East, only Israel
#IISF2011 26
27. Legislation + Self-Regulatory
USA – Privacy Act 1974 + 12 federal
sectoral based legislation + State Laws
+ Safe Harbour
Self-Regulatory
Singapore - Does not work – To have a
data protection law by 2012
#IISF2011 27
28. Doing Nothing so far
Brunei
Vietnam
Laos
Cambodia
Many more
#IISF2011 28
30. Our Part of the World : What’s Happening ?
• Macao enacted her Personal Data Protection Act in 2006
• China has came out with several drafts of the law, and the latest in 2007
• India amended her Information Technology Act in December 2008. Some new provisions are added
to protect privacy and personal data. In April 2011, the third draft of the Privacy Bill was issued.
• Indonesia came out with an academic draft in 2009
• Thailand has developed a draft Bill in 2010
• Taiwan amended her old law and passed a more comprehensive Personal Data Protection Act in
April 2010
• Malaysia has passed the Personal Data Protection Act in June 2010
• Korea came out with a more comprehensive law in March 2011
• The Philippines Congress has came out with the draft Act
• Australia and Hong Kong are reviewing their Privacy Act and Privacy Ordinance respectively
• Singapore is currently developing a law and is expected to be ready by 2012. On 13 Sept 2011, a
Consultation Paper was released
• In April 2011, the EU Working Party decided that the New Zealand Privacy Act is adequate
#IISF2011 30
31. Korea Malaysia Taiwan
Data Protection Act Personal Data Personal Data
2011 Protection Act 2010 Protection Act 2010
• Data Protection • Data Protection • Data Protection
Principles Principles Principles
• Rights of Data Subjects • Rights of Data • Rights of Data
• Organization to Subjects Subjects
designate someone to
take charge • Special entity to • Mandatory data
• Special entity to enforce enforce the Act (Data Breach Notification
the Act (Data Protection Protection (to the Data Subject)
Commission/DPC) Commissioner) • Enforcement by
• Mandatory reporting of • No mandatory data Ministries responsible
significant breach to DPC breach notification. for each industry
• Data breach notification • Differentiate personal sector
(to the Data Subject) data & sensitive data.
• Mediation to resolve • Does not apply to
dispute.
Federal and States
• Differentiate personal Goverments
data & sensitive data
• PIAs are encouraged
#IISF2011 31
32. Malaysian PDPA : An Overview
Federal &
States
Govts
Credit Non-
Reference Commercial
Agencies Transactions
Non-
Application
Data Personal,
Processed Family,
Outside Household
Malaysia Affairs
#IISF2011 32
33. General
Principle
Notice and
Access
Choice
Principle
Principle
DATA
PROTECTION
Data PRINCIPLES
Disclosure
Integrity
Principle
Principle
Retention Security
Principle Principle
#IISF2011 33
34. Exemptions
• Crime Prevention/Detection
• Offenders Apprehension/Prosecution
• Tax/Duty Assessment/Collection
Partial • Physical/Mental Health
• Statistics/Research
• Court Order/Judgment
• Regulatory Functions
• Journalistic/Literary/Artistic
• Personal
• Family
Total • Household
• Recreational
#IISF2011 34
35. Right to be
Informed
Right to
Prevent
Processing for Right to
Direct Access
Marketing
Purposes
RIGHTS
OF DATA
SUBJECTS
Right to
Prevent
Right to
Processing
Correct
Likely to
Cause Distress
Right to
Withdraw
Consent
#IISF2011 35
36. No. Section Offences Penalty
1 Fine <RM500,000.00/
S. 16(4) Processing without a certificate of registration
Imprisonment < 3 years/ Both
2 Fine <RM500,000.00/
S 18(5) Processing after registration is revoked
Imprisonment < 3 years/Both
3 Fine <RM500,000.00/
S.5 Contravening Data Protection Principles
Imprisonment < 2 years/Both
4 Fine <RM100,000.00/
S. 29 Non-Compliance with Code of Practice
Imprisonment < 1 year/Both
5 Failure to Inform the Refusal to Comply with the Data Fine <RM100,000.00/
S. 37(4)
Correction Request Imprisonment < 1 year/Both
6 Fine <RM100,000.00/
S. 38(4) Processing after consent been withdrawn
Imprisonment < 1 year/Both
7 Fine <RM200,000.00/
S.40(3) Processing of Sensitive Data
Imprisonment < 2 years/Both
8. Failure to Comply with the Commissioner’s
Fine <RM200,000.00/
S.42(6) Requirement
Imprisonment < 2 years/Both
(Processing likely to cause damage or distress)
9 Failure to Comply with the Commissioner’s
Fine <RM200,000.00/
S. 43(4) Requirement
Imprisonment < 2 years/Both
(Direct Marketing)
10. Transfer of Data to Places Outside Malaysia without Fine <RM300,000.00/
S. 129(5)
any law or adequate protection Imprisonment < 2 years/Both
11 Collects, disclose or procure to disclose data without Fine <RM500,000.00/
S. 130(3)
consent of Data User Imprisonment < 3 years/Both
12 Fine <RM500,000.00/
S. 130(4) and (5) Selling or offer to sell
Imprisonment < 3 years/Both
13 #IISF2011 36
Half of the maximum term provided for
S. 131(1) and (2) Abetment and Attempt to commit any of the offences
that offence
37. Enforcement Mechanisms
Data Protection Commissioner
Advisory Committee
Appeal Tribunal
Codes of Practice
Enforcement Notice
Prosecution
Revocation of Registration
#IISF2011 37
39. My other books on ICT Law
In Print
Cyber Law: Privacy and Internet Banking: Information &
Policies and Data Protection Law and Practice Communication
Challenges Sweet & Maxwell LexisNexis UK Technology Law
Butterworths Asia (2002) (2004) Legal & Regulatory
(1999) Challenges
Thomson Reuters
(2010)
#IISF2011 39