My initial thoughts following discussion of the roles of participants, process flows, the developing co-regulatory environment, risks, controls and challenges. I have also included scenario diagrams covering the three types of scenarios involved. Comments welcome here: http://sdj-thefineprint.blogspot.co.uk/2012/12/midata-thoughts-no-1.html
Summary of my thoughts arising from my involvement in the Midata working groups, as explained in the post here: http://sdj-thefineprint.blogspot.co.uk/2013/01/midata-thoughts-no-2.html
Summary of my thoughts arising from my involvement in the Midata working groups, as explained in the post here: http://sdj-thefineprint.blogspot.co.uk/2013/01/midata-thoughts-no-2.html
This PPT provides an complete reference of "DIGITAL SIGNATURE". It gives "how the digital signature are works?" and "why we need a digital signature?". And also I include some Digital signature algorithm in a Diagrammatic format.
Here in this blog forum, I am going to confer about the need for shifting from manual signature to digital signature through digital signature certificate.
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...IOSR Journals
Abstract: Communication is the important part in any type of network for making it possible to transfer data
from one node to another. Communication needs quality and security for better performance and for acceptance
of users and client companies. Data integrity is quite an issue in security and to maintain that integrity we tend
to improve as to provide the better encryption processes for security. In our proposed work, an innovative and
practical authentication system using Diffie-Hellman and AMA (Anonymous Micro payments Authentication)
are designed for micropayments in mobile data network. Through AMA the customer and the merchant can
authenticate each other indirectly, at the same time the merchant doesn’t know the customer’s real identity. A
customer can get fast micropayments not only from his local domain but also from a remote domain without
increasing any burden on his mobile phone/smartcard. Diffie-Hellman Encryption Algorithm adds more security
to the proposed work.
Keywords: AMA, Authentication, Diffie-Helman, Provate key, Public key
An Efficient Buyer - Seller Protocol to Identify the PerpetratorIDES Editor
Digital watermarks are used to prevent the possession
and transmission of copyright intellectual property over the
internet. Digital watermarking system is playing an
irrevocable role in privacy-preserving, buyer-seller
communication and e-commerce of digital content. In the past,
many buyer-seller protocols have been proposed to address
the copyright issues. Most of these protocols are only
protecting digital copyright of the digital content. This paper
proposes a new efficient buyer seller watermarking protocol
for secure digital transaction and to identify the Perpetrator
who actually pirates the digital content. To implement this
system we use a multi layerTerminate and Stay Resident
(TSR) scripting programs before embedding the
watermarking.
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous TransactionIDES Editor
Due to the rapid growth of the internet and e-commerce,
more and more digital products and multimedia contents
are sold and transmitted over the internet. However, it
also poses threats to copyright protection and to customers’
privacy.Digital watermarks are used for protecting the digital
contents from unauthorized duplication and distribution over
internet. This can be achieved by inserting a unique digital
watermark into each copy of the content before it is sold by
the content owner (seller) to a buyer. This paper proposes a
new enhanced privacy preserving Buyer-Seller watermarking
protocol for anonymous transaction. Apart from solving the
generic problems, this novel method is also finding solutions
to Anonymity, Unlinkability and Loyalty marketing problem.
Preventing Internet Fraud By Preventing Identity TheftDiane M. Metcalf
This project concentrates on the area of internet fraud called “Identity Theft”. It focuses on the responsibility of the individual cardholder in preventing or reducing fraud. It is based upon a belief that educating and empowering consumers has the ability to decrease internet/e-Commerce fraud by way of reducing identity theft.
With the outbreak of Covid-19, technological innovations are surfacing at a fast pace. One such prominent technology is eSign or electronic signature. This technology has now started to get attention due to increased digitalization.
Proposed amendments to the financial services bill sdj 21 06 12Simon Deane-Johns
A set of amendments I was asked to prepare for a cross-party group of Peers for their review of the Financial Services Bill. Explained further on The Fine Print: http://sdj-thefineprint.blogspot.co.uk/2012/06/innovation-meets-financial-services.html
This PPT provides an complete reference of "DIGITAL SIGNATURE". It gives "how the digital signature are works?" and "why we need a digital signature?". And also I include some Digital signature algorithm in a Diagrammatic format.
Here in this blog forum, I am going to confer about the need for shifting from manual signature to digital signature through digital signature certificate.
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...IOSR Journals
Abstract: Communication is the important part in any type of network for making it possible to transfer data
from one node to another. Communication needs quality and security for better performance and for acceptance
of users and client companies. Data integrity is quite an issue in security and to maintain that integrity we tend
to improve as to provide the better encryption processes for security. In our proposed work, an innovative and
practical authentication system using Diffie-Hellman and AMA (Anonymous Micro payments Authentication)
are designed for micropayments in mobile data network. Through AMA the customer and the merchant can
authenticate each other indirectly, at the same time the merchant doesn’t know the customer’s real identity. A
customer can get fast micropayments not only from his local domain but also from a remote domain without
increasing any burden on his mobile phone/smartcard. Diffie-Hellman Encryption Algorithm adds more security
to the proposed work.
Keywords: AMA, Authentication, Diffie-Helman, Provate key, Public key
An Efficient Buyer - Seller Protocol to Identify the PerpetratorIDES Editor
Digital watermarks are used to prevent the possession
and transmission of copyright intellectual property over the
internet. Digital watermarking system is playing an
irrevocable role in privacy-preserving, buyer-seller
communication and e-commerce of digital content. In the past,
many buyer-seller protocols have been proposed to address
the copyright issues. Most of these protocols are only
protecting digital copyright of the digital content. This paper
proposes a new efficient buyer seller watermarking protocol
for secure digital transaction and to identify the Perpetrator
who actually pirates the digital content. To implement this
system we use a multi layerTerminate and Stay Resident
(TSR) scripting programs before embedding the
watermarking.
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous TransactionIDES Editor
Due to the rapid growth of the internet and e-commerce,
more and more digital products and multimedia contents
are sold and transmitted over the internet. However, it
also poses threats to copyright protection and to customers’
privacy.Digital watermarks are used for protecting the digital
contents from unauthorized duplication and distribution over
internet. This can be achieved by inserting a unique digital
watermark into each copy of the content before it is sold by
the content owner (seller) to a buyer. This paper proposes a
new enhanced privacy preserving Buyer-Seller watermarking
protocol for anonymous transaction. Apart from solving the
generic problems, this novel method is also finding solutions
to Anonymity, Unlinkability and Loyalty marketing problem.
Preventing Internet Fraud By Preventing Identity TheftDiane M. Metcalf
This project concentrates on the area of internet fraud called “Identity Theft”. It focuses on the responsibility of the individual cardholder in preventing or reducing fraud. It is based upon a belief that educating and empowering consumers has the ability to decrease internet/e-Commerce fraud by way of reducing identity theft.
With the outbreak of Covid-19, technological innovations are surfacing at a fast pace. One such prominent technology is eSign or electronic signature. This technology has now started to get attention due to increased digitalization.
Proposed amendments to the financial services bill sdj 21 06 12Simon Deane-Johns
A set of amendments I was asked to prepare for a cross-party group of Peers for their review of the Financial Services Bill. Explained further on The Fine Print: http://sdj-thefineprint.blogspot.co.uk/2012/06/innovation-meets-financial-services.html
Response to the European Commission's crowdfunding consultation, previously discussed here: http://sdj-thefineprint.blogspot.co.uk/2013/10/crowdfunding-brussels-sprouts.html
Response to FCA crowdfunding consultation simon deane-johns - finalSimon Deane-Johns
My personal response to the UK Financial Conduct Authority's proposed rules to regulated peer-to-peer lending and crowd-investment platforms. Discussion welcome here: http://sdj-thefineprint.blogspot.co.uk/2013/12/response-to-fca-crowdfunding.html
Business implications of evolutions in privacy law mes infos 23 04 12 - simo...Simon Deane-Johns
A presentation to the Ctrl-Shift conference for MesInfos, the French equivalent of the Midata initiative to encourage businesses to make available to customers their own personal transaction data. Explained further here: http://sdj-thefineprint.blogspot.co.uk/2012/04/business-implications-of-privacy-law.html
Enabling The Growth of P2P Finance - Simon Deane-JohnsSimon Deane-Johns
Summarising recent a recent submission to the UK government consultation on non-bank finance for small businesses, and the government's response to that consultation. A summary of the ensuing discussion is here: http://sdj-thefineprint.blogspot.co.uk/2012/03/financial-innovation-federation.html
Slides for talk by Prof Chris Reed, Cloud Legal Project http://cloudlegalproject.org on who owns information in the cloud, at Cloud Computing: Legal, Organisational and Technological Issues conference, University of the West of England, on 23 February 2011, Bristol, UK.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
An Overview of the interface of MODRNA and GSMA Mobile ConnectBjorn Hjelm
An overview of the interface of MODRNA (Mobile Profile of OpenID Connect) and GSMA Mobile Connect presented on June 22, 2017, Cloud Identity Summit 2017.
Gary B. Rodrigue - What is Blockchain? IBM Food Trust OverviewJohn Blue
What is Blockchain? IBM Food Trust Overview - Gary B. Rodrigue, Blockchain WW Food Safety Leader, IBM, from the 2018 NIAA Antibiotic Symposium: New Science & Technology Tools for Antibiotic Stewardship, November 13-15, 2018, Overland Park, KS, USA.
More presentations at https://www.youtube.com/playlist?list=PL8ZKJKD9cmEffjOrjbBvQZeN2_SZB_Skc
An overview of the interface of MODRNA (Mobile Profile of OpenID Connect) and GSMA Mobile Connect presentation as part of "International Identity Standards – Innovation in Government & Global Interoperability" on September 20, 2016, at Global Identity Summit 2016.
More details at https://events.afcea.org/GlobalID16/Public/Content.aspx?ID=61320&sortMenu=102002 and https://events.afcea.org//GlobalID16/CUSTOM/pdf/innov-in-federation.pdf.
A Secure Account-Based Mobile Payment Protocol with Public Key CryptographyIDES Editor
The way people do the business and transactions
are changing drastically with the advent of Information
Technology. The customer wants to access information, goods
and services any time and in any place on his mobile device.
Receiving financial data, trade on stock exchanges, accessing
balances, paying bills and transfer funds using SMS are done
through mobile phones. Due to involvement of valuable
financial and personal information, the mobile phones are
vulnerable to numerous security threats. Most common activity
in M-Commerce is the payment to the merchant using a mobile
phone. In this paper we present a secure account–based
payment protocol which is suitable for M-commerce to transfer
the payment from wireless networks based on public key
cryptography. Based on author knowledge, this is a first kind
of protocol which applies public key cryptography to mobile
network and satisfies all the security requirements of the
properties provided by standard protocols for wired networks
such as SET and iKP.
There are so many initiatives designed to control the digital world that I'm struggling to keep track. There is also plenty of overlap and commonality in the issues and regulatory solutions, as well as the digital environments and problems the solutions seek to address. So I put together a few slides for ready comparison. Interesting to see what leaps out.
Embedding Encouragement of Innovation Across the FCASimon Deane-Johns
My remarks to the Finance Innovation Lab workshop on "How Policy & Regulation Can Encourage Finance Innovation With a Social Purpose" hosted by the FCA on 20 March 2017
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12Simon Deane-Johns
Submitted on 27 January 2012 to the UK Government's Red Tape Challenge on Disruptive Business Models (http://www.redtapechallenge.cabinetoffice.gov.uk/themehome/disruptive-business-model/) and the Taskforce on Non-bank Finance (http://www.bis.gov.uk/businessfinance). Related posts are here: http://sdj-thefineprint.blogspot.co.uk/2012/01/submission-on-new-model-for-retail.html
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
3. Overview
• The voluntary Midata programme involves a Supplier making
each Customer’s transaction data available to the Customer
in computer-readable format (“midata”).
• This suggests three types of scenario:
1. Release of midata by the Supplier to the Customer
2. Release of midata by the Supplier to the Customer’s duly
authorised Personal Information Manager (“PIM”)
3. Release of midata by Supplier to Customer/PIM, who transfers
it to a third party supplier (“3PS”)
4. Participants/Roles
• Supplier
– Supplier of goods or services whose systems generate midata (e.g. utility,
bank, telco)
– Includes Supplier’s own outsourced service provider(s)
• Customer
– person or micro-business who interacts with Supplier to produce midata
• Personal Information Manager acting for the Customer (“PIM”)
– Passive data repository
• Only receives, stores and/or transmits the data
• can’t ‘see’ or otherwise process content
• ‘mere conduit’?
– Active data repository
• Stores data
• Adds value by analysing or otherwise processing data
• May alter content
• Third Party Supplier (“3PS”)
– Entity other than the Supplier/PIM to whom Customer/PIM supplies ‘midata’
for use only for the purpose of supplying goods or services to the Customer
5. Process Flows
Midata involves two separate process flows:
• Transaction flows
– Offer and acceptance => contract between each of Customer,
Supplier and PIM
– Messaging, including identification of each party, data release
request, confirmation of receipt etc.
• Midata flows
– Actual transfers of midata
[Funds flows related to payments due between participants
are currently out of scope]
6. Developing Co-regulatory Environment
• Data Protection Act 1998 (“DPA”) etc supervised by Information
Commissioner’s Office (“ICO”) and related exemptions
• Guidance etc issued by ICO
• Sector-specific law/regulation
– Sections 9 DPA and 159 of Consumer Credit Act 1974, applicable to credit
reference agency data
– Electricity Act, Gas Act => Data and Communications Company
– [new Telecoms/banking/consumer credit regulation]
• Industry Codes
– Principles of Reciprocity (Credit Reference Agency data)
– Smart Energy Code
– [Other sector codes]
– Security standards, Privacy by Design etc.
– [Midata Principlesstandard permissions, rules on liablility etc?]
• Contracts
– Consents etc given under Contracts
– [standard Midata permissions or Midata sharing agreements?]
7. Midata Scenario 1
1. ID authentication (“auth”)
2. Midata request
Supplier Customer
3. Midata transfer
Supply contract
8. Midata Scenario 2a
PIM
4. ID auth. 6. Midata
5. Midata Request transfer
1. ID auth 2. Midata request
Supplier Customer
3. Midata transfer
Supply contract PIM Service contract
9. Midata Scenario 2b
PIM
3. ID auth.
4. Midata request
Supplier Customer
1. ID auth
2. Midata Request
Supply contract PIM Service contract
10. Midata Scenario 2b
Co-regulatory
PIM
relationship?
3. ID auth.
4. Midata request
Supplier Customer
1. ID auth
2. Midata Request
Supply contract PIM Service contract
11. Midata Scenario 3a
8. Data transfer
3PS 7. ID auth PIM
Transaction flow
3. ID auth; 4. Request
Supplier Customer
Transaction flow
1. ID auth; 2. Request
Supply contract PIM Service contract 3PS Service contract
12. Midata Scenario 3a
8. Data transfer
3PS 7. ID auth PIM
Transaction flow
3. ID auth; 4. Request
Supplier Customer
Transaction flow
1. ID auth; 2. Request
Co-regulatory
Supply contract PIM Service contract 3PS Service contract
relationships?
13. Midata Scenario 3b
8. Data transfer
3PS 7. ID auth PIM
4. ID auth. 6. Midata
5. Midata Request transfer
1. ID auth 2. Midata request
Supplier Customer
3. Midata transfer
Supply contract PIM Service contract 3PS Service contract
14. Midata Scenario 3b
8. Data transfer
3PS 7. ID auth PIM
4. ID auth. 6. Midata
5. Midata Request transfer
1. ID auth 2. Midata request
Supplier Customer
3. Midata transfer
Co-regulatory
Supply contract PIM Service contract 3PS Service contract
relationships?
15. Midata Scenario 3c
3PS
6. Midata
transfer
4. ID auth.
5. Midata Request
1. ID auth
Supplier 2. 2. Midata request Customer
3. Midata transfer
Supply contract PIM Service contract 3PS Service contract
16. Common Operational Risks
• Failure to identify one or more parties
• Fraudulent impersonation of one or more parties
• ‘Wrongful’ refusal to release midata
• Interception of messaging and/or midata in transit
• Wrong midata released
• Midata is inaccurate, late and/or unreliable
• Midata is false, altered or corrupted
• Midata misuse:
– loss
– destruction
– storage longer than agreed/necessary
– wrongful disclosure
– use for an illicit purpose (including breach of IPRs)
17. Common Operational Controls/Challenges
• Identity authentication/assurance for all parties
• Release of correct midata
• Secure transmission, processing, storage of midata
• Preserving secrecy/confidentiality of midata content
• Maintaining authenticity and integrity of midata
• Ensuring accuracy, timeliness and reliability of midata
• Guarding against various types of midata misuse
• Vesting and protection of intellectual property rights in midata
and/or midata databases
18. Midata-specific Challenges
• Midata portability?
• Extent of ‘agency’ involved in personal information
management by PIM
• Midata ‘community’ issues:
– Principles of reciprocity?
– Appropriate grounds for refusal to release?
– Mirror CRA and/or DCC environment?
– Apportionment of liability for various heads of loss or damage?
– Complaints handling?
– Enforcement?
– Mapping midata to legal rights/obligations to customer permissions
=> a ‘personal data mark-up language’ (WEF “Rethinking Personal
Data”)
19. Comments
Comments welcome via the related post at
The Fine Print:
http://sdj-thefineprint.blogspot.co.uk/2012/12/midata-thoughts-no-1.html