SlideShare a Scribd company logo
Data Protection:
What you should know about it?
Presentation by
Dima Samaro
MENA Policy Researcher, Access Now
Emna Sayadi
MENA Advocacy Lead, Access Now
Topics to be covered:
1- The definition of data protection
2- Main principles of data protection
3- Examples of data protection
4- The concept of GDPR
5- Challenges of data protection law in Tunisia
What is data protection?
It refers to the practices, safeguards, and binding rules put in place to protect
your personal information and ensure that you remain in control of it.
In short, you should be able to decide whether or not you want to share some
information, who has access to it, for how long, and for what reason, and to
be able to modify some of this information, and more.
In the EU, these rules are defined under the General Data Protection
Regulation (GDPR)
What is personal Data?
Any information relating to you (identified or identifiable natural person)
whether it relates to your private, professional, or public life, such as
■ Name
■ Identification number
■ Location data
■ Online identifier (IP address)
■ Factors specific to the physical, physiological, genetic, mental, economic,
cultural or social identity of that natural person.
Special category data:
Also called 'Sensitive Personal Data' which is subject to greater
controls around processing; it refers to data regarding:
■ racial or ethnic origin,
■ political opinions,
■ religious or philosophical beliefs, or trade union membership,
■ genetic data,
■ biometric data (for the purpose of identifying a natural person),
■ data concerning health or
■ data concerning a natural person's sex life or sexual
orientation.
1. Purpose limitation - All data should be collected and used
only for purposes that were declared by the company, a
government body, or an organisation.
2. Retention - Personal data should be stored only during the
period necessary for purposes processing.
3. Data minimisation - You have no right to collect more data
than you need to process.
4. Integrity and confidentiality - Personal data must be kept
securely.
5. Accuracy - Personal data must be accurate, kept up to
date, and Inaccurate personal data should be corrected or
deleted.
6. Lawfulness, fairness and transparency - Personal data
must be processed lawfully, fairly and in a transparent
manner.
Main principles of data protection:
Examples of data protection:
● Grocery stores or supermarkets:
Have you ever received an sms (sales, advertisement, etc..) right after
leaving the store? Or after a couple of days?
Whenever you leave your number, name, e-mail or any personal data, your
personal data will not be protected anymore, and the store might use for its
interest!
● Social Media platforms: Facebook, Twitter, Linkedin, Google Instagram
and others
- It doesn’t really matter if you use social media platform occasionally.
- The collecting and giving away of personal data starts when you sign
up for these social network, it continues as users add third-party apps
such as games, educational apps etc…
➢ In Facebook, for example, the stored data are:
● Every ad users click on
● Any additional personal information added to the profile including: schools, maiden
name, hometown ,employment, etc..
● Every IP address that the user used when logging into the Facebook account
● Every friend in the network, including friends that have been deleted
● All of the user’s activity—ever.
➢ What does the third-party app do with my data?
● The app sells the data to someone else. Ex: Cambridge
Analytica (the data firm that worked for Trump’s
campaign)
● Or they sell it illegally on dark web for few dollars!
Applications connected to Facebook
● In 2016, 3 billion Yahoo accounts were hacked in one of the biggest breaches of all
time. (Oath.com)
● In 2016, Uber reported that hackers stole the information of over 57 million riders and
drivers. (Uber)
● At least 87 million records breached on Facebook (though likely many more) users to
find out if their personal data was breached (abc news)
➢ How can I protect myself?
1. Get rid of all those third-party apps
2. Turn off location data
3. Be more in control of your privacy (Nobody really knows where your information goes
once you click, “Like,”)
General Data Protection Regulation (GDPR) is a new set of rules designed to give EU
citizens more control over their personal data. On 25 May, 2018 GDPR came into force in
all 28 Member States of the EU.
● It aims to simplify the regulatory environment for business, so both citizens and
businesses fully benefit from the digital economy.
● It applies to:
- Any organisation operating within the EU, as well as any organisations outside of
the EU which offer goods or services to customers or businesses in the EU.
- Citizens of the European Union or to individuals located in the EU, no matter
where they are from.
- Private companies such as Facebook, Microsoft, Dropbox, Amazon, or Spotify
and government bodies.
What is GDPR?
● Not only will organisations have to ensure that personal data is gathered legally and
under strict conditions, but those who collect and manage it will be obliged to protect it
from misuse and exploitation - or face penalties for not doing so.
● GDPR is also set to bring a clarified 'right to be forgotten' process, which provides
additional rights and freedoms to people who no longer want their personal data
processed to have it deleted, providing there's no grounds for retaining it.
Data Protection Officer?
Mission of DPO:
Safeguard the privacy rights of all
individuals with regard to the processing
of their personal data.
● On March 1, 2018, the Tunisian Council of Ministers approved data protection
law, in Tunisia.
● The draft law violates the principles of transparency and access to information
guaranteed by the Tunisian Constitution (Chapter 32); the definition of
personal data did not distinguish between private and public life.
● A conflict and ongoing argument between the two authorities that work under
the Data Protection Law; Access to information authority – (access to public
info and data) and Data protection authority – (protecting personal data of
individuals).
Tunisia and data protection law
● The access to information authority was not consulted in editing the
draft law, which violates Article 38 of Act No. 22 of 2016 on access to
information.
● Civil society was not consulted in the drafting Data Protection Law,
and their role was limited to submitting written reports.
Thank You :)
For more info on Access Now please visit:
www.accessnow.org

More Related Content

What's hot

GDPR Is Coming – Are Emailers Ready?
GDPR Is Coming – Are Emailers Ready?GDPR Is Coming – Are Emailers Ready?
GDPR Is Coming – Are Emailers Ready?
MediaPost
 
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Burton Lee
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentation
Kholisile Mazaza
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Werksmans Attorneys
 
TIK_4. pengelolaan informasi_20161__rev
TIK_4. pengelolaan informasi_20161__revTIK_4. pengelolaan informasi_20161__rev
TIK_4. pengelolaan informasi_20161__rev
jackpopo
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protection
sp_krishna
 
FCE Briefing GDPR and Equal Opportunities Monitoring MAY18
FCE Briefing GDPR and Equal Opportunities Monitoring MAY18FCE Briefing GDPR and Equal Opportunities Monitoring MAY18
FCE Briefing GDPR and Equal Opportunities Monitoring MAY18
Fife Centre for Equalities
 
Information privacy and Security
Information privacy and SecurityInformation privacy and Security
Information privacy and Security
AnuMarySunny
 
ALTOUR GDPR Compliance Statement v4
ALTOUR GDPR Compliance Statement v4ALTOUR GDPR Compliance Statement v4
ALTOUR GDPR Compliance Statement v4
Altour
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...
Werksmans Attorneys
 
Protection of Personal Information
Protection of Personal InformationProtection of Personal Information
Protection of Personal Information
Francois Naude Jr.
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
Harrison Clark Rickerbys
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)
Russell_Kennedy
 
The Data Protection Act What You Need To Know
The Data Protection Act   What You Need To KnowThe Data Protection Act   What You Need To Know
The Data Protection Act What You Need To Know
EamonnORagh
 
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
Harrison Clark Rickerbys
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Werksmans Attorneys
 
Werksmans presentations on popi
Werksmans presentations on popiWerksmans presentations on popi
Werksmans presentations on popi
Werksmans Attorneys
 
ILP Durham webinar: GDPR in the Lighting Industry
ILP Durham webinar: GDPR in the Lighting IndustryILP Durham webinar: GDPR in the Lighting Industry
ILP Durham webinar: GDPR in the Lighting Industry
Institution of Lighting Professionals
 
Sovereignty: the state of data
Sovereignty: the state of dataSovereignty: the state of data
Sovereignty: the state of data
dan hyde
 

What's hot (19)

GDPR Is Coming – Are Emailers Ready?
GDPR Is Coming – Are Emailers Ready?GDPR Is Coming – Are Emailers Ready?
GDPR Is Coming – Are Emailers Ready?
 
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentation
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
 
TIK_4. pengelolaan informasi_20161__rev
TIK_4. pengelolaan informasi_20161__revTIK_4. pengelolaan informasi_20161__rev
TIK_4. pengelolaan informasi_20161__rev
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protection
 
FCE Briefing GDPR and Equal Opportunities Monitoring MAY18
FCE Briefing GDPR and Equal Opportunities Monitoring MAY18FCE Briefing GDPR and Equal Opportunities Monitoring MAY18
FCE Briefing GDPR and Equal Opportunities Monitoring MAY18
 
Information privacy and Security
Information privacy and SecurityInformation privacy and Security
Information privacy and Security
 
ALTOUR GDPR Compliance Statement v4
ALTOUR GDPR Compliance Statement v4ALTOUR GDPR Compliance Statement v4
ALTOUR GDPR Compliance Statement v4
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...
 
Protection of Personal Information
Protection of Personal InformationProtection of Personal Information
Protection of Personal Information
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)
 
The Data Protection Act What You Need To Know
The Data Protection Act   What You Need To KnowThe Data Protection Act   What You Need To Know
The Data Protection Act What You Need To Know
 
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
GDPR Breakfast Briefing for Business Owners, IT Directors, HR Directors & Ops...
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...
 
Werksmans presentations on popi
Werksmans presentations on popiWerksmans presentations on popi
Werksmans presentations on popi
 
ILP Durham webinar: GDPR in the Lighting Industry
ILP Durham webinar: GDPR in the Lighting IndustryILP Durham webinar: GDPR in the Lighting Industry
ILP Durham webinar: GDPR in the Lighting Industry
 
Sovereignty: the state of data
Sovereignty: the state of dataSovereignty: the state of data
Sovereignty: the state of data
 

Similar to Access now : Data Protection: What you should know about it?

Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
caniceconsulting
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
Saira Nayak, JD, CIPP/US/E
 
Information Privacy?! (GDPR)
Information Privacy?! (GDPR)Information Privacy?! (GDPR)
Information Privacy?! (GDPR)
Michel Bitter
 
GDPR Is Coming – Are Search Marketers Ready?
GDPR Is Coming – Are Search Marketers Ready?GDPR Is Coming – Are Search Marketers Ready?
GDPR Is Coming – Are Search Marketers Ready?
MediaPost
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
Dione McBride, CISSP, CIPP/E
 
Data set Legislation
Data set   Legislation Data set   Legislation
Data set Legislation
Data-Set
 
Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0
Aaron Banham
 
NetSquared London - GDPR for charities
NetSquared London - GDPR for charitiesNetSquared London - GDPR for charities
NetSquared London - GDPR for charities
Tech Trust
 
Advanced Data Protection training for volunteers
Advanced Data Protection training for volunteersAdvanced Data Protection training for volunteers
Advanced Data Protection training for volunteers
Parkinson's UK
 
Age Friendly Economy - Legislation and Ethics of Data Use
Age Friendly Economy - Legislation and Ethics of Data UseAge Friendly Economy - Legislation and Ethics of Data Use
Age Friendly Economy - Legislation and Ethics of Data Use
AgeFriendlyEconomy
 
GDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It WebinarGDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It Webinar
Sagittarius
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
Symantec
 
GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.
Matthias Dobbelaere-Welvaert
 
How to Protect Your Data
How to Protect Your DataHow to Protect Your Data
Data set module 4
Data set   module 4Data set   module 4
Data set module 4
Data-Set
 
The Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationThe Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection Regulation
Jake DiMare
 
Data set Legislation
Data set LegislationData set Legislation
Data set Legislation
Data-Set
 
Data set Legislation
Data set LegislationData set Legislation
Data set Legislation
Data-Set
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
EMMAIntl
 
PP Lec9n10 Sp2020.pptx
PP Lec9n10 Sp2020.pptxPP Lec9n10 Sp2020.pptx
PP Lec9n10 Sp2020.pptx
MuhammadAbdullah201796
 

Similar to Access now : Data Protection: What you should know about it? (20)

Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
 
Information Privacy?! (GDPR)
Information Privacy?! (GDPR)Information Privacy?! (GDPR)
Information Privacy?! (GDPR)
 
GDPR Is Coming – Are Search Marketers Ready?
GDPR Is Coming – Are Search Marketers Ready?GDPR Is Coming – Are Search Marketers Ready?
GDPR Is Coming – Are Search Marketers Ready?
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
 
Data set Legislation
Data set   Legislation Data set   Legislation
Data set Legislation
 
Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0
 
NetSquared London - GDPR for charities
NetSquared London - GDPR for charitiesNetSquared London - GDPR for charities
NetSquared London - GDPR for charities
 
Advanced Data Protection training for volunteers
Advanced Data Protection training for volunteersAdvanced Data Protection training for volunteers
Advanced Data Protection training for volunteers
 
Age Friendly Economy - Legislation and Ethics of Data Use
Age Friendly Economy - Legislation and Ethics of Data UseAge Friendly Economy - Legislation and Ethics of Data Use
Age Friendly Economy - Legislation and Ethics of Data Use
 
GDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It WebinarGDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It Webinar
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
 
GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.
 
How to Protect Your Data
How to Protect Your DataHow to Protect Your Data
How to Protect Your Data
 
Data set module 4
Data set   module 4Data set   module 4
Data set module 4
 
The Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationThe Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection Regulation
 
Data set Legislation
Data set LegislationData set Legislation
Data set Legislation
 
Data set Legislation
Data set LegislationData set Legislation
Data set Legislation
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
 
PP Lec9n10 Sp2020.pptx
PP Lec9n10 Sp2020.pptxPP Lec9n10 Sp2020.pptx
PP Lec9n10 Sp2020.pptx
 

More from ANSItunCERT

Protection des enfants sur Internet et les appareils sous Android.pdf
Protection des enfants sur Internet et les appareils sous Android.pdfProtection des enfants sur Internet et les appareils sous Android.pdf
Protection des enfants sur Internet et les appareils sous Android.pdf
ANSItunCERT
 
Fiche de suivi
Fiche de suiviFiche de suivi
Fiche de suivi
ANSItunCERT
 
Fiche de suivi
Fiche de suivi Fiche de suivi
Fiche de suivi
ANSItunCERT
 
SAHER Magazine - Juin 2020
SAHER Magazine - Juin 2020SAHER Magazine - Juin 2020
SAHER Magazine - Juin 2020
ANSItunCERT
 
Phishing : Display name impersonation
Phishing : Display name impersonationPhishing : Display name impersonation
Phishing : Display name impersonation
ANSItunCERT
 
SAHER Magazine - Mars 2020
SAHER Magazine - Mars 2020SAHER Magazine - Mars 2020
SAHER Magazine - Mars 2020
ANSItunCERT
 
Modèle de déclaration des failles
Modèle de déclaration des faillesModèle de déclaration des failles
Modèle de déclaration des failles
ANSItunCERT
 
NextCloud - télétravail
NextCloud - télétravailNextCloud - télétravail
NextCloud - télétravail
ANSItunCERT
 
Safer Internet Day 2020
Safer Internet Day 2020 Safer Internet Day 2020
Safer Internet Day 2020
ANSItunCERT
 
SAHER Magazine - Octobre 2019
SAHER Magazine - Octobre 2019SAHER Magazine - Octobre 2019
SAHER Magazine - Octobre 2019
ANSItunCERT
 
SAHER Magazine - août 2019
SAHER Magazine - août 2019SAHER Magazine - août 2019
SAHER Magazine - août 2019
ANSItunCERT
 
SAHER Magazine - Juillet 2019
SAHER Magazine - Juillet 2019SAHER Magazine - Juillet 2019
SAHER Magazine - Juillet 2019
ANSItunCERT
 
SAHER Magazine - Juin 2019
SAHER Magazine - Juin 2019SAHER Magazine - Juin 2019
SAHER Magazine - Juin 2019
ANSItunCERT
 
SAHER Magazine - Mai 2019
SAHER Magazine - Mai 2019SAHER Magazine - Mai 2019
SAHER Magazine - Mai 2019
ANSItunCERT
 
SAHER Magazine - Avril 2019
SAHER Magazine - Avril 2019SAHER Magazine - Avril 2019
SAHER Magazine - Avril 2019
ANSItunCERT
 
SAHER Magazine - Mars 2019
SAHER Magazine - Mars 2019SAHER Magazine - Mars 2019
SAHER Magazine - Mars 2019
ANSItunCERT
 
Stratégie Tunisie Digitale 2020
Stratégie Tunisie Digitale 2020 Stratégie Tunisie Digitale 2020
Stratégie Tunisie Digitale 2020
ANSItunCERT
 
Enginov - Alpha Engineering : Modèles et plateforme de coordination avec le C...
Enginov - Alpha Engineering : Modèles et plateforme de coordination avec le C...Enginov - Alpha Engineering : Modèles et plateforme de coordination avec le C...
Enginov - Alpha Engineering : Modèles et plateforme de coordination avec le C...
ANSItunCERT
 
Ansi - Tuncert : Référentiel d'audit de la sécurité des SI
Ansi - Tuncert : Référentiel d'audit de la sécurité des SIAnsi - Tuncert : Référentiel d'audit de la sécurité des SI
Ansi - Tuncert : Référentiel d'audit de la sécurité des SI
ANSItunCERT
 
Excellium : Réponses aux incidents - approches et enseignements
Excellium : Réponses aux incidents - approches et enseignementsExcellium : Réponses aux incidents - approches et enseignements
Excellium : Réponses aux incidents - approches et enseignements
ANSItunCERT
 

More from ANSItunCERT (20)

Protection des enfants sur Internet et les appareils sous Android.pdf
Protection des enfants sur Internet et les appareils sous Android.pdfProtection des enfants sur Internet et les appareils sous Android.pdf
Protection des enfants sur Internet et les appareils sous Android.pdf
 
Fiche de suivi
Fiche de suiviFiche de suivi
Fiche de suivi
 
Fiche de suivi
Fiche de suivi Fiche de suivi
Fiche de suivi
 
SAHER Magazine - Juin 2020
SAHER Magazine - Juin 2020SAHER Magazine - Juin 2020
SAHER Magazine - Juin 2020
 
Phishing : Display name impersonation
Phishing : Display name impersonationPhishing : Display name impersonation
Phishing : Display name impersonation
 
SAHER Magazine - Mars 2020
SAHER Magazine - Mars 2020SAHER Magazine - Mars 2020
SAHER Magazine - Mars 2020
 
Modèle de déclaration des failles
Modèle de déclaration des faillesModèle de déclaration des failles
Modèle de déclaration des failles
 
NextCloud - télétravail
NextCloud - télétravailNextCloud - télétravail
NextCloud - télétravail
 
Safer Internet Day 2020
Safer Internet Day 2020 Safer Internet Day 2020
Safer Internet Day 2020
 
SAHER Magazine - Octobre 2019
SAHER Magazine - Octobre 2019SAHER Magazine - Octobre 2019
SAHER Magazine - Octobre 2019
 
SAHER Magazine - août 2019
SAHER Magazine - août 2019SAHER Magazine - août 2019
SAHER Magazine - août 2019
 
SAHER Magazine - Juillet 2019
SAHER Magazine - Juillet 2019SAHER Magazine - Juillet 2019
SAHER Magazine - Juillet 2019
 
SAHER Magazine - Juin 2019
SAHER Magazine - Juin 2019SAHER Magazine - Juin 2019
SAHER Magazine - Juin 2019
 
SAHER Magazine - Mai 2019
SAHER Magazine - Mai 2019SAHER Magazine - Mai 2019
SAHER Magazine - Mai 2019
 
SAHER Magazine - Avril 2019
SAHER Magazine - Avril 2019SAHER Magazine - Avril 2019
SAHER Magazine - Avril 2019
 
SAHER Magazine - Mars 2019
SAHER Magazine - Mars 2019SAHER Magazine - Mars 2019
SAHER Magazine - Mars 2019
 
Stratégie Tunisie Digitale 2020
Stratégie Tunisie Digitale 2020 Stratégie Tunisie Digitale 2020
Stratégie Tunisie Digitale 2020
 
Enginov - Alpha Engineering : Modèles et plateforme de coordination avec le C...
Enginov - Alpha Engineering : Modèles et plateforme de coordination avec le C...Enginov - Alpha Engineering : Modèles et plateforme de coordination avec le C...
Enginov - Alpha Engineering : Modèles et plateforme de coordination avec le C...
 
Ansi - Tuncert : Référentiel d'audit de la sécurité des SI
Ansi - Tuncert : Référentiel d'audit de la sécurité des SIAnsi - Tuncert : Référentiel d'audit de la sécurité des SI
Ansi - Tuncert : Référentiel d'audit de la sécurité des SI
 
Excellium : Réponses aux incidents - approches et enseignements
Excellium : Réponses aux incidents - approches et enseignementsExcellium : Réponses aux incidents - approches et enseignements
Excellium : Réponses aux incidents - approches et enseignements
 

Recently uploaded

WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
flufftailshop
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
GDSC PJATK
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 

Recently uploaded (20)

WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 

Access now : Data Protection: What you should know about it?

  • 1. Data Protection: What you should know about it? Presentation by Dima Samaro MENA Policy Researcher, Access Now Emna Sayadi MENA Advocacy Lead, Access Now
  • 2. Topics to be covered: 1- The definition of data protection 2- Main principles of data protection 3- Examples of data protection 4- The concept of GDPR 5- Challenges of data protection law in Tunisia
  • 3. What is data protection? It refers to the practices, safeguards, and binding rules put in place to protect your personal information and ensure that you remain in control of it. In short, you should be able to decide whether or not you want to share some information, who has access to it, for how long, and for what reason, and to be able to modify some of this information, and more. In the EU, these rules are defined under the General Data Protection Regulation (GDPR) What is personal Data? Any information relating to you (identified or identifiable natural person) whether it relates to your private, professional, or public life, such as ■ Name ■ Identification number ■ Location data ■ Online identifier (IP address) ■ Factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • 4. Special category data: Also called 'Sensitive Personal Data' which is subject to greater controls around processing; it refers to data regarding: ■ racial or ethnic origin, ■ political opinions, ■ religious or philosophical beliefs, or trade union membership, ■ genetic data, ■ biometric data (for the purpose of identifying a natural person), ■ data concerning health or ■ data concerning a natural person's sex life or sexual orientation.
  • 5.
  • 6. 1. Purpose limitation - All data should be collected and used only for purposes that were declared by the company, a government body, or an organisation. 2. Retention - Personal data should be stored only during the period necessary for purposes processing. 3. Data minimisation - You have no right to collect more data than you need to process. 4. Integrity and confidentiality - Personal data must be kept securely. 5. Accuracy - Personal data must be accurate, kept up to date, and Inaccurate personal data should be corrected or deleted. 6. Lawfulness, fairness and transparency - Personal data must be processed lawfully, fairly and in a transparent manner. Main principles of data protection:
  • 7. Examples of data protection: ● Grocery stores or supermarkets: Have you ever received an sms (sales, advertisement, etc..) right after leaving the store? Or after a couple of days? Whenever you leave your number, name, e-mail or any personal data, your personal data will not be protected anymore, and the store might use for its interest! ● Social Media platforms: Facebook, Twitter, Linkedin, Google Instagram and others - It doesn’t really matter if you use social media platform occasionally. - The collecting and giving away of personal data starts when you sign up for these social network, it continues as users add third-party apps such as games, educational apps etc…
  • 8. ➢ In Facebook, for example, the stored data are: ● Every ad users click on ● Any additional personal information added to the profile including: schools, maiden name, hometown ,employment, etc.. ● Every IP address that the user used when logging into the Facebook account ● Every friend in the network, including friends that have been deleted ● All of the user’s activity—ever. ➢ What does the third-party app do with my data? ● The app sells the data to someone else. Ex: Cambridge Analytica (the data firm that worked for Trump’s campaign) ● Or they sell it illegally on dark web for few dollars!
  • 10. ● In 2016, 3 billion Yahoo accounts were hacked in one of the biggest breaches of all time. (Oath.com) ● In 2016, Uber reported that hackers stole the information of over 57 million riders and drivers. (Uber) ● At least 87 million records breached on Facebook (though likely many more) users to find out if their personal data was breached (abc news) ➢ How can I protect myself? 1. Get rid of all those third-party apps 2. Turn off location data 3. Be more in control of your privacy (Nobody really knows where your information goes once you click, “Like,”)
  • 11. General Data Protection Regulation (GDPR) is a new set of rules designed to give EU citizens more control over their personal data. On 25 May, 2018 GDPR came into force in all 28 Member States of the EU. ● It aims to simplify the regulatory environment for business, so both citizens and businesses fully benefit from the digital economy. ● It applies to: - Any organisation operating within the EU, as well as any organisations outside of the EU which offer goods or services to customers or businesses in the EU. - Citizens of the European Union or to individuals located in the EU, no matter where they are from. - Private companies such as Facebook, Microsoft, Dropbox, Amazon, or Spotify and government bodies. What is GDPR?
  • 12. ● Not only will organisations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it will be obliged to protect it from misuse and exploitation - or face penalties for not doing so. ● GDPR is also set to bring a clarified 'right to be forgotten' process, which provides additional rights and freedoms to people who no longer want their personal data processed to have it deleted, providing there's no grounds for retaining it.
  • 13. Data Protection Officer? Mission of DPO: Safeguard the privacy rights of all individuals with regard to the processing of their personal data.
  • 14. ● On March 1, 2018, the Tunisian Council of Ministers approved data protection law, in Tunisia. ● The draft law violates the principles of transparency and access to information guaranteed by the Tunisian Constitution (Chapter 32); the definition of personal data did not distinguish between private and public life. ● A conflict and ongoing argument between the two authorities that work under the Data Protection Law; Access to information authority – (access to public info and data) and Data protection authority – (protecting personal data of individuals). Tunisia and data protection law
  • 15. ● The access to information authority was not consulted in editing the draft law, which violates Article 38 of Act No. 22 of 2016 on access to information. ● Civil society was not consulted in the drafting Data Protection Law, and their role was limited to submitting written reports.
  • 16. Thank You :) For more info on Access Now please visit: www.accessnow.org