In a data driven economy, analysts must be concerned with how data is collected, processed and subsequently used to improve online customer experiences, during those moments that matter.
Unlocking Value & Controlling Risk by #MindYourPrivacy
Does your company adequately manage and control the Data Life Cycle? Are you aware of European Privacy fines? Did the Target security breach that emanated through a 3rd party worry you and make you wonder about where to start?
LexisNexis Webinar: Mobile Privacy: An Overview of Legal and Legislative Deve...VALLOYD
This document summarizes a webinar on mobile privacy developments presented by Mary Ellen Callahan of Jenner & Block and Orrie Dinstein of GE Capital. It discusses regulatory updates from the FTC and California AG, enforcement trends, proposed legislation, and issues around bring your own devices (BYOD) policies. The webinar covered the exponential growth of mobile usage, calls for privacy by design, recommendations for transparency from regulators, and international guidance from groups like the Article 29 Working Party. Litigation risks were also examined, such as claims under unfair trade practices laws or the Telephone Consumer Protection Act.
This document discusses several legal and ethical issues related to online marketing and e-commerce. It covers topics such as privacy laws regarding collection and use of consumer data, monitoring of employee internet usage, intellectual property laws, taxation of online sales, and revenue recognition standards for internet companies. Specific acts and laws addressed include the Financial Services Modernization Act, the Children's Online Privacy Protection Act, the Digital Millennium Copyright Act, and standards from the Financial Accounting Standards Board regarding internet business accounting.
The document provides an overview of ethics, legislation, and privacy issues related to big data. It discusses the necessity of regulating big data and the differences between privacy and data protection. It also provides details on the General Data Protection Regulation (GDPR), including its goals, requirements for companies, and individual rights it aims to protect.
This document discusses several key legal and moral issues surrounding e-commerce:
1. The Data Protection Act protects individual privacy and sets standards for handling personal data. It was updated in 1998 and 2000 to incorporate EU directives.
2. The Copyright Act protects copyrighted works including software, music, and literature. It is illegal to copy, distribute, or transmit pirated software.
3. The Computer Misuse Act criminalizes unauthorized access to computer systems and data as well as hacking in response to issues in the 1980s.
4. Civil liberties groups advocate for privacy, free expression, and access to information online, while addressing issues like access to personal data and forced software upgrades.
This document provides an overview of the key ethical and legal issues related to e-marketing discussed in Chapter 5 of the textbook. It covers topics such as ethics and ethical codes, the debate around self-regulation versus government regulation, privacy issues both generally and within digital contexts, international privacy regulations, different types of digital property like copyrights and trademarks, and emerging issues. The document summarizes the main points on each topic at a high-level in a concise manner.
1. Some businesses engage in unethical practices like spamming to increase sales, as there are limited online laws and enforcement is done by users.
2. It is important for businesses to have ethical policies and protect customer privacy and security in order to build trust with online customers.
3. Laws aim to protect children's privacy and safety online by restricting data collection and requiring schools to use filtering software. Parents can also monitor children's internet use.
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
There is no federal law governing privacy and data security applicable to all US citizens. Rather, individual states and regulatory agencies have created a patchwork of protections that may overlap in certain industries.
This webinar provides an overview of the many privacy and data security laws and regulations which may impact your business, from the state law protecting personal information to regulations covering the financial services industry to state breach notification laws.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-2020/
This document provides an overview of data privacy for governmental organizations. It discusses what data privacy is, the risks associated with it such as identity theft, and common laws around data privacy including California state laws. It recommends that organizations take an inventory of their data, develop privacy policies and training, and ensure proper system monitoring and controls. The document emphasizes being proactive on data privacy issues.
LexisNexis Webinar: Mobile Privacy: An Overview of Legal and Legislative Deve...VALLOYD
This document summarizes a webinar on mobile privacy developments presented by Mary Ellen Callahan of Jenner & Block and Orrie Dinstein of GE Capital. It discusses regulatory updates from the FTC and California AG, enforcement trends, proposed legislation, and issues around bring your own devices (BYOD) policies. The webinar covered the exponential growth of mobile usage, calls for privacy by design, recommendations for transparency from regulators, and international guidance from groups like the Article 29 Working Party. Litigation risks were also examined, such as claims under unfair trade practices laws or the Telephone Consumer Protection Act.
This document discusses several legal and ethical issues related to online marketing and e-commerce. It covers topics such as privacy laws regarding collection and use of consumer data, monitoring of employee internet usage, intellectual property laws, taxation of online sales, and revenue recognition standards for internet companies. Specific acts and laws addressed include the Financial Services Modernization Act, the Children's Online Privacy Protection Act, the Digital Millennium Copyright Act, and standards from the Financial Accounting Standards Board regarding internet business accounting.
The document provides an overview of ethics, legislation, and privacy issues related to big data. It discusses the necessity of regulating big data and the differences between privacy and data protection. It also provides details on the General Data Protection Regulation (GDPR), including its goals, requirements for companies, and individual rights it aims to protect.
This document discusses several key legal and moral issues surrounding e-commerce:
1. The Data Protection Act protects individual privacy and sets standards for handling personal data. It was updated in 1998 and 2000 to incorporate EU directives.
2. The Copyright Act protects copyrighted works including software, music, and literature. It is illegal to copy, distribute, or transmit pirated software.
3. The Computer Misuse Act criminalizes unauthorized access to computer systems and data as well as hacking in response to issues in the 1980s.
4. Civil liberties groups advocate for privacy, free expression, and access to information online, while addressing issues like access to personal data and forced software upgrades.
This document provides an overview of the key ethical and legal issues related to e-marketing discussed in Chapter 5 of the textbook. It covers topics such as ethics and ethical codes, the debate around self-regulation versus government regulation, privacy issues both generally and within digital contexts, international privacy regulations, different types of digital property like copyrights and trademarks, and emerging issues. The document summarizes the main points on each topic at a high-level in a concise manner.
1. Some businesses engage in unethical practices like spamming to increase sales, as there are limited online laws and enforcement is done by users.
2. It is important for businesses to have ethical policies and protect customer privacy and security in order to build trust with online customers.
3. Laws aim to protect children's privacy and safety online by restricting data collection and requiring schools to use filtering software. Parents can also monitor children's internet use.
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
There is no federal law governing privacy and data security applicable to all US citizens. Rather, individual states and regulatory agencies have created a patchwork of protections that may overlap in certain industries.
This webinar provides an overview of the many privacy and data security laws and regulations which may impact your business, from the state law protecting personal information to regulations covering the financial services industry to state breach notification laws.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-2020/
This document provides an overview of data privacy for governmental organizations. It discusses what data privacy is, the risks associated with it such as identity theft, and common laws around data privacy including California state laws. It recommends that organizations take an inventory of their data, develop privacy policies and training, and ensure proper system monitoring and controls. The document emphasizes being proactive on data privacy issues.
This document discusses various legal issues related to the use of social data, including copyright, right of publicity, trademarks, defamation, content regulation, marketing, workplace issues, and due diligence. It notes that many businesses and individuals lack an understanding of the applicable legal requirements and risks, such as content removal, penalties, and lost opportunities. It provides an overview of key areas of law and encourages learning the "rules of the road" to avoid these risks when creating, commercializing, and enforcing rights related to content and speech online or in other digital contexts.
Big Data and Big Law at Walmart - StampedeCon 2013StampedeCon
At the StampedeCon 2013 Big Data conference in St. Louis, Anthony Martin, Chief Privacy and Information Security Counsel at Walmart, presented Big Data and Big Law at Walmart. This is the story of one global, multichannel company’s walk through the increasingly complicated Legal, Compliance, Security maze while trying to recognize the implicit value of Big Data programs.
This document discusses social media risks and related laws. It covers how conversations on social media can become publications with legal implications. Some key topics discussed include privacy risks from sharing personal information and companies monitoring employees' social media, intellectual property risks like copyright infringement, and defamation risks from making untrue statements about others. The document also examines how various laws like privacy acts, harassment laws, and intellectual property laws apply in the social media context.
Ethical, Social, and Political Issues in E-commerceNor Ayuzi Deraman
Internet, like other technologies, can:
Enable new crimes
Affect environment
Threaten social values
Costs and benefits must be carefully considered, especially when there are no clear-cut legal or cultural guidelines
This document discusses major legal and ethical issues in electronic commerce, including privacy, intellectual property, free speech, taxation, and consumer protection. It covers how private information is collected online through cookies, site registration, and other methods. Key principles of privacy protection and the EU's Data Privacy Directive are examined. Issues relating to intellectual property such as copyrights, patents, trademarks, and censorship are also summarized. The rise of mobile commerce and location-based commerce are then outlined, along with attributes, drivers, and generations of mobile networks including 3G and its capabilities and adoption. Finally, obstacles to mobile and location-based commerce are briefly noted.
This document discusses data privacy fundamentals and attacks. It begins with definitions of data privacy and the need to protect personally identifiable information. It then outlines common data privacy threats like phishing, malware, and improper access. The document also examines access control models and regulations around data protection. Overall, it provides an introduction to key concepts in data privacy and security risks to consider.
This document discusses the importance of protecting personally identifiable information (PII) and complying with relevant laws and regulations. It covers what constitutes PII, why protection is critical to avoid identity theft, financial penalties, and reputational damage. Key aspects of PII management discussed include the storage, sensitivity, encryption of data, multi-jurisdictional issues, data ownership, procedures, and system needs across the data lifecycle. Major US privacy laws like FCRA and GLBA that regulate how PII is collected and used are also summarized.
The EU’s General Data Protection Regulation (GDPR) is the most significant change to consumer privacy laws in decades and the enforcement date is approximately 1 month away. The standards for data collection and use in the EU will significantly differ from those in the United States. This session will breakdown the differences and discuss methods for compliance going forward.
PRESENTER
Gary Kibel, Partner, Davis & Gilbert LLP @GaryKibel
The document discusses protecting customer privacy with SaaS solutions and the cloud. It provides an overview of speakers Aurelie Pols and Blair Reeves and their discussion on balancing measurement needs with privacy. Key topics covered include existing and emerging private sector privacy laws, expectations around privacy legislation, and challenges around customer data and the cloud.
This document discusses various legal and ethical issues related to using social media as a lawyer. It addresses topics such as attorney-client relationships, client confidentiality, trial publicity, fee splitting, cloud storage of client files, ex parte communications, and relationships with judges and jurors on social media. The document also covers privacy laws, liability for user-generated content, cybersecurity, laws regarding minors and social media, and ethical guidelines for attorneys' use of social media.
This presentation talks about the Legal instrumentation in e-commerce industry in International market. It draws attention towards major legal issues in this industry and I have tried to find out the best solutions of some of them
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...Vivastream
This document discusses the legal risks of data collection, storage, and use in marketing. It notes that while data can provide benefits, over-collection poses risks. The document outlines what types of personal data are commonly collected from various online and offline sources, and why (for purposes like marketing, risk assessment, and fraud prevention). However, collecting more data than necessary violates the Collection Limitation Principle. The document also discusses consumer and policymaker attitudes toward privacy and data use, as well as recent privacy controversies and breaches involving companies like Google, Apple, and comScore. It emphasizes having a data governance plan and security response plan to properly assess needs and address vulnerabilities.
Personal Data Privacy and Information SecurityCharles Mok
The document discusses personal data protection, privacy, and information security issues in Hong Kong. It provides an overview of Hong Kong's Personal Data Protection Ordinance, which regulates the handling of personal data and establishes six data protection principles. It notes incidents of data leakage in Hong Kong and emerging issues around topics like social media, online anonymity, and information security threats potentially posed by governments. Resources on privacy and information security in Hong Kong are also listed.
This document summarizes a presentation on electronic commerce regulation in Africa. It discusses how countries can benefit from electronic commerce by assessing their policy and legal frameworks. It provides an overview of global electronic commerce trends and regulations, including models from UNCITRAL, the African Union, SADC, ECOWAS, and various countries. The presentation explores issues around developing enabling environments for e-commerce and regulating areas like electronic transactions, data protection, cybercrime, and intellectual property. It also discusses challenges African countries face in developing appropriate ICT policies and legal frameworks to promote regional economic integration and access to the global digital economy.
This document provides a summary of 3 key chapters from the 8th edition of the textbook "e-commerce, business. technology. society" by Kenneth C. Laudon and Carol Guercio Traver.
The first chapter discusses ethics, law, and e-commerce in virtual worlds like Second Life, including what constitutes mischief, banned behaviors, and debates around enforcing real-world laws. The second chapter covers understanding ethical issues in e-commerce related to privacy, intellectual property, governance, and public safety. The third chapter examines legal and technological approaches to protecting privacy, including the types of data collected online, profiling and behavioral targeting, and the FTC's evolving privacy framework.
TechWeek Chicago 2012 was great success. Packed room with entrepreneurs eager to understand legal issues facing their business. If you were unable to attend, here is my portion of the presentation.
From the FinTech Webinar Series. Explores:
1. Storage and Processing of Data in “the Cloud”
2. Mobile Devices and Mobile Apps
3. “Big Data”
4. Security and Privacy Issues in Third-Party Contracts
5. Data Security and Corporate Governance
6. International Privacy and Data Security
7. Data Security as a National Security Concern: Legislation and Executive Initiatives
This document discusses e-marketing ethical and legal issues. It begins by defining e-marketing and how information technology has transformed marketing strategies. It then examines key issues like privacy concerns, intellectual property laws, software piracy, self-regulation challenges, and protecting digital property and online expression. Emerging topics like online governance, jurisdiction, and fraud prevention are also covered. The goal is to analyze important considerations at the intersection of ethics, law, and digital marketing.
This document discusses upcoming changes to EU privacy regulations and the implications for companies collecting personal data from EU citizens. It notes that the current EU privacy rules are outdated and a new regulation will standardize privacy compliance across all EU member states. The new regulation is expected to be approved in 2013 and will impose much stricter consent requirements for data collection and fines of up to 2% of global revenue for noncompliance. It also discusses new rights like the right to be forgotten and data portability. Companies that do not update their privacy practices risk losing customer trust and facing large fines once the new rules are enforced.
The document discusses privacy laws and regulations in different jurisdictions. It compares the approaches to privacy and personal data protection in the US, UK, and EU. It also outlines some of the key differences between common law and continental legal systems as they relate to privacy. Furthermore, it provides an overview of different types of personal information classified as personally identifiable information (PII) in various US states and discusses risk levels for data in the US versus EU contexts.
This document discusses various legal issues related to the use of social data, including copyright, right of publicity, trademarks, defamation, content regulation, marketing, workplace issues, and due diligence. It notes that many businesses and individuals lack an understanding of the applicable legal requirements and risks, such as content removal, penalties, and lost opportunities. It provides an overview of key areas of law and encourages learning the "rules of the road" to avoid these risks when creating, commercializing, and enforcing rights related to content and speech online or in other digital contexts.
Big Data and Big Law at Walmart - StampedeCon 2013StampedeCon
At the StampedeCon 2013 Big Data conference in St. Louis, Anthony Martin, Chief Privacy and Information Security Counsel at Walmart, presented Big Data and Big Law at Walmart. This is the story of one global, multichannel company’s walk through the increasingly complicated Legal, Compliance, Security maze while trying to recognize the implicit value of Big Data programs.
This document discusses social media risks and related laws. It covers how conversations on social media can become publications with legal implications. Some key topics discussed include privacy risks from sharing personal information and companies monitoring employees' social media, intellectual property risks like copyright infringement, and defamation risks from making untrue statements about others. The document also examines how various laws like privacy acts, harassment laws, and intellectual property laws apply in the social media context.
Ethical, Social, and Political Issues in E-commerceNor Ayuzi Deraman
Internet, like other technologies, can:
Enable new crimes
Affect environment
Threaten social values
Costs and benefits must be carefully considered, especially when there are no clear-cut legal or cultural guidelines
This document discusses major legal and ethical issues in electronic commerce, including privacy, intellectual property, free speech, taxation, and consumer protection. It covers how private information is collected online through cookies, site registration, and other methods. Key principles of privacy protection and the EU's Data Privacy Directive are examined. Issues relating to intellectual property such as copyrights, patents, trademarks, and censorship are also summarized. The rise of mobile commerce and location-based commerce are then outlined, along with attributes, drivers, and generations of mobile networks including 3G and its capabilities and adoption. Finally, obstacles to mobile and location-based commerce are briefly noted.
This document discusses data privacy fundamentals and attacks. It begins with definitions of data privacy and the need to protect personally identifiable information. It then outlines common data privacy threats like phishing, malware, and improper access. The document also examines access control models and regulations around data protection. Overall, it provides an introduction to key concepts in data privacy and security risks to consider.
This document discusses the importance of protecting personally identifiable information (PII) and complying with relevant laws and regulations. It covers what constitutes PII, why protection is critical to avoid identity theft, financial penalties, and reputational damage. Key aspects of PII management discussed include the storage, sensitivity, encryption of data, multi-jurisdictional issues, data ownership, procedures, and system needs across the data lifecycle. Major US privacy laws like FCRA and GLBA that regulate how PII is collected and used are also summarized.
The EU’s General Data Protection Regulation (GDPR) is the most significant change to consumer privacy laws in decades and the enforcement date is approximately 1 month away. The standards for data collection and use in the EU will significantly differ from those in the United States. This session will breakdown the differences and discuss methods for compliance going forward.
PRESENTER
Gary Kibel, Partner, Davis & Gilbert LLP @GaryKibel
The document discusses protecting customer privacy with SaaS solutions and the cloud. It provides an overview of speakers Aurelie Pols and Blair Reeves and their discussion on balancing measurement needs with privacy. Key topics covered include existing and emerging private sector privacy laws, expectations around privacy legislation, and challenges around customer data and the cloud.
This document discusses various legal and ethical issues related to using social media as a lawyer. It addresses topics such as attorney-client relationships, client confidentiality, trial publicity, fee splitting, cloud storage of client files, ex parte communications, and relationships with judges and jurors on social media. The document also covers privacy laws, liability for user-generated content, cybersecurity, laws regarding minors and social media, and ethical guidelines for attorneys' use of social media.
This presentation talks about the Legal instrumentation in e-commerce industry in International market. It draws attention towards major legal issues in this industry and I have tried to find out the best solutions of some of them
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...Vivastream
This document discusses the legal risks of data collection, storage, and use in marketing. It notes that while data can provide benefits, over-collection poses risks. The document outlines what types of personal data are commonly collected from various online and offline sources, and why (for purposes like marketing, risk assessment, and fraud prevention). However, collecting more data than necessary violates the Collection Limitation Principle. The document also discusses consumer and policymaker attitudes toward privacy and data use, as well as recent privacy controversies and breaches involving companies like Google, Apple, and comScore. It emphasizes having a data governance plan and security response plan to properly assess needs and address vulnerabilities.
Personal Data Privacy and Information SecurityCharles Mok
The document discusses personal data protection, privacy, and information security issues in Hong Kong. It provides an overview of Hong Kong's Personal Data Protection Ordinance, which regulates the handling of personal data and establishes six data protection principles. It notes incidents of data leakage in Hong Kong and emerging issues around topics like social media, online anonymity, and information security threats potentially posed by governments. Resources on privacy and information security in Hong Kong are also listed.
This document summarizes a presentation on electronic commerce regulation in Africa. It discusses how countries can benefit from electronic commerce by assessing their policy and legal frameworks. It provides an overview of global electronic commerce trends and regulations, including models from UNCITRAL, the African Union, SADC, ECOWAS, and various countries. The presentation explores issues around developing enabling environments for e-commerce and regulating areas like electronic transactions, data protection, cybercrime, and intellectual property. It also discusses challenges African countries face in developing appropriate ICT policies and legal frameworks to promote regional economic integration and access to the global digital economy.
This document provides a summary of 3 key chapters from the 8th edition of the textbook "e-commerce, business. technology. society" by Kenneth C. Laudon and Carol Guercio Traver.
The first chapter discusses ethics, law, and e-commerce in virtual worlds like Second Life, including what constitutes mischief, banned behaviors, and debates around enforcing real-world laws. The second chapter covers understanding ethical issues in e-commerce related to privacy, intellectual property, governance, and public safety. The third chapter examines legal and technological approaches to protecting privacy, including the types of data collected online, profiling and behavioral targeting, and the FTC's evolving privacy framework.
TechWeek Chicago 2012 was great success. Packed room with entrepreneurs eager to understand legal issues facing their business. If you were unable to attend, here is my portion of the presentation.
From the FinTech Webinar Series. Explores:
1. Storage and Processing of Data in “the Cloud”
2. Mobile Devices and Mobile Apps
3. “Big Data”
4. Security and Privacy Issues in Third-Party Contracts
5. Data Security and Corporate Governance
6. International Privacy and Data Security
7. Data Security as a National Security Concern: Legislation and Executive Initiatives
This document discusses e-marketing ethical and legal issues. It begins by defining e-marketing and how information technology has transformed marketing strategies. It then examines key issues like privacy concerns, intellectual property laws, software piracy, self-regulation challenges, and protecting digital property and online expression. Emerging topics like online governance, jurisdiction, and fraud prevention are also covered. The goal is to analyze important considerations at the intersection of ethics, law, and digital marketing.
This document discusses upcoming changes to EU privacy regulations and the implications for companies collecting personal data from EU citizens. It notes that the current EU privacy rules are outdated and a new regulation will standardize privacy compliance across all EU member states. The new regulation is expected to be approved in 2013 and will impose much stricter consent requirements for data collection and fines of up to 2% of global revenue for noncompliance. It also discusses new rights like the right to be forgotten and data portability. Companies that do not update their privacy practices risk losing customer trust and facing large fines once the new rules are enforced.
The document discusses privacy laws and regulations in different jurisdictions. It compares the approaches to privacy and personal data protection in the US, UK, and EU. It also outlines some of the key differences between common law and continental legal systems as they relate to privacy. Furthermore, it provides an overview of different types of personal information classified as personally identifiable information (PII) in various US states and discusses risk levels for data in the US versus EU contexts.
The document describes several everyday activities: a student reading in a college library; students discussing homework in a guided group with their teacher; a bus driver cautiously transporting passengers through crowded areas; a doctor examining a patient with heart disease who is smiling; an experienced pilot flying a plane without fear; and a nurse checking on a patient in a public hospital.
Presentación del Webinar de nuestra hermana Mind Your Privacy y Cardinal Path
En el actual escenario digital, más que nunca los analistas, marketeros y demás profesionales de datos deben conocer los cambios en las normativas nacionales e internacionales así como una serie de principios básicos para respetar la privacidad y la protección de los que sus datos recogen.
Digital Marketing meets Privacy
1. Dokumen tersebut membahas tentang Desa Mude Nosar, termasuk letak, kondisi geografis, keadaan penduduk, potensi sumber daya, sarana dan prasarana, perekonomian, sosial, dan administrasi pemerintahan desa.
2. Terdapat beberapa masalah yang diidentifikasi selama observasi yaitu bidang pertanian, hukum, pendidikan, kesehatan, dan kewirausahaan.
3. Dibahas pula latar belakang pelaks
1. Perawatan Metode Kanguru (PMK) merupakan perawatan bayi berat lahir rendah atau prematur dengan kontak kulit langsung antara bayi dan ibu untuk menghangatkan dan menyusui bayi.
2. PMK membantu menstabilkan bayi, menurunkan infeksi dan kematian bayi, serta meningkatkan pertumbuhan bayi dan pemberian ASI.
3. PMK dapat dilakukan secara terus-menerus atau terputus, dengan pos
Rita Taylor created a visual resume using photos from Flickr to tell her career story in a non-traditional way. The photos show her time working for JP Morgan Chase bank and as a property manager, before deciding it was time for change. She then went back to school to pursue her dream and is now the owner of her own business, Spiritual Gifts Creations. The visual resume uses photos to highlight her unique skills and experiences.
Dokumen tersebut merupakan daftar riwayat hidup dari Cut Nurhayana yang berisi data pribadi seperti nama, tempat dan tanggal lahir, jenis kelamin, status, agama, kewarganegaraan, alamat, nomor telepon, golongan darah, keahlian bahasa, pendidikan yang pernah di tempuh di SD, SMP dan SMA, serta kemampuan yang dimiliki seperti mampu bekerja dalam tim, berkomunikasi dengan baik, dan mudah menyesuaikan diri
This document uses a metaphor of a family as a tree to express gratitude towards a father. It describes the father as the roots who planted the seeds (children) and provided nutrients and stability for the family to grow over time. Through photos at different stages, it shows the children first as seeds and then as seedlings who grew taller together with the father as the roots supporting the family tree through guidance, teaching, and unconditional love over many years.
- Nuclear fission is a nuclear reaction in which the nucleus of an atom splits into smaller parts, releasing large amounts of energy. Uranium-235 is commonly used in nuclear fission, where a neutron causes its nucleus to split into lighter elements like barium and krypton, along with more neutrons.
- This can trigger a self-sustaining chain reaction where the released neutrons cause other uranium atoms to split. The rate of fission (R) must be maintained to have a steady reaction. Radioactive decay was discovered in 1896 and provided insights into nuclear energy generation.
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...FLUZO
In a data driven economy, analysts must be concerned with how data is collected, processed and subsequently used to improve online customer experiences, during those moments that matter.
Unlocking Value & Controlling Risk by #MindYourPrivacy
- Ensure you have proper notice, consent, and access policies in place when collecting or using personal data
- Only collect and use data for the specific purposes it was provided and for which consent was given
- Handle all data securely and ensure it is stored and transmitted safely, especially if transferring across borders
- Be aware of relevant privacy laws in all locations where data is collected or used to ensure compliance
- Consider how the data could help improve processes, products, or services but respect the individual's privacy
The objective of this module is to gain an overview of the ethics surrounding big data and the legislation that governs it.
Upon completion of this module you will:
- Gain knowledge on how to recognize the necessity of regulating big data
- Obtain an understanding of the difference between privacy and data protection
- Understand the need to implement data protection actions into your own business
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...Aurélie Pols
Advertisers are collecting as much data as possible in order to sell finely targeted audiences to corporations. Privacy advocates are trying to wake up the populace to the continuous loss of civil liberties. Marketers are just trying to use the best tools to sell more stuff without alienating the public. Aurélie offers up a global view privacy rules and regulations to highlight how the upcoming European Union Personal Data Protection Regulation will influence digital analytics around the world. Then David identifies key data collection and usage issues and discusses ways to obtain the data we need while maintaining the trust and confidence of those we need to reach.
This document discusses privacy issues related to drones, IoT, and cross-border data regulations. It provides an overview of privacy laws and approaches in the US, EU, and Canada. The US takes a sectoral approach to privacy while the EU uses a comprehensive approach. Drones pose new privacy challenges regarding reasonable expectations of privacy. IoT devices increase risks of malfunctions, hacking, and privacy/security breaches. Risk from IoT will be greatest for first-generation devices. The document recommends identifying and minimizing privacy risks through measures like privacy impact assessments.
This document summarizes issues related to privacy and emerging technologies. It discusses how technologies like body cameras, big data, and the internet of things impact privacy based on international human rights standards. Specific concerns addressed include behavioral marketing, data aggregation, metadata collection, and government surveillance partnerships with private companies. The document advocates that any reforms around these issues must consider the close relationship between companies and governments when it comes to accessing people's personal information.
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Financial Poise
The United States has no federal data security or privacy law covering all businesses or all U.S. citizens. Instead, federal agencies and individual states have created their own patchwork of laws and regulations which must be evaluated for their application to a business.
This webinar will help you navigate the overlapping and sometimes confusing system of laws and regulations which may impact your business, ranging from emerging state-level privacy legislation to the numerous data breach notification statutes to cybersecurity regulations with extraterritorial effect.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-regulations-and-requirements-2021/
The objective of this module is to gain an overview of the ethics surrounding big data and the legislation that governs it.
Upon completion of this module you will:
- Gain knowledge on how to recognize the necessity of regulating big data
- Obtain an understanding of the difference between privacy and data protection
- Understand the need to implement data protection actions into your own business
The objective of this module is to gain an overview of the ethics surrounding big data and the legislation that governs it.
Upon completion of this module you will:
- Gain knowledge on how to recognize the necessity of regulating big data
- Obtain an understanding of the difference between privacy and data protection
- Understand the need to implement data protection actions into your own business
Age Friendly Economy - Legislation and Ethics of Data UseAgeFriendlyEconomy
Upon completion of this module you will:
- Be able to recognize the necessity of regulating big data
- Understand the difference between privacy and data protection
- Know how to implement actions of data protection into your own (future) company
Duration of the module: approximately 1 – 2 hours
The objective of this module is to gain an overview of the ethics surrounding big data and the legislation that governs it.
Upon completion of this module you will:
- Gain knowledge on how to recognize the necessity of regulating big data
- Obtain an understanding of the difference between privacy and data protection
- Understand the need to implement data protection actions into your own business
Presentation by Aurélie Pols at Superweek Hungary 2014. This presentation is NOT about security and goes beyond the over-blown cookie debate in order to highlight how the upcoming EU Personal Data Protection Regulation will influence digital analytics to hopefully start embracing Privacy by Design ways of working.
IoT & Big Data - A privacy-oriented view of the futureFacundo Mauricio
Understanding the future based on the current technology, with a focus on Big Data and Internet of Things (IoT). A discussion of privacy and personal information and how it affects us.
All levels of society rely upon information technology systems. Network operations are pervasive and impact nearly every aspect of our society. The desire of companies to collect, use, store, and secure information about customers, employees, and other individuals is a requirement of the new economy. It is no wonder that the prevalence of electronic communications and a growing dependency on cyber structures and operations also create potential vulnerabilities to cyberattacks. It is critical to preserve information systems and address and prevent weaknesses in cyber protection efforts. This webinar examines the means for companies to reach data goals ethically, efficiently and legally. Best practices and model comprehensive privacy and cybersecurity policies are discussed. And, data breach response and related litigation, including class action litigation issues and fiduciary duty violations under corporate law, are discussed.
To view the accompanying webinar, go to:
https://www.financialpoise.com/financial-poise-webinars/data-privacy-compliance-2020/
USA and Europe (EU) do have a different way of looking into privacy. This PPT is about who is responsible and what kind of rules are in place. This is a A Medved Consultants LLC Presentation. This may not be considered as a legal advice.
Introduction to US Privacy and Data Security: Regulations and RequirementsFinancial Poise
The United States has no federal data security or privacy law covering all businesses or all U.S. citizens. Instead, federal agencies and individual states have created their own patchwork of laws and regulations which must be evaluated for their application to a business.
This webinar will help you navigate the overlapping and sometimes confusing system of laws and regulations which may impact your business, ranging from emerging state-level privacy legislation to the numerous data breach notification statutes to cybersecurity regulations with extraterritorial effect.
Part of the webinar series: CYBERSECURITY & DATA PRIVACY 2022
See more at https://www.financialpoise.com/webinars/
The document provides an overview of legislation and privacy issues related to big data. It discusses the General Data Protection Regulation (GDPR), the new European Union legislation that gives individuals more control over their personal data and how it is used. The GDPR was drafted to update old data protection laws that did not account for how data is currently collected and used. It introduces stricter rules and penalties to improve privacy as data collection and use increases. The document explains key aspects of the GDPR such as its goals, when it will apply, who it applies to, and consequences for non-compliance.
All levels of society rely upon information technology systems. Network operations are pervasive and impact nearly every aspect of our society. The desire of companies to collect, use, store, and secure information about customers, employees, and other individuals is a requirement of the new economy. It is no wonder that the prevalence of electronic communications and a growing dependency on cyber structures and operations also create potential vulnerabilities to cyberattacks. It is critical to preserve information systems and address and prevent weaknesses in cyber protection efforts. This webinar examines the means for companies to reach data goals ethically, efficiently and legally. The panel will also discuss the evolving regulatory approaches of the European Union, United States Federal government and significant developments in U.S. state regimes, including California. Best practices and model comprehensive privacy and cybersecurity policies are discussed. And, data breach response and related litigation, including class action litigation issues and fiduciary duty violations under corporate law, are discussed.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/data-privacy-compliance-2021/
Data Privacy & Protection Conference - Unlocking the Value of Digital Ethics
Boussias communication presentation, Athens June 23rd 2016 http://dataprivacy.boussiasconferences.gr/default.asp?pid=12&la=1&SpeakerId=1
Similar to IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Blair Reeves (20)
Guia Social Media de Tercera Generación. El fin del experimento, el inicio de...FLUZO
Este documento describe la evolución de las estrategias de medios sociales en España y propone la llegada de una "tercera generación". Argumenta que las primeras empresas en España abordaron los medios sociales como un experimento sin objetivos claros o medición de resultados. Ahora, las empresas deben alinear sus estrategias de medios sociales con sus objetivos generales de negocio y centrarse en crear valor para los clientes, no sólo para aumentar su presencia en las plataformas. El documento también presenta un modelo alternativo para ayudar a las empresas a
Monetize your digital channel to prioritize potential opportunitiesFLUZO
Presentation by Aurélie Pols at Superweek 2014 (Hungary). The objectives of the session are to provide a simple and practical approach to classic and reverse monetization and learn how to prioritize your opportunities within your company.
- What are the biggest obstacles companies face to be successful in Digital Analytics?
- Do you want to continue being a reporting monkey?
- How to monetize?
- What if my website doesn´t sell?
- What´s the value of a lead and a visit?
- Monetizing different types of sites behaviors
- Common roadblocks to monetizing behaviors
- and much more ;)
Social Media o Social Data: ¿qué contribuye más a tu negocio? FLUZO
Presentación de René Dechamps en la Jornada Social Media ROI 2013 #SMROI organizada el pasado 3 de diciembre en Madrid por Madrid Emprende y Econred.es
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...FLUZO
This is Aurélie Pols presentation at Strata London Conference last 11-13 November.
It is in English and starts by revisiting the common best practices related to digital analytics in order to measure digital asset’s effectiveness to increase conversion, common data feeds between tools and possibly data flows between continents for analysis.
These practices are then put in parallel with legal requirements, showing which steps need to be undertaken to assure legal compliance of said practices, how digital responsibles should be trained in data protection matters and what contracts are needed with both data providers & collectors so as to assure minimal liability for these routinely undertaken tasks.
This presentation is NOT about security and goes beyond the over-blown cookie debate in order to highlight how the upcoming EU Personal Data Protection Regulation will influence digital analytics to hopefully start embracing Privacy by Design ways of working.
Llega la Guía de Privacidad en el Móvil: ¿cómo se obtiene el consentimiento de los usuarios de apps y web móvil?
Mind Your Group (MYG) y la Mobile Marketing Association en España (MMA) lanzan la primera Guía de Privacidad en el Móvil con el objetivo de poner fin a las lagunas que puedan tener editores, anunciantes, agencias, redes publicitarias y empresas de medición sobre cómo proceder en materia de privacidad.
El documento llega en un momento en el que los usuarios son cada vez más conscientes del uso que se hace de sus datos y empiezan a exigir más transparencia, información y seguridad.
Analítica web y Privacidad (eShow Madrid 2013)FLUZO
El documento habla sobre analítica web y privacidad. Explica que los datos son un activo valioso que puede generar ingresos y por lo tanto es importante manejarlos de forma responsable y cumplir con la legislación de privacidad. También recomienda que los analistas revisen los contratos con proveedores de datos, clasifiquen y obtengan consentimiento para cookies, y consideren dónde se almacenan los datos para asegurar el cumplimiento normativo.
Diseño web: del concepto al resultado. Ricardo Tayar en SEonthebeach 2013FLUZO
Este documento presenta una charla sobre el diseño web y sus principios fundamentales. Explica que el diseño web consiste en elaborar soluciones utilizando internet como medio principal para satisfacer necesidades. Describe 10 principios del buen diseño y 7 principios de usabilidad y diseño web como diseñar para personas, dar feedback, familiaridad, perdón, consistencia, eficiencia, y estructuras cognitivas naturales. Concluye que el diseño debe enfocarse en entender y satisfacer las necesidades de las personas sobre el volumen de tráfico.
La nueva ley de cookies (Conversion Thursday Zaragoza)FLUZO
1) La presentación explica la normativa sobre cookies en España y la Unión Europea, incluyendo sanciones de hasta un millón de euros.
2) Se requiere informar a los usuarios sobre el uso de cookies y obtener su consentimiento de forma clara y accesible.
3) El cumplimiento de la normativa puede optimizar el marketing a través de un enfoque de privacidad centrado en el usuario.
Análisis de Fuentes de Tráfico en Analítica Web (Practitioner Web Analytics m...FLUZO
Presentación de Gemma Muñoz en el Practitioner Web Analytics de BCN (marzo 2013) en la que expone una interesante metodología para estudiar la mejor distribución de inversión en las fuentes de tráfico para un sitio web.
Predictably Improve Your B2B Tech Company's Performance by Leveraging DataKiwi Creative
Harness the power of AI-backed reports, benchmarking and data analysis to predict trends and detect anomalies in your marketing efforts.
Peter Caputa, CEO at Databox, reveals how you can discover the strategies and tools to increase your growth rate (and margins!).
From metrics to track to data habits to pick up, enhance your reporting for powerful insights to improve your B2B tech company's marketing.
- - -
This is the webinar recording from the June 2024 HubSpot User Group (HUG) for B2B Technology USA.
Watch the video recording at https://youtu.be/5vjwGfPN9lw
Sign up for future HUG events at https://events.hubspot.com/b2b-technology-usa/
Global Situational Awareness of A.I. and where its headedvikram sood
You can see the future first in San Francisco.
Over the past year, the talk of the town has shifted from $10 billion compute clusters to $100 billion clusters to trillion-dollar clusters. Every six months another zero is added to the boardroom plans. Behind the scenes, there’s a fierce scramble to secure every power contract still available for the rest of the decade, every voltage transformer that can possibly be procured. American big business is gearing up to pour trillions of dollars into a long-unseen mobilization of American industrial might. By the end of the decade, American electricity production will have grown tens of percent; from the shale fields of Pennsylvania to the solar farms of Nevada, hundreds of millions of GPUs will hum.
The AGI race has begun. We are building machines that can think and reason. By 2025/26, these machines will outpace college graduates. By the end of the decade, they will be smarter than you or I; we will have superintelligence, in the true sense of the word. Along the way, national security forces not seen in half a century will be un-leashed, and before long, The Project will be on. If we’re lucky, we’ll be in an all-out race with the CCP; if we’re unlucky, an all-out war.
Everyone is now talking about AI, but few have the faintest glimmer of what is about to hit them. Nvidia analysts still think 2024 might be close to the peak. Mainstream pundits are stuck on the wilful blindness of “it’s just predicting the next word”. They see only hype and business-as-usual; at most they entertain another internet-scale technological change.
Before long, the world will wake up. But right now, there are perhaps a few hundred people, most of them in San Francisco and the AI labs, that have situational awareness. Through whatever peculiar forces of fate, I have found myself amongst them. A few years ago, these people were derided as crazy—but they trusted the trendlines, which allowed them to correctly predict the AI advances of the past few years. Whether these people are also right about the next few years remains to be seen. But these are very smart people—the smartest people I have ever met—and they are the ones building this technology. Perhaps they will be an odd footnote in history, or perhaps they will go down in history like Szilard and Oppenheimer and Teller. If they are seeing the future even close to correctly, we are in for a wild ride.
Let me tell you what we see.
End-to-end pipeline agility - Berlin Buzzwords 2024Lars Albertsson
We describe how we achieve high change agility in data engineering by eliminating the fear of breaking downstream data pipelines through end-to-end pipeline testing, and by using schema metaprogramming to safely eliminate boilerplate involved in changes that affect whole pipelines.
A quick poll on agility in changing pipelines from end to end indicated a huge span in capabilities. For the question "How long time does it take for all downstream pipelines to be adapted to an upstream change," the median response was 6 months, but some respondents could do it in less than a day. When quantitative data engineering differences between the best and worst are measured, the span is often 100x-1000x, sometimes even more.
A long time ago, we suffered at Spotify from fear of changing pipelines due to not knowing what the impact might be downstream. We made plans for a technical solution to test pipelines end-to-end to mitigate that fear, but the effort failed for cultural reasons. We eventually solved this challenge, but in a different context. In this presentation we will describe how we test full pipelines effectively by manipulating workflow orchestration, which enables us to make changes in pipelines without fear of breaking downstream.
Making schema changes that affect many jobs also involves a lot of toil and boilerplate. Using schema-on-read mitigates some of it, but has drawbacks since it makes it more difficult to detect errors early. We will describe how we have rejected this tradeoff by applying schema metaprogramming, eliminating boilerplate but keeping the protection of static typing, thereby further improving agility to quickly modify data pipelines without fear.
Codeless Generative AI Pipelines
(GenAI with Milvus)
https://ml.dssconf.pl/user.html#!/lecture/DSSML24-041a/rate
Discover the potential of real-time streaming in the context of GenAI as we delve into the intricacies of Apache NiFi and its capabilities. Learn how this tool can significantly simplify the data engineering workflow for GenAI applications, allowing you to focus on the creative aspects rather than the technical complexities. I will guide you through practical examples and use cases, showing the impact of automation on prompt building. From data ingestion to transformation and delivery, witness how Apache NiFi streamlines the entire pipeline, ensuring a smooth and hassle-free experience.
Timothy Spann
https://www.youtube.com/@FLaNK-Stack
https://medium.com/@tspann
https://www.datainmotion.dev/
milvus, unstructured data, vector database, zilliz, cloud, vectors, python, deep learning, generative ai, genai, nifi, kafka, flink, streaming, iot, edge
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...sameer shah
"Join us for STATATHON, a dynamic 2-day event dedicated to exploring statistical knowledge and its real-world applications. From theory to practice, participants engage in intensive learning sessions, workshops, and challenges, fostering a deeper understanding of statistical methodologies and their significance in various fields."
State of Artificial intelligence Report 2023kuntobimo2016
Artificial intelligence (AI) is a multidisciplinary field of science and engineering whose goal is to create intelligent machines.
We believe that AI will be a force multiplier on technological progress in our increasingly digital, data-driven world. This is because everything around us today, ranging from culture to consumer products, is a product of intelligence.
The State of AI Report is now in its sixth year. Consider this report as a compilation of the most interesting things we’ve seen with a goal of triggering an informed conversation about the state of AI and its implication for the future.
We consider the following key dimensions in our report:
Research: Technology breakthroughs and their capabilities.
Industry: Areas of commercial application for AI and its business impact.
Politics: Regulation of AI, its economic implications and the evolving geopolitics of AI.
Safety: Identifying and mitigating catastrophic risks that highly-capable future AI systems could pose to us.
Predictions: What we believe will happen in the next 12 months and a 2022 performance review to keep us honest.
Intelligence supported media monitoring in veterinary medicine
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Blair Reeves
1.
2. The Future of Privacy
Blair Reeves
Product Manager, IBM Digital Analytics
Aurelie Pols
Chief Visionary Officer, Mind Your Privacy
@BlairReeves
@AureliePols
3. @BlairReeves
Privacy is Perception
… but do another.
66% of Americans say
they do not want to
receive targeted ads
53% of Americans want
websites they visit to
offer discounts tailored
to their interests
64% of Americans say they are less
likely to vote for a political candidate
who buys information about their
online behavior
92% of U.S. internet users say
they worry about privacy online
Behaviorally-targeted
ads have 240%+ higher
conversion rates
80% of internet users do
not “always” read
privacy policies, and
only half bother logging
out
4. Privacy is Perception
What
informa,on
am
I
giving
away?
Do
I
know?
Do
I
care?
User-supplied:
• Name
• Date of birth
• Sex
• Location (City, State)
Inferred:
• Mobile device type
• Login frequency
• Clickstream
• Browsing history
• Purchase history
• Social connections
• Etc.
@BlairReeves
5. Consumers rely more and more on free
cloud services
@BlairReeves
0
200,000,000
400,000,000
600,000,000
800,000,000
1,000,000,000
1,200,000,000
1,400,000,000
Search Gmail Google Plus Drive
Google Services MAUs
Extrapolated
Confirmed by Google
7. @BlairReeves
More and more of our lives
will be lived digitally
Cloud ● Mobile ● Connected
Citizens ● Consumers ● Humans
8. About me
Aurélie
Pols
Chief
Visionary
Officer
Mind
Your
Privacy
• Grew up in the Netherlands, Dutch passport
• French mother tongue
• Most of my friends are bilingual at least
• Have Polish & Russian origins
• Set-up my 1st start-up in Belgium in 2003
• Sold it to Digitas LBi (Publicis), in 2008
• Moved to Spain in 2009
• Created 2 other start-ups in Spain in 2012
Mind Your Group, Putting Your Data to Work
Mind Your Privacy, Data Science Protected
Yes, a “law firm” but we prefer to say
a bunch of Data Scientists working with
a bunch of Lawyers
@AureliePols
9. Context: Privacy tri-partite
Joint effort by:
1. Governments &/or international
Associations => legislation,
guidelines, …
2. Citizens/voters/consumers
3. Businesses
Each party wanting to defend:
o Personal Data Protection & the
Rule of Law through respect of
Fundamental Rights
vs.
o Profits & hopefully
Sustainability
Governments
Citizens/
voters/
consumers
OUR
GLOBAL
SOCIETY
Businesses
Analytics vendors / Agencies / Data Users
@AureliePols
10. About Mind Your Privacy
Boutique consultancy firm providing security
consultancy services and legal Privacy advice
Our typical international clients manage sensitive
data within an international landscape
Pluricultural and multi-skilled profiles - legal,
data scientists and technical
Providing complete solutions to complex data
and privacy issues
@AureliePols
11. This presentation is for Data Users
Source: http://ochuko.files.wordpress.com/2010/04/sides-of-a-coin.jpg
@AureliePols
12. Privacy, the Word
From our Wikipedia friends:
From Latin: privatus "separated from the rest, deprived of something, esp. office,
participation in the government", from privo "to deprive”
The ability of an individual or group to seclude themselves or information about
themselves and thereby express themselves selectively.
The boundaries and content of what is considered private differ among
cultures and individuals, but share common themes.
When something is private to a person, it usually means there is something to
them inherently special or sensitive.
The domain of privacy partially overlaps security, including for instance the
concepts of appropriate use, as well as protection of information.
Privacy may also take the form of bodily integrity.
Source: https://en.wikipedia.org/wiki/Privacy
@AureliePols
13. Privacy, nothing to hide?
“If you have something that you don’t want
anyone to know, maybe you shouldn’t be
doing it in the first place.”
Eric Schmidt, 2009
https://www.youtube.com/watch?
v=A6e7wfDHzew
Tip: Follow Daniel Solove on LindedIn!
@AureliePols
14. An Anglo-Saxon term?
Source: http://web.mit.edu/bigdata-priv/
http://www.whitehouse.gov/sites/default/files/docs/
big_data_privacy_report_may_1_2014.pdf
@AureliePols
18. Regulatory law
“Every country is a little different.
You run into different regulatory regimes and you need to
make sure you have the right tools so that people can
implement the right policies they are required to by
law…
They aren’t that different”
Source: Bloomberg Singapore Sessions
April 23rd 2014
http://www.bloomberg.com/video/big-data-
big-results-singapore-sessions-4-23-
kHN5zrGbR_Wq6hbmV9~aXQ.html
@AureliePols
19. A global perspective
US & UK EU APEC
Common Law Continental Law Continental
law
influenced
Class actions Fines
(by DPAs: Data Protection Agencies)
Privacy Personal Data Protection (PDP)
Business focused Citizen focused: data belongs to the
visitor/prospect/consumer/citizen
Patchwork of sector based
legislations: HIPPA,
COPPA, VPPA, …
Over-arching EU Directives &
Regulations
PII: varies per state Risk levels: low, medium, high,
extremely high
@AureliePols
20. Democracy & the rule of law
US & UK EU APEC
Common Law Continental Law Continental
law
influenced
Class actions Fines
(by DPAs: Data Protection Agencies)
Privacy Personal Data Protection
(PDP)
Business focused Citizen focused: data belongs to the
visitor/prospect/consumer/citizen
Patchwork of sector based
legislations: HIPPA,
COPPA, VPPA, …
Over-arching EU Directives &
Regulations
PII: varies per state Risk levels: low, medium, high,
extremely high
@AureliePols
21. Data Protection
In light of fuzzy interpretations of Privacy, could we
agree upon
• Thinking of it as data protection
• Protecting the data we are entrusted with
• While respecting the Right to “Privacy”
• Taking into consideration information security
measures
@AureliePols
22. Democracy & the rule of law
US & UK EU APEC
Common Law Continental Law Continental
law
influenced
Class actions Fines
(by DPAs: Data Protection Agencies)
Privacy Personal Data Protection (PDP)
Business focused Citizen focused: data belongs to the
visitor/prospect/consumer/citizen
Patchwork of sector based
legislations: HIPPA,
COPPA, VPPA, …
Over-arching EU Directives &
Regulations
PII: varies per
state
Risk levels: low, medium,
high, extremely high
@AureliePols
23. PII: ah but we don’t collect it!
Medical information as PII
California
Arkansas
Missouri
New Hampshire
North Dakota
Texas
Virginia
Financial information as PII
Alaska North Carolina
Iowa North Dakota
Kansas Oregon
Massachusetts South Carolina
Missouri Vermont
Nevada Wisconsin
New York* Wyoming
Passwords as PII
Georgia
Maine
Nebraska
Biometric information as PII
Iowa
Nebraska
North Carolina
Wisconsin
Source: information based on current
ongoing analysis (partial results)
@AureliePols
24. So what is considered PII?
Personal Information (based on the definition commonly used by most US states)
i Name, such as full name, maiden name, mother‘s maiden name, or alias
ii Personal identification number, such as social security number (SSN),
passport number, driver‘s license number, account and credit card number
iii Address information, such as street address or email address
iv Asset information, such as Internet Protocol (IP) or Media Access Control
(MAC)
v Telephone numbers, including mobile, business, and personal numbers.
Information identifying personally owned property, such as vehicle registration
number or title number and related information
Source: information based on current
ongoing analysis (partial results)
@AureliePols
25. If you collect PII… then
US & UK EU APEC
Common Law Continental Law Continental
law
influenced
Class actions Fines
(by DPAs: Data Protection Agencies)
Privacy Personal Data Protection (PDP)
Business focused Citizen focused
Patchwork of
sector based
legislations:
HIPPA, COPPA,
VPPA, …
Over-arching EU Directives &
Regulations
PII: varies per
state
Risk levels: low, medium,
high, extremely high
@AureliePols
26. PII & legislation questions
• Who knows their Chief Privacy Officer?
According to the DMA (US), CMOs should abide to
an average # of 300 pieces of legislation
• Is PII really PII?
Zip code + gender + date of birth can uniquely
identify 87% of the US population
Source: Microsoft Latanya Sweeney (2000)
http://dataprivacylab.org/projects/identifiability/paper1.pdf
@AureliePols
27. PII vs. Risk levels
Low
Medium
(profiling)
High
(sensitive)
Risk
level
Data type
Information Security Measures
Extremely high
(profiling of sensitive data)
PII
@AureliePols
29. The Privacy framework 1
User consent
Fair & Legal
process: FIPPs
Information for approved
use
Data diving analysis /
Big Data
New business
opportunity through
data
Purpose
@AureliePols
30. The Privacy framework 2
User consent
Fair & Legal
process: FIPPs
Information for approved
use
Data diving analysis /
Big Data
New business
opportunity through
data
Purpose
@AureliePols
31. Fair Information Practice Principles - FIPPs
Source: https://security.berkeley.edu/sites/default/files/uploads/FIPPSimage.jpg
@AureliePols
32. Data collection
• Purpose – Consent
o Reason for data collection:
• Website improvement, better User Experience
• Marketing communication
• Opt-in? Opt-out? Double opt-in?
o Depends upon:
• Type of data: PII, sensitive data
• Type of sector: financial, health, …
• Geography: US vs. EU vs. ???
@AureliePols
33. Examples: US vs. Spain
US: no purpose,
no consent
Spain: consent,
purpose, opt-in & opt-
out
@AureliePols
34. Trust & creepiness
Consent is about a reasonable expectation of the use of data
o There’s a fine line
between
feeling charmed
vs.
feeling invaded
o Create win-win situations:
• Customers give company information
• Customers get better service/value for money
@AureliePols
35. Consent & Trust for Telcos
Slide borrowed from Stephen John Deadman fromVodafone Group Services Limited, IAPP congress Brussels,
November 2013
@AureliePols
36. Typical personal data misconceptions
Very often present in technology companies
o We do not identify the user while using the data, so we have no
issues with Privacy law
o We only use the serial # of the users device, so the data is
anonymous and we have no issues with Privacy laws
o We encrypt the data so we are no longer using/sending/receiving
personal data
o We use hashes to replace all serial #, so the data is now
anonymous and we have no issues with Privacy laws
o We anonymize the data, so we are not using personal data
o We can use the user’s data for anything we want, as long as we
keep the data to ourselves
o Look: big name companies are doing the same, so we are ok
Slide borrowed from @simonhania from TomTom, IAPP congress Brussels, November 2013
@AureliePols
37. EU fines?
Spain: responsible for 80% of data protection fines in the EU
Source: http://i0.kym-cdn.com/photos/
images/newsfeed/000/242/381/63a.jpg
Source: http://www.mindyourprivacy.com/
download/privacy-infographic.pdf
@AureliePols
44. Balancing Risks & Benefits
Risks
SaaS PIAs: Privacy
Impact Assessment
Security evaluation of
your own information
Nature of your own
data
Benefits
Price
Transfer of
responsibility?
Availability (BYOD,
strike, natural
disaster, …)
Source: http://www.labeshops.com/image/cache/data/summitcollection/7918l-
lady-justice-3-feet-statue-800x800.jpg
@AureliePols
45. Compliance vs. Risk Assessments
• Achieving 100% compliance is a chimera
o Compliance is a journey, not a destination
o Level of required compliance linked to
• Sector
• Personal internal management
• Company risk profile
• Risk is a moving target
o Risk of being fined
o Risk of being breached
o Brand perception => subjective
@AureliePols
46. A simple example
PII viewer for Google Analytics
http://davidsimpson.me/pii-viewer-for-google-analytics/
Customer
DBData Collection
Data Visualization
Privacy Policy
Hosting
Security
Terms of Use
Access
Consent
FIPPs
Data
retention
period
(Hosting)
Security
Access
What data is Chrome sending
Is your company accountable
@AureliePols
47. Other ex.: BBVA Commerce 360
26M transactions/
day
25% of
marketshare for
Spain
Source: http://
www.slideshare.net/cibbva/
juan-carlos-plaza-explica-
los-proyectos-sobre-big-
data-de-bbva
@AureliePols
48. Data transformations
Consent & purpose
Through which pipes?
Data (transfer) security?
Data access?
…
From granular to aggregated
@AureliePols
49. What to do?
1. Know your information structure (cloud)
o Can you exactly draw the Cloud supplier slide?
2. Cloud inventory (PIA)
o Provider (& sub-contractors)
o Location
• Cloud service HQ
• Servers
• Applicable law: our friend Snowden
• Physical location: earthquakes?
• Any incidents to report?
• In-house control access (risk)
• Terms & Conditions
• Information Security measures
• Related to Privacy
@AureliePols
50. What to do?
3. Know your Data structure: data inventory
(cloud)
o (Do you know which data can be found where)?
o Have you reviewed your information security measures?
o What happens in case of a breach?
4. Authorization required?
o Approval International Data Transfers (IDT)
o Safe Harbor
o Binding Corporate Rules (BCR)
o User consent
@AureliePols
51. Moving to the cloud
1. List your departments
2. What type of data needs to be moved?
3. What are your data risk levels?
o Low / Medium / High / Extremely High
4. What do you need for compliance?
Have a list of questions ready
to ask your cloud provider
except for the price!
@AureliePols
55. MYP Services
For Data Users
Risk Assessment to define maturity model (COBIT) and roadmap
Define processes to establish proper security measures and create
policies to structure these process
Audit the level of compliance of security measures that are in place
Train staff to align them with security plan while reducing the risk of
suffering a data breach
Define KPIs to adequately deploy a data governance program
@AureliePols
56. MYP Services
Analytics SaaS Providers
Advice during the procurement process to define the best provider in
terms of data security management and privacy compliance
Audit providers´ management of data and privacy
For Analytics vendors & agencies
PrivacyGreen Seal