The document discusses issues with personal data protection in Belarusian national databases. It finds that there is no clear definition of personal data, data is retained in several different databases without unified access registration, and individuals have no way of knowing who accesses their data or holding them accountable. It also notes the lack of set retention periods and an inability to delete data on request.
The Personal Data Protection Bill 2018 is to be presented before the Parliament shortly with necessary amendments .This is bill applicable to India in lines of GDPR of the European uinion
With the submission of SriKrishna Committee report on data protection, the final countdown for India’s own Data Protection Regime has finally begun. A detailed legal framework on data protection is to be implemented in the coming days.
Purpose of Data Protection Bill 2018- To protect the autonomy of individuals in relation with their personal data, to specify where the flow and usage of personal data is appropriate, to create a relationship of trust between persons and entities processing their personal data, to specify the rights of individuals whose personal data are processed, to create a framework for implementing organizational and technical measures in processing personal data, to lay down norms for cross-border transfer of personal data, to ensure the accountability of entities processing personal data, to provide remedies for unauthorized and harmful processing, and to establish a Data Protection Authority for overseeing processing activities.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
The Personal Data Protection Bill 2018 is to be presented before the Parliament shortly with necessary amendments .This is bill applicable to India in lines of GDPR of the European uinion
With the submission of SriKrishna Committee report on data protection, the final countdown for India’s own Data Protection Regime has finally begun. A detailed legal framework on data protection is to be implemented in the coming days.
Purpose of Data Protection Bill 2018- To protect the autonomy of individuals in relation with their personal data, to specify where the flow and usage of personal data is appropriate, to create a relationship of trust between persons and entities processing their personal data, to specify the rights of individuals whose personal data are processed, to create a framework for implementing organizational and technical measures in processing personal data, to lay down norms for cross-border transfer of personal data, to ensure the accountability of entities processing personal data, to provide remedies for unauthorized and harmful processing, and to establish a Data Protection Authority for overseeing processing activities.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
“Data localisation or data residency laws require data about a nations' citizens or residents be collected, processed, and/or stored inside the country, often before being transferred internationally, and usually transferred only after meeting local privacy or data protection laws, such as giving the user notice of how the information will be used and obtaining their consent.” - Wikipedia
Draft Bill on the Protection of Personal DataRenato Monteiro
Presentation given at the DataGuidance´s webinar "Brazil: Towards Privacy Compliance", about the Brazlian Draft Bill for the Protection of Personal Data (Anteprojeto de Lei para a Proteção de Dados Pessoais) issued in January 2015, which introduced concepts such as Data Protection Officer and Binding Corporate Rules.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
What you can do online at the social security administration websitemosmedicalreview
The SSA provides retirement and disability benefits, the latter granted based on a chart review, to applicants. Here is what you can do via SSA’s website.
The Personal Data Protection Bill, 2019 as introduced in Lok Sabha has been referred to a Joint Parliamentary Committee of both the Houses, under the Chairperson of Smt. Meenakshi Lekhi (New Delhi) M.P. for examination and Report.
It has been decided to seek views and suggestions on the Bill from individuals and associations/bodies concerned.
This is critical review of the same and suggestions submitted to JPC
All information, data, and material contained, presented, or provided on is for educational purposes only.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
It is not to be construed or intended as providing legal advice.
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
Welcome to the first Verizon Protected Health Information Data Breach Report (PHIDBR).
We’re the same team that has brought you the Verizon Data Breach Investigations Report
(DBIR) since 2008, and we are excited to revisit some of that data and bring in
some new incidents for this report.
The purpose of this study is to shed light on the problem of medical data loss—how it is
disclosed, who is causing it and what can be done to combat it. This is a far-reaching
problem that impacts not only organizations that are victims of these breaches, but also
doctor-patient relationships. And it can have consequences that spread more broadly
than just those directly affected by the incidents.
Key Issues on the new General Data Protection RegulationOlivier Vandeputte
The General Data Protection Regulation is one of the most wide ranging pieces of legislation passed by the EU in recent years. The GDPR comes into effect on 25 May 2018. The new framework is ambitious, complex and strict. It presents any organization that has so far failed to begin preparations with a steep challenge to become GDPR compliant in time.
We have summarized the key issues in our GDPR brochure.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.
17 U.S. Code § 107 - Limitations on exclusive rights: Fair use
Notwithstanding the provisions of sections 106 and 106A, the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.
Since the days of California's pioneering data breach notification law, virtually all states have implemented some form of consumer ID theft protection law. In 2008, the focus shifted to the east coast, when Massachusetts took it beyond notification, and issued their regulations for the protection of personal information, viewed by many as the most proscriptive in the US. This presentation will provide a general overview of state law, but focus on how the MA regulations evolved from the version issued in Sept 2008 to what became effective March 2010, how organizations are responding, and some potential implications for the future.
Allison Dolan, Program Director, Protecting Personally Identifiable Information, Massachusetts Institute of Technology
Allison F. Dolan is currently Program Director, Protecting Personally Identifiable Information at the Massachusetts Institute of Technology. This program is co-sponsored by the Institute Auditor and Vice President for Information Services and Technology (IS&T). Previously, Allison spent 10 years in IS&T, including roles as Director of Shared Services - Finance, Administration and HR, and as Director of Telephony Services. Allison’s MIT experience was preceded by 20 years of combined information systems, operational, and leadership experience at Eastman Kodak. Allison holds a BA degree from the University of Delaware, with a double major in Computer Science and Economics.
Scott Edmunds Lightning talk: Experiences of NGOScott Edmunds
Scott Edmunds Lightning talk at "Unlocking the Value of Open Data"conference: "Experiences of NGO" (with thanks to Justice Centre Hong Kong). 9th June 2018 at HKU.
“Data localisation or data residency laws require data about a nations' citizens or residents be collected, processed, and/or stored inside the country, often before being transferred internationally, and usually transferred only after meeting local privacy or data protection laws, such as giving the user notice of how the information will be used and obtaining their consent.” - Wikipedia
Draft Bill on the Protection of Personal DataRenato Monteiro
Presentation given at the DataGuidance´s webinar "Brazil: Towards Privacy Compliance", about the Brazlian Draft Bill for the Protection of Personal Data (Anteprojeto de Lei para a Proteção de Dados Pessoais) issued in January 2015, which introduced concepts such as Data Protection Officer and Binding Corporate Rules.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
What you can do online at the social security administration websitemosmedicalreview
The SSA provides retirement and disability benefits, the latter granted based on a chart review, to applicants. Here is what you can do via SSA’s website.
The Personal Data Protection Bill, 2019 as introduced in Lok Sabha has been referred to a Joint Parliamentary Committee of both the Houses, under the Chairperson of Smt. Meenakshi Lekhi (New Delhi) M.P. for examination and Report.
It has been decided to seek views and suggestions on the Bill from individuals and associations/bodies concerned.
This is critical review of the same and suggestions submitted to JPC
All information, data, and material contained, presented, or provided on is for educational purposes only.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
It is not to be construed or intended as providing legal advice.
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
Welcome to the first Verizon Protected Health Information Data Breach Report (PHIDBR).
We’re the same team that has brought you the Verizon Data Breach Investigations Report
(DBIR) since 2008, and we are excited to revisit some of that data and bring in
some new incidents for this report.
The purpose of this study is to shed light on the problem of medical data loss—how it is
disclosed, who is causing it and what can be done to combat it. This is a far-reaching
problem that impacts not only organizations that are victims of these breaches, but also
doctor-patient relationships. And it can have consequences that spread more broadly
than just those directly affected by the incidents.
Key Issues on the new General Data Protection RegulationOlivier Vandeputte
The General Data Protection Regulation is one of the most wide ranging pieces of legislation passed by the EU in recent years. The GDPR comes into effect on 25 May 2018. The new framework is ambitious, complex and strict. It presents any organization that has so far failed to begin preparations with a steep challenge to become GDPR compliant in time.
We have summarized the key issues in our GDPR brochure.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.
17 U.S. Code § 107 - Limitations on exclusive rights: Fair use
Notwithstanding the provisions of sections 106 and 106A, the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.
Since the days of California's pioneering data breach notification law, virtually all states have implemented some form of consumer ID theft protection law. In 2008, the focus shifted to the east coast, when Massachusetts took it beyond notification, and issued their regulations for the protection of personal information, viewed by many as the most proscriptive in the US. This presentation will provide a general overview of state law, but focus on how the MA regulations evolved from the version issued in Sept 2008 to what became effective March 2010, how organizations are responding, and some potential implications for the future.
Allison Dolan, Program Director, Protecting Personally Identifiable Information, Massachusetts Institute of Technology
Allison F. Dolan is currently Program Director, Protecting Personally Identifiable Information at the Massachusetts Institute of Technology. This program is co-sponsored by the Institute Auditor and Vice President for Information Services and Technology (IS&T). Previously, Allison spent 10 years in IS&T, including roles as Director of Shared Services - Finance, Administration and HR, and as Director of Telephony Services. Allison’s MIT experience was preceded by 20 years of combined information systems, operational, and leadership experience at Eastman Kodak. Allison holds a BA degree from the University of Delaware, with a double major in Computer Science and Economics.
Scott Edmunds Lightning talk: Experiences of NGOScott Edmunds
Scott Edmunds Lightning talk at "Unlocking the Value of Open Data"conference: "Experiences of NGO" (with thanks to Justice Centre Hong Kong). 9th June 2018 at HKU.
Republic Act 10173 Data Privacy Act of 2012 (DPA)
“An act protecting individual personal information in information and communications systems in the government and the private sector, creating for this purpose a National Privacy Commission, and for other purposes”
Data Privacy: What you should know, what you should do!
CSMFO Data Privacy in the Governmental Sector, Local Government. Data Privacy Laws, PCI, Breaches, AICPA – Generally Accepted Privacy Principles
India’s Digital Personal Data Protection Bill-New.pdfInfosec train
he Digital Personal Data Protection Bill is an important legislation introduced in India to safeguard the privacy of individuals' digital personal data
Information Security: The Trinidad & Tobago Legal ContextJason Nathu
Presentation to students completing the Information System Security, Ethics and Law of the Master of Information System & Technology Management at the Lok Jack Graduate School of Business on 12 July, 2015.
Asia Counsel Vietnam summarises the long awaited Decree 13 on data protection. We provide useful steps to get prepared and comply with the new provisions which will take effect on 1 July 2023.
User Privacy or Cyber Sovereignty Freedom House Special Report 2020MYO AUNG Myanmar
https://freedomhouse.org/report/special-report/2020/user-privacy-or-cyber-sovereignty?utm_source=Newsletter&utm_medium=Email&utm_campaign=SPOTLIGHTFRDM_072720
Special Report 2020
User Privacy or Cyber Sovereignty?
Assessing the human rights implications of data localization
WRITTEN BY-Adrian Shahbaz-Allie Funk-Andrea Hackl
https://freedomhouse.org/sites/default/files/2020-07/FINAL_Data_Localization_human_rights_07232020.pdf
USER PRIVACY OR CYBER SOVEREIGNTY?
Assessing the human rights implications of data localization
Evaluation of Bangladesh’s Data Protection Bill.pdfM S Siddiqui
The draft Data Security Law did not make difference between data privacy and data security and a big concern was how to maintain the privacy of such data. The problem is that the government has expressed a controlling attitude to make the law a control mechanism rather than data security and data privacy.
[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...Kenneth Riley
Following the adoption of GDPR in the European Union, the United States has seen their own privacy regulatory landscape evolve and develop. Beginning in California and expanding to Nevada, Maine, and beyond, ensuing organizational and technical compliance with these stringent regulations has become a priority for many organizations. These regulations have come with additional reputational and regulatory risk (e.g. fines), increased consumer rights, and an enhanced focus on how companies use data as a commodity. This webinar will unpack the key complexities surrounding those regulations, speak to how technology advancements can assist in compliance and overall privacy program maturity, and discuss how Internal Audit can prepare for and drive a proactive approach to privacy.
Data Protection Guide – What are your rights as a citizen?Edouard Nguyen
Guide UK Data Protection Law EUROPA - Internal Market - Data Protection - Data Protection Guide – What are your rights as a citizen?http://ec.europa.eu/justice/policies/privacy/docs/guide/guide-ukingdom_en.pdf
Объясняем, как общаться с милицией с наименьшим ущербом для себя. Как показывает практика, лучшие помощники в разговоре с любыми государственными службами - это внимательность, дружелюбие и четкое знание своих прав.
Рассказываем, как правильно общаться с незрячими людьми и почему нельзя трогать собаку-поводыря, как говорить так, чтобы никого не обидеть и т.п.
Эта памятка представляет собой сборник рекомендаций для сотрудников милиции. Она не создает никаких новых правил, а всего лишь дает советы и подсказки, следуя которым сотрудник милиции может более качественно выполнять свою работу по защите безопасности и прав граждан и избежать взаимных неловкостей в отношении с уязвимыми людьми.
Волонтеры провели мониторинг 24 отделений милиции Минска и области. Наблюдение было построено не на основе какого-то четко регламентированного правового стандарта, а на основе здравого смысла. В первую очередь, наблюдатели фиксировали все, что может понадобиться гражданину в случае его добровольного обращения в отделение милиции.
Процесс наблюдения фокусировался на двух аспектах.
Первый из них – коммуникативная доступность милиции для людей и представление правопорядка как некого сервиса, который обеспечивают правоохранительные органы. Здесь наблюдатели оценивали простоту нахождения милиции при возможном обращении; доступность (возможность свободно войти в отделение, понятность правил и условий обращения, наличие безбарьерной среды); информационное обеспечение (как и куда можно подать заявление, подробные контакты руководства и вышестоящих органов, информация о правах задержанных и т.п.); дружелюбность (отношение сотрудников к посетителям, возможность встретиться с руководителем отделения); а также бытовые условия (наличие питьевой воды, условия в туалетах, возможность зарядки телефона).
Второй фокус – условия труда самих сотрудников милиции: как проходит коммуникация старших и младшх чинов, как к сотрудникам относятся посетители, есть ли рядом с местом работы пункт горячего питания, условиях в уборных и т.п.
25 наблюдателей попытались оценить, как реализуется в Минске принцип гласности и открытости суда. Они наблюдали 148 судебных процессов в разных районах города. Полная версия отчета
Инфографика рассказывает об отношении беларусов к смертной казни, судам, милиции, к преступникам и к порядочным людям. Она создана на основе социологического исследования «Преступление и наказание: восприятие, оценки, отношение общества», которое проводилось в 2 этапа в 2013 и 2014 г. Исследование полностью - http://belhelcom.org/node/19664
Автор графики - Игорь Яновский.
Правозащитники приводят 7 аргументов, почему Декрет следует признать нарушающим Конституцию и международные договоры страны и отменить. Среди нарушений – не только новая форма принудительного труда, но и посягательство на право и обязанность граждан воспитывать детей и заботиться о престарелых родителях, серьезные ограничения на защиту персональных данных и частной жизни и превышение полномочий со стороны Президента
Как правозащитники видят проблему смертной казни - в краткой презентации.
Больше фактической информация о ситуации со смертной и несмертной казнью (пожизненным заключением) - закон, социологические данные, еtc - здесь http://belhelcom.org/ru/nesmertnaya
Кароткі агляд сітуацыі з абароная персанальных дадзеных у Беларусі.
Краткий обзор ситуации с защитой персональных данных в Беларуси.
Overview of the situation with the protection of personal data in Belarus.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
3. Use and protection of personal data becomes more and more relevant
issue because of development of informational technologies.
Belarus is no exception.
Many people know that our personal data is collected, summarized,
and retained by state bodies. But not many people know which data is col-
lected, how it is protected, what it is used for, and whom it is transferred to.
This information will help you to fill this gap.
4. Population Register
Credit Register
Personal Record-Keeping
United State Delict Data Bank
Dactyloscopy Registration
Databank
Database of nationals
whose right to departure
was temporarily restricted
Mobile networks user database
retained by the Ministry of Internal Affairs
retained by the Ministry of Internal Affairs
retained by the Ministry of Internal Affairs
retained by the Social Protection Fund
retained by the National Bank
retained by mobile network operators
Automated Information
Data System "Raschet"
retained by the National Bank
retained by the Ministry of Internal Affairs
DATABASES UNDER REVIEW
5. Main criteria for comparison of personal data databases
Whether the register
of users who enter
the data is kept
Whether the data
users are registered
Whether the purpose
for retaining the data
is provided
Whether the closed
register of the collected
data is provided
Whether the person
is enabled to learn who
got access to his data
Whether the responsibility
for leaks is stipulated
Whether reasonable
retention period
is provided for the data
Whether the data
can be deleted
CRITERIA FOR COMPARISON
6. Population Register
Credit Register
Personal Record-Keeping
United State Delict Data Bank
Dactyloscopic Registration
Database
Database of nationals whose right
to departure is temporarily restricted
Mobile network users database
Automated Information
Data System "Raschet"
Whether the register
of users who enter
the data is kept
legislation regulates
this issue
no legislation regulates
this issue or is too general
legislation does not protect
personal data
Whether the closed
register of the collected
data is provided
Whether reasonable
retention period is
provided for the data
Whether the data
users are registered
Whether the person
is enabled to learn who
got access to his data
Whether the data
can be deleted
Whether the purpose
for retaining the data
is provided
Whether
the responsibility
for leaks is stipulated
ASCERTAINED FEATURES
7. The data user is registered automatically or manually
The purposes for collecting and retaining data are too general and unspecific
Authorized employees are responsible for illegal provision or distribution of personal data
which they learned because of their official (work) duties,even after they ceased
to perform them
The data is retained permanently.When a person dies,his data is filed
Population Register
ASCERTAINED FEATURES
8. ASCERTAINED FEATURES
The insured who make payments,are registered when they access data; but the remote data
access by the Ministry of Internal Affairs is not registered
It can be enlarged with "other data which is needed to grant or pay a pension or an
allowance"
Responsibility for the leak is stipulated by the Administrative and Criminal Codes
The data is retained for life,but it answers its purpose: granting and paying pensions
Personal Record-Keeping
9. Credit Register
ASCERTAINED FEATURES
The data user is registered when the interested party files an application and with
the individual's consent.No such consent is needed if the data is requested by courts,
law enforcement bodies,notaries (see the list of bodies in the Bank Code)
The special law stipulates no responsibility for the leak.It stipulates administrative
responsibility for divulgation of trade (or other) secret (clause 22.13 of the Administrative
Code)
The data is retained for 15 years after the credit agreement is terminated and the debt
is discharged
10. ASCERTAINED FEATURES
The data is retained for 25 years after it is excluded (due to falsity) or filed
(due to death or restrictions being lifted)
Database of nationals whose right
to departure was temporarily restricted
11. Mobile networks user database
ASCERTAINED FEATURES
The data is retained for not less than 5 years
Data cannot be deleted
12. Automated Information Data System "Raschet"
ASCERTAINED FEATURES
Data is retained for 3 years
Data cannot be deleted
13. United State Delict Database
ASCERTAINED FEATURES
The data user is registered by way of registration of the inquiry of an interested body
or an official
Retention period for crime data is 100 years; for delict data,it is 10 years.
These periods are unreasonably long.
For example,a person is not considered being held administratively liable in a year after
he was called to account; there is no need to retain such data for more than 1 year.
14. ASCERTAINED FEATURES
The data user is registered by way of registration of the inquiry of an interested body
or an official
The purposes for collecting and retaining data are too general and unspecific
Dactyloscopic information is retained not less than until the person is 80 years old,
or dead,or has retired or resigned
Data can be deleted when the retention period is over,or when a written application is filed
in case the registration was voluntary,or if the suspicions have not been confirmed
Dactyloscopic Registration Database
15. Databases which retain it*
full name & patronimyc
identification number
sex
date of birth
birthplace
digital portrait photo
citizenship
place of residence
death information
disability, legal incapacity
nearest relations
marriage
wardship, guardianship
status of being working, unemployed, inactive
tax liabilities
military duty
education
academic degree (rank)
labor activity
pensions, support
compulsory insurance
credits
electric communication service
AIDS "Raschet" data
departure restriction
crimes and delicts data
dactyloscopic information
Population Register
Credit Register
Personal Record-Keeping
Dactyloscopic Registration
Database
Database of nationals
whose right to departure
is temporarily restricted
Mobile networks users
database
Automated Information
Data System "Raschet"
United State Delict Data Bank
PERSONAL DATA
*main databases are listed
16. Entities which enter it to these databases
full name & patronimyc
identification number
sex
date of birth
birthplace
digital portrait photo
citizenship
place of residence
death information
disability, legal incapacity
nearest relations
marriage
wardship, guardianship
status of being working, unemployed, inactive
tax liabilities
military duty
education
academic degree (rank)
labor activity
pensions, support
compulsory insurance
credits
electric communication service
AIDS "Raschet" data
departure restriction
crimes and delicts data
dactyloscopic information
Ministry of Internal Affairs
Social Protection Fund
State Security Committee
Ministry for Emergency Situations
Military registration
and enlistment offices
Ministry of taxation
Ministry of Education
Belgosstrakh
Executive committees
Courts
Civil Registry Offices
National Bank
Operations and Analysis Center
under the President
of the Republic of Belarus
Presidential Security Service
Service providers
Ministry of Defense
Higher Attestation Commission
PERSONAL DATA
17. There is no clear understanding
what personal data is
Personal data is retained
in several databases
Total registration
of personal data accesses
is not implemented
Information about national’s
data users is inaccessible
There is no real responsibility
for illegal access and divulgence
of personal data
There is no uniform approach
to retention periods
It is impossible to delete
personal data by request
MAIN CONCLUSIONS
18. Definitions stipulated by the laws on population register and on information,
informatization and information security,differ in scope.The law on register
contains an exhaustive definition; the law on information attributes any data that
can help identify the person to it.Such non-coordination of the key definition
makes uniform approach to legal regulation of this sphere impossible.
MAIN CONCLUSIONS
There is no clear understanding
what personal data is
19. Personal data is retained
in different databases
Though the law on population register stipulates that the Ministry of Internal
Affairs is the body responsible for the personal data databases,other bodies have
their own databases with such information (National Bank retains credit histories,
Social Protection Fund retains state social insurance data).
MAIN CONCLUSIONS
20. Total registration of personal data accesses
is not implemented
National legislation contains no uniform approach to registration of the access
to the personal data.The law on population register stipulates that each fact
of access to the population register data should be registered online.Legislation
contains no such requirement to personal data retained in other databases.
MAIN CONCLUSIONS
21. Information about national’s data users
is inaccessible
National legislation does not regulate the right of a national to be informed
about who,when and why has got access to his personal data.
MAIN CONCLUSIONS
22. There is no real responsibility for illegal access
and divulgence of personal data
Though the legislation stipulates responsibility for the leak and illegal access to
personal data,it would be extremely difficult to prove guilt of any specific official
in practice as the legislation does not oblige to register each fact of access to it.
MAIN CONCLUSIONS
23. There is no uniform approach
to retention periods
National legislation does not contain uniform approach to the period of retention
of personal data.International legal regulations of the personal data protection
provide necessity to limit such periods to the duration needed to achieve the
purpose of the data retention; Belarusian legislation stipulates that such periods
can last until the national dies.
ОСНОВНЫЕ ВЫВОДЫ
24. It is impossible to delete personal data
by request
The "to be forgotten"principle which has been formulated in international
standards,is not implemented in various personal data databases.Databases
which somehow have such option have unreasonably long retention periods
for personal data.
ОСНОВНЫЕ ВЫВОДЫ
25. RHRPA “Belarusian Helsinki Committee”
220036, Republic of Belarus
Minsk, Karl Liebknecht Street 68
Office 1201
Phone: +375 17 222-48-00
Fax: +375 17 222-48-01
Email: office@belhelcom.org
BELHELCOM.ORG FACEBOOK.COM/
BELHELCOM