eBusiness Club "Demystifying the EU Cookie Law presentation, GeldardsJon Egley
The eBusiness Club eBiz byte seminar delivered by Julian Turner, Senior Associate Solicitor with one of the country’s leading regional law firms Geldards demystifying both the legal issues whilst offering practical advice on how to implement effective solutions.
eBusiness Club "Demystifying the EU Cookie Law presentation, GeldardsJon Egley
The eBusiness Club eBiz byte seminar delivered by Julian Turner, Senior Associate Solicitor with one of the country’s leading regional law firms Geldards demystifying both the legal issues whilst offering practical advice on how to implement effective solutions.
EU Cookie Directive Report On Compliance In The UK And IrelandKrishna De
EU Cookie Directive - research into compliance in the UK and Ireland - original document at http://www.espiongroup.com/content/resources/Espion_White_Paper_-_EU_Cookie_Directive_-_A_User-Driven_Assessment_of_Online_Compliance_in_the_UK_and_Ireland.pdf
Vanaf 25 mei 2018 moeten alle (Magento webshops) in Europa aan de nieuwe regelgeving van de Algemene Verordering Gegevensbescherming (AVG) of GDPR (General Data Protection Regulation (GDPR) voldoen. Wat betekent dit voor Magento webshops? Een analyse door Reach Digital.
Nederlands artikel op https://reachdigital.nl/blog/checklist-algemene-verordering-gegevensbescherming-AVG-GDPR-Magento-webshops
Social business software is all about sharing content and data in a “collaborative” way to identify internal or external experts. Most of these data must be considered as personal data which is related to an individual person.
Implementing social business technologies in enterprises often leads to discussion with data protection supervisors how to be compliant with EU data protection law. This discussion gets even more challenging if you consider using social business applications in “the cloud” which might the only choice in the near future due IBMs “Cloud First” or Microsoft’s “Cloud only” delivery model.
This session will give you an overview
- about EU data protection regulations
- its implications for using social business systems
- special considerations for using cloud based social business systems
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...AltheimPrivacy
This is a new set of slides, adapted after the 10/21/2013 LIBE Committee vote on the proposed amendments to the Regulation. Quite a few of the original GDPR rules have changed so far.
GDPR ed Explainable AI - Intelligenza Artificiale e Regolamento Europeo sulla...Pietro Calorio
Brief of the panel @ CLB Fest 2018 Torino, with Daniele Magazzeni, Marco Ciurcina and Pietro Calorio.
Video (in Italian): https://www.youtube.com/watch?v=K2WCyu2uEsI
https://www.clbfest.it
https://www.youtube.com/channel/UCJKU28AkcvbcyLLoyNF2Emw/featured - https://legalhackers.org/clbfest2018/
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...AltheimPrivacy
Check out this link for the latest version: http://www.slideshare.net/EDiscoveryMap/the-eu-data-protection-reforms-impact-on-cross-border-ediscovery-27629797
The European Commission's proposal for a new General Data Protection Regulation (GDPR), represents the most significant global development in data protection law since Directive 95/46. It will considerably impact cross-border e-discovery in the EU.
10-22-13 Presentation on Google Glass and Privacy ChallengesJonathan Ezor
"Flawed Transparency: Shared Data Collection and Disclosure Challenges for Google Glass and Similar Technologies" presented by Prof. Jonathan I. Ezor of Touro Law Center for Innovation in Business, Law and Technology for the 2013 CEWIT conference in Melville, NY
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30This account is closed
Gowlings partner Paul Armitage discusses what is and isn’t unique about contracting for cloud services; key terms to look for and the differences between cloud and traditional IT services contacts; what to look for in a cloud services provider and its contract; storing data in the cloud; and tips and best practices for cloud services procurement.
The inspiration for this program was a 31-minute documentary on character actor Milton Parsons made in 2014. From 1948 to 1963, Milton and Collette Parsons created the Cookie Jar Theatre. The performers were Chatsworth children between the ages of 5 and 12. Performances were held at the American Legion Hall on Devonshire, at the Chatsworth Park Elementary Auditorium, and in private homes. Rehearsals were held at the Parsons’ residence at 10801 Farralone Ave. The photographs that follow were donated by the performers and their families.
Cookie Consent and Authorized Data Collection_Mar23.pdfAdzappier
Customer data needs safe handling, and unbridled use of various data tracking technologies can hinder data security. Therefore, business owners and marketers should emphasize identifying the potential harm of using data collection technologies.
Cookies have long been known to bring setbacks to global corporations. However, other technologies can also set a business on fire if not used responsibly.
This handbook will focus on the cookie consent requirements for businesses that deal with the European Union and U.S. customers.
Part 1: Understanding Data trackers, Consumer Data Privacy Rights, and the need for prioritizing privacy management processes within an organization.
An Overview of Web Cookies
Cookies are small pieces of text that websites place on user devices (smartphones, tablets, PCs.) Websites use cookies for a variety of reasons. While some cookies are ‘essential’ for a site’s functioning, others are placed on user devices for fulfilling specific purposes.
The essential cookies allow the proper functioning of a website’s features (such as identifying a registered user or locking users’ language preferences.) These cookies also let playing embedded videos without affecting website speeds.
On the other hand, a website can work fine without the ‘non-essential’ cookies. Websites use these cookies to gather specific information about visitors. The data collected by these cookies contain, but is not limited to:
Use activity on various pages
Individual’s web browsing history
Users IP address
Social Security Number
Payment Details
Types of cookies
Internet cookies are classified into two categories:
Based on lifespan
There are two types of cookies based on their active duration on a user device (smartphone, PC, tablet.):
Session Cookies: These cookies remain active on a browser until the user exits a website. The expiry time of session cookies varies for the ‘session duration’, the amount of time a user spends on a website.
Persistent Cookies: These are cookies used to perform deliberate data collection even after visitors exit a website. Also known as ‘tracking’ or ‘stored’ cookies, these do not get deleted when visitors leave a website. Instead, persistent cookies can stay active on user devices for up to 2 years.
There’s another type of persistent cookie called a Super Cookie. The website visitor cannot detect it as it does not land in the location where other browser cookies are stored on user devices. This type of web cookie is also notoriously hard to remove as it rebuilds upon deletion.
Based on the source of origin
Web cookies can originate from two kinds of sources:
https://adzapier.com/cookie-consent-management
EU Cookie Directive Report On Compliance In The UK And IrelandKrishna De
EU Cookie Directive - research into compliance in the UK and Ireland - original document at http://www.espiongroup.com/content/resources/Espion_White_Paper_-_EU_Cookie_Directive_-_A_User-Driven_Assessment_of_Online_Compliance_in_the_UK_and_Ireland.pdf
Vanaf 25 mei 2018 moeten alle (Magento webshops) in Europa aan de nieuwe regelgeving van de Algemene Verordering Gegevensbescherming (AVG) of GDPR (General Data Protection Regulation (GDPR) voldoen. Wat betekent dit voor Magento webshops? Een analyse door Reach Digital.
Nederlands artikel op https://reachdigital.nl/blog/checklist-algemene-verordering-gegevensbescherming-AVG-GDPR-Magento-webshops
Social business software is all about sharing content and data in a “collaborative” way to identify internal or external experts. Most of these data must be considered as personal data which is related to an individual person.
Implementing social business technologies in enterprises often leads to discussion with data protection supervisors how to be compliant with EU data protection law. This discussion gets even more challenging if you consider using social business applications in “the cloud” which might the only choice in the near future due IBMs “Cloud First” or Microsoft’s “Cloud only” delivery model.
This session will give you an overview
- about EU data protection regulations
- its implications for using social business systems
- special considerations for using cloud based social business systems
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...AltheimPrivacy
This is a new set of slides, adapted after the 10/21/2013 LIBE Committee vote on the proposed amendments to the Regulation. Quite a few of the original GDPR rules have changed so far.
GDPR ed Explainable AI - Intelligenza Artificiale e Regolamento Europeo sulla...Pietro Calorio
Brief of the panel @ CLB Fest 2018 Torino, with Daniele Magazzeni, Marco Ciurcina and Pietro Calorio.
Video (in Italian): https://www.youtube.com/watch?v=K2WCyu2uEsI
https://www.clbfest.it
https://www.youtube.com/channel/UCJKU28AkcvbcyLLoyNF2Emw/featured - https://legalhackers.org/clbfest2018/
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...AltheimPrivacy
Check out this link for the latest version: http://www.slideshare.net/EDiscoveryMap/the-eu-data-protection-reforms-impact-on-cross-border-ediscovery-27629797
The European Commission's proposal for a new General Data Protection Regulation (GDPR), represents the most significant global development in data protection law since Directive 95/46. It will considerably impact cross-border e-discovery in the EU.
10-22-13 Presentation on Google Glass and Privacy ChallengesJonathan Ezor
"Flawed Transparency: Shared Data Collection and Disclosure Challenges for Google Glass and Similar Technologies" presented by Prof. Jonathan I. Ezor of Touro Law Center for Innovation in Business, Law and Technology for the 2013 CEWIT conference in Melville, NY
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30This account is closed
Gowlings partner Paul Armitage discusses what is and isn’t unique about contracting for cloud services; key terms to look for and the differences between cloud and traditional IT services contacts; what to look for in a cloud services provider and its contract; storing data in the cloud; and tips and best practices for cloud services procurement.
The inspiration for this program was a 31-minute documentary on character actor Milton Parsons made in 2014. From 1948 to 1963, Milton and Collette Parsons created the Cookie Jar Theatre. The performers were Chatsworth children between the ages of 5 and 12. Performances were held at the American Legion Hall on Devonshire, at the Chatsworth Park Elementary Auditorium, and in private homes. Rehearsals were held at the Parsons’ residence at 10801 Farralone Ave. The photographs that follow were donated by the performers and their families.
Cookie Consent and Authorized Data Collection_Mar23.pdfAdzappier
Customer data needs safe handling, and unbridled use of various data tracking technologies can hinder data security. Therefore, business owners and marketers should emphasize identifying the potential harm of using data collection technologies.
Cookies have long been known to bring setbacks to global corporations. However, other technologies can also set a business on fire if not used responsibly.
This handbook will focus on the cookie consent requirements for businesses that deal with the European Union and U.S. customers.
Part 1: Understanding Data trackers, Consumer Data Privacy Rights, and the need for prioritizing privacy management processes within an organization.
An Overview of Web Cookies
Cookies are small pieces of text that websites place on user devices (smartphones, tablets, PCs.) Websites use cookies for a variety of reasons. While some cookies are ‘essential’ for a site’s functioning, others are placed on user devices for fulfilling specific purposes.
The essential cookies allow the proper functioning of a website’s features (such as identifying a registered user or locking users’ language preferences.) These cookies also let playing embedded videos without affecting website speeds.
On the other hand, a website can work fine without the ‘non-essential’ cookies. Websites use these cookies to gather specific information about visitors. The data collected by these cookies contain, but is not limited to:
Use activity on various pages
Individual’s web browsing history
Users IP address
Social Security Number
Payment Details
Types of cookies
Internet cookies are classified into two categories:
Based on lifespan
There are two types of cookies based on their active duration on a user device (smartphone, PC, tablet.):
Session Cookies: These cookies remain active on a browser until the user exits a website. The expiry time of session cookies varies for the ‘session duration’, the amount of time a user spends on a website.
Persistent Cookies: These are cookies used to perform deliberate data collection even after visitors exit a website. Also known as ‘tracking’ or ‘stored’ cookies, these do not get deleted when visitors leave a website. Instead, persistent cookies can stay active on user devices for up to 2 years.
There’s another type of persistent cookie called a Super Cookie. The website visitor cannot detect it as it does not land in the location where other browser cookies are stored on user devices. This type of web cookie is also notoriously hard to remove as it rebuilds upon deletion.
Based on the source of origin
Web cookies can originate from two kinds of sources:
https://adzapier.com/cookie-consent-management
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdfAdzappier
The advent of cookies since the inception of the internet has particularly helped marketers and advertisers to cash in on much profit through online users' personal data. But this is the competitive edge that only a handful of companies can enjoy anymore.
Checklist to comply with EU cookie law
Display a cookie banner on a user's first visit
Inform users of the cookies and their purposes.
Collect users' active consent
Provide users with 'accept' or 'reject' cookies button.
Give users the option to opt-in to specific cookie categories.
Provide detailed information – the name of the cookie provider, description, and cookie duration
Give users a user-friendly option to withdraw consent.
Do not use cookie walls that prevent access to the website unless the user accepts cookies.
Do not use pre-ticked boxes
Block third-party cookies until the user’s consent
Record cookie consents for proof of compliance
Do not set cookies if the user is scrolling or continuing to use a website.
Cookie wall vs. paywall, what's the difference?
A cookie wall is a mechanism wherein a user has no option other than to accept the processing of cookies to get access to the website.
Advertisers monetize content for the user to access it by either a paid subscription or subscribing with email. This is paywall.
Austrian and French DPAs have already concurred that the paywall system is valid as long as the subscription to the site gives away the content at a modest and fair cost so that users' free choice doesn't constrain.
https://adzapier.com/the-cookie-consent-guide-building-a-customer-centric-brand
Cookie Consent Regulatory Updates: How to Maintain ComplianceTrustArc
Staying up to date with the latest global cookie policy requirements can be difficult. Following the GDPR, there have been many recent rulings, legal commentary, and industry framework updates that have modified requirements – requiring organizations to stay hyper-vigilant in order to maintain cookie compliance.
As the upcoming Irish Data Protection Commission (the "DPC") October 2020 enforcement date approaches, organizations are scrambling to understand the consent mechanism updates and how to be able to stay agile enough to quickly implement future regulatory changes.
Join us as we walk through recent cookie policy updates and provide guidance on how to utilize TrustArc Cookie Consent Manager to help you meet the new regulatory requirements.
This webinar will review:
-Recent rulings and legal commentary (CJEU ruling, German Court, EDPB, Belgian DPA, Ireland DPA, and CNIL)
-Industry framework updates (IAB EU and CCPA)
-Upcoming regulatory requirements (CCPA, ePrivacy regulation)
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc
Today, more and more companies use advertising technologies (AdTech) to reach their consumers and better understand their preferences. This can lead to multiple data protection risks. Data privacy awareness is increasing due to seismic developments in the industry brought about by key players such as Google and Apple. In parallel, global regulations set stricter guidelines around the collection, storage, and use of personal data.
This is not over. With the decisions coming out soon on analytics, how will the advertising technologies landscape adjust? Ultimately, how can advertising, privacy, and data management work together?
Our panel in this webinar explored the practical steps your organization should take to ensure that its digital advertising practices are compliant with data protection laws.
This webinar reviews:
- The current practices and developments in the AdTech industry
- The laws and regulations governing AdTech
- How to address the privacy issues related to advertising technology
Marketing Meets Privacy_ What You Need to Know in 2023.pdfJohn Doyle
DrupalCon 2023 Pittsburgh Presentation: Marketing Meets Privacy, what you need to know in 2023.
Privacy legislation is rapidly evolving throughout the United States and keeping up with the new laws, regulations, and policies can be a challenge for web and marketing teams. To make it more confusing, these laws are being passed at the state level, with rules and regulations that vary by state.
In this session, we will focus on the privacy consent aspect of these laws and how this works with your web and marketing technology stacks.
In this session we will discuss:
1. Brief overview of privacy landscape in 2023
2. What do these privacy laws mean for web and marketing teams now and into the near future
3. Consent Management & Tag Managers
4. Q&A
YouTube Link: https://www.youtube.com/watch?v=22p14sCxWDQ&list=PLpeDXSh4nHjTZrlCUtl_xp87F3plT7czE&index=65
How to keep out of trouble with GDPR: The case of Facebook, Google and ExperianPECB
Short description:
In this webinar, we will be exploring the current trends, predictions and other things of relevance to GDPR enforcement. Further, we will touch on the big fines such as Facebook, Google, Experian as well as guide you how to stay out of trouble with the regulation.
Main points covered:
• A summary of ICO enforcement action in the UK over the past 12 months
• What organizations got wrong?
• The big fines – Facebook and Experian
• Trends and predictions
• How to keep out of trouble with the regulator
Presenter:
Our presenter for this webinar, James Castro-Edwards is a partner and Head of Data Protection at Wedlake Bell LLP. James advises domestic and multinational organizations on data protection issues. His experience includes managing global data protection compliance projects for multinationals and advising domestic companies on complex data protection issues. He has also developed and delivered innovative data protection training programs for multinational clients, including a data protection officers’ training course which was accredited by a European government. James leads the firm’s outsourced data protection officer service, ProDPO.
James frequently speaks on data protection and cybersecurity issues and is widely published, having written articles for a wide variety of titles including The Times and The Guardian, and wrote The Law Society textbook on the General Data Protection Regulation (GDPR).
Recorded Webinar: https://youtu.be/QAF1XXTBFyg
The new EU-US Privacy Shield, covering transatlantic exchanges of personal data for commercial purposes, went into effect in July 2016. Although this is a critical issue, many companies are not aware of the implications it has for them. What steps do companies need to take when transferring data from Europe to the US?
Audience and Google RLSA Overview from agenda21agenda21
From the "Paid Search Gets Personal" briefing by agenda21 in April 2014. Remarketing Lists for Search Ads (RLSA) case studies and advice on how to implement RLSA from agenda21 Digital at www.agenda21digital.com or call 020 7036 7000
Rhys Williams, Founding Partner at agenda21, recently presented at the IAB: World without Search Conference. He spoke about the importance of making sure your search teams and campaigns are focused on optimisation rather than admin, and also how developing Trading Algorithms can improve campaign performance.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
4. What Privacy?
“[a]n examination of 101 popular smartphone "apps" … showed that 56
transmitted the phone's unique device ID to other companies without
users' awareness or consent. Forty-seven apps transmitted the phone's
location in some way. Five sent age, gender and other personal details to
outsiders… Many apps don't offer even a basic form of consumer
protection: written privacy policies. Forty-five of the 101 apps didn't
provide privacy policies on their websites or inside the apps at the time of
testing.”
Source: Wall Street Journal
http://online.wsj.com/article/SB10001424052748704694004576020083703574602.html
7. Data Protection and the New EU Cookie Regime
ICO fines Midlothian Council £140K for
data breaches
Monday 30 January 2012 09:58
8. Data Protection and the New EU Cookie Regime
• Comprehensive European and individual Member
State privacy regimes
• Applies to all personal data, not just certain types
of data
• Applies to all businesses, not just consumer-
facing businesses
9. Data Protection and the New EU Cookie Regime
Meaning of ‘personal’ data
• Data protection protects ‘personal’ data
• Is an individual identifiable or ‘singled out’?
• ‘Anonymised’ data types can be personal:
• IP addresses
• UDID data
• Hashed data
10. Data Protection and the New EU Cookie Regime
Meaning of ‘personal’ data
• An example - QR codes
• User scans code and is directly transferred to URL
• Website collects IP address / system / date + time data
• User scans code and is routed through QR reader servers
• App publisher collects mobile UDID
• Publisher may commercialise with third parties
• Allows for mobile tracking
• Takeaway:
• Even ‘anonymised’ data can be ‘personal’…
• If it’s personal, it’s protected
11. Data Protection and the New EU Cookie Regime
Key Principles:
• Fair and lawful processing
• Limited purposes
• Adequate, relevant and not excessive
• Accurate
• Kept no longer than necessary
• Processing in accordance with the data subject's rights
• Secure
• No transfer to countries without adequate protection
12. Data Protection and the New EU Cookie Regime
Consequences of compliance failures:
• Certain breaches are criminal offences
• Regulators may impose fines – now up to £500,000 in the UK and
may be more in other EU jurisdictions
• Unlimited civil liability a possibility
• Disruption to business-critical data processing
• Complaints from customers, employees, suppliers etc.
• “Naming and shaming” – brand damage
• Loss of business
13. Data Protection and the New EU Cookie Regime
4. Cookies
Cookies – Revised E-Privacy Directive
• Implementation deadline was 25th May 2011
• Some states have implemented (including UK), some
have not
• UK:
• ICO has allowed “sunrise” period of 1 year before
it takes any enforcement action
• IAB self-regulatory approach praised by UK
Government
14. Data Protection and the New EU Cookie Regime
How ‘cookie’ requirements have changed
Member States shall ensure that the [use of electronic communications
networks to store] storing of information or [to gain] the gaining of access to
information stored in the terminal equipment of a subscriber or user is only
allowed on condition that the subscriber or user concerned [is] has given his or
her consent, having been provided with clear and comprehensive information
in accordance with Directive 95/46/EC, inter alia about the purposes of the
processing. [and is offered the right to refuse such processing by the data
controller.] This shall not prevent any technical storage or access for the sole
purpose of carrying out [or facilitating] the transmission of a communication
over an electronic communications network, or as strictly necessary in order [to
provide] for the provider of an information society service explicitly requested
by the subscriber or user to provide the service.
15. Data Protection and the New EU Cookie Regime
The new cookie consent requirement
• Exemptions
• ‘Strictly necessary’ to provide user-requested service
• Carrying out transmission across a network
• Practical consequences
• Shopping basket, security and page load cookies are OK…
• …but everything else needs some form of consent…
• …and impacts more than just cookies (any ‘pulled’ data)
• Browser and other application settings
• Permitted “where technically possible and effective”
• Regulatory view is that current browser settings are not enough
17. Data Protection and the New EU Cookie Regime
Some common misunderstandings
• “This only affects website cookie data”
• No, the requirement applies whenever storing or accessing “information”
(e.g. device fingerprinting and mobile data collection)
• “We need pop-ups to get consent”
• No, the requirement is only to get consent. How to do this is up to you
• “Individuals must expressly consent”
• No, with sufficient notice and control, consent for some cookies can be
implied from a user’s action or inaction.
18. Data Protection and the New EU Cookie Regime Complying
with cookie legislation
• Step 1: Assess use of cookies
• Step 2: Identify necessity / intrusiveness
• Step 3: Enhance disclosures
• Step 4: Implement a consent strategy
20. Data Protection and the New EU Cookie Regime
Step 2. Assess intrusiveness
Points to consider:
2. Cookie purpose
Session
3. Cookie expiry
4. Website itself
1st party session cookie 3rd party session cookie 5. Flash cookies
(e.g. language preference) (e.g. secure payment)
1st party 3rd party
1st party persistent cookie
(e.g. website analytics)
3rd party persistent cookie
(e.g. targeted advertising)
Persistent
21. Data Protection and the New EU Cookie Regime
Step 3. Enhance disclosures
…the benefits of
data minimisation!
22. Data Protection and the New EU Cookie Regime
Step 4: Implement a consent strategy
ICO Guidance on the rules on use of cookies and similar technologies
December 2011
The Regulations require that users or subscribers consent. Directive 95/46/EC (the
Data Protection Directive on which the UK Data Protection Act 1998 (the DPA) is
based) defines ‘the data subject’s consent’ as:
‘any freely given specific and informed indication of his wishes by which the
data subject signifies his agreement to personal data relating to him being
processed’.
Consent must involve some form of communication where the individual knowingly
indicates their acceptance. This may involve clicking an icon, sending an email or
subscribing to a service. The crucial consideration is that the individual must fully
understand that by the action in question they will be giving consent.
23. Data Protection and the New EU Cookie Regime
Step 4: Implement a consent strategy
• No certainty as to what will be required
• Pop-up windows? Consent Banners?
• Implied consent?
• Limited intrusiveness
• Enhanced notice
• Real control
24. Data Protection and the New EU Cookie Regime Complying
with cookie legislation
• Step 5: Other practical measures
• Always provide an opt out
• Cookies
• Anonymise and encrypt
• Use session cookies vs. persistent cookies
• Reduce cookie expiry periods
• Remove redundant cookies
• Identify quick wins
• Website registration / other customer interaction points
• Mobile app download / opening
25. Data Protection and the New EU Cookie Regime Complying
with cookie legislation
• Step 5: Other practical measures (cont):
• Internal processes / procedures
• Implement internal standards for authorising new cookie use
• Identify who should authorise – legal, IT, marketing?
• Consider a ‘one in, one out’ approach
• Maintain a cookie log + require periodic review
• Third party providers (ad networks / analytics etc.)
• Due diligence – do your providers observe good data hygiene standards?
• Apportion compliance responsibility
• Ensure contract reflects agreed roles
• Don’t accept bad behaviour
• Role of self-regulatory compliance / market practice
26. Data Protection and the New EU Cookie Regime
Cookie transparency
1. Highlight new information to visitors
2. Be more descriptive