Presentation on key legal issues regarding use and developments of BOTs, AI - GDPR, Data Protection. Case study BRISbot. Presentation delivered at Epicenter 30 of May 2017 in partnership with BRIS and Microsoft.
The General Data Protection Regulation (GDPR) comes into force on 25 May 2018. GDPR is a hugely important piece of legislation designed to replace antiquated data protection rules with a new framework which accounts for recent technological advancements.
Fundamentally, GDPR is about protecting people: in this digital age, our world is awash with data and individuals are generating a continuous flow of personal information. This data can hold huge socio-economic value, from individual preference and personalisation, to understanding national health trends and global business insights. But while the digital age has brought forth huge possibilities and benefits, it also carries inherent dangers.
Some of the most powerful companies in the world have established a business model predicated on the basis of data capture. Increasingly, services like email, search and social media have become available free of charge, but this often involves a trade-off where user access comes at the cost of relinquishing control of data. As the value of this information has become clear, there has been growing recognition that a new framework is needed to police this delicate balance and restore ownership and control.
GDPR will significantly raise the bar of obligation and accountability, ensuring that all organisations which handle personal data adhere to strict regulations around privacy, security and consent. This conference will contextualise the changing regulatory landscape, explain the significance of incoming rules, and define the key areas that organisations need to be aware of.
Core conference topics include:
Key legal issues and obligations
Privacy Impact Assessments
Data security and breach notification
Privacy by design
DPO requirements
Practical strategy implementation
In May 2018, the European Union’s General Data Protection Regulation (GDPR) will take effect. Companies that do not comply might be fined 20M or 4% of the annual global turnover whichever is greater. Despite the evident threat, GDPR is also a huge opportunity to rethink how your business works and to turn that threat into an opportunity. GRAKN.AI – a knowledge base – provides all you need to turn the centralized record of users that GDPR is asking companies to create and use it to provide value to your users. Adding them to the knowledge base as well as your content or product opens many new perspectives.
DAMA Webinar: The Data Governance of Personal (PII) DataDATAVERSITY
To do effective data governance, analysts should preview the amount of data their organization is collecting and consider if it is all necessary information to run the business or just “nice to have” data. Today companies are collecting a variety of Personally identifiable information (PII), combining it with location information, and using it to both personalize their own services and to sell to advertisers for behavioral marketing. Data brokers are tracking cell phone applications and insurance companies are installing devices to monitor driving habits. At the same time, however, hackers are embedding malicious software in company computers, opening a virtual door for criminals to rifle through an organization’s valuable personal and financial information.
This presentation explores:
•What company data should be tagged as “sensitive” data?
•Who within the company has access to personal data?
•Is the company breaking any privacy laws by storing PII data?
•Is the data secure from both internal and external hackers?
•What happens if there is an external data breech?
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
Today, balancing business opportunity and customer's data protection has become a difficult challenge. As technology, data sources and targeting abilities grow, so does the crucial need to respect user privacy and ensure a good data protection. But with laws, practices and definitions that are constantly evolving around the world, it can all seem a bit confusing.
Not sure where to start? Wondering how you can better align with privacy law? Then this webinar is for you.
The document discusses how to mitigate data risks with web analytics in light of evolving privacy legislation. It outlines that if a business collects and processes personal data, it needs to follow strict privacy laws to avoid fines. It then discusses key topics around privacy for web analytics, including evolving privacy legislation like the General Data Protection Regulation (GDPR), distinguishing between personal data and personally identifiable information (PII), and using methods like the RACI model and privacy impact assessments to classify risks and assign responsibilities for data use. Color coding of green, orange and red is also suggested to classify risk levels associated with different types of customer data processing.
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Delphix
With the California Consumer Privacy Act (CCPA) going into effect in 2020, organizations must comply with a new set of sweeping provisions designed to protect the privacy of consumer data. Organizations inside and outside of the state must assess their exposure to CCPA, then quickly transform how they process, share, and protect sensitive data.
The General Data Protection Regulation (GDPR) comes into force on 25 May 2018. GDPR is a hugely important piece of legislation designed to replace antiquated data protection rules with a new framework which accounts for recent technological advancements.
Fundamentally, GDPR is about protecting people: in this digital age, our world is awash with data and individuals are generating a continuous flow of personal information. This data can hold huge socio-economic value, from individual preference and personalisation, to understanding national health trends and global business insights. But while the digital age has brought forth huge possibilities and benefits, it also carries inherent dangers.
Some of the most powerful companies in the world have established a business model predicated on the basis of data capture. Increasingly, services like email, search and social media have become available free of charge, but this often involves a trade-off where user access comes at the cost of relinquishing control of data. As the value of this information has become clear, there has been growing recognition that a new framework is needed to police this delicate balance and restore ownership and control.
GDPR will significantly raise the bar of obligation and accountability, ensuring that all organisations which handle personal data adhere to strict regulations around privacy, security and consent. This conference will contextualise the changing regulatory landscape, explain the significance of incoming rules, and define the key areas that organisations need to be aware of.
Core conference topics include:
Key legal issues and obligations
Privacy Impact Assessments
Data security and breach notification
Privacy by design
DPO requirements
Practical strategy implementation
In May 2018, the European Union’s General Data Protection Regulation (GDPR) will take effect. Companies that do not comply might be fined 20M or 4% of the annual global turnover whichever is greater. Despite the evident threat, GDPR is also a huge opportunity to rethink how your business works and to turn that threat into an opportunity. GRAKN.AI – a knowledge base – provides all you need to turn the centralized record of users that GDPR is asking companies to create and use it to provide value to your users. Adding them to the knowledge base as well as your content or product opens many new perspectives.
DAMA Webinar: The Data Governance of Personal (PII) DataDATAVERSITY
To do effective data governance, analysts should preview the amount of data their organization is collecting and consider if it is all necessary information to run the business or just “nice to have” data. Today companies are collecting a variety of Personally identifiable information (PII), combining it with location information, and using it to both personalize their own services and to sell to advertisers for behavioral marketing. Data brokers are tracking cell phone applications and insurance companies are installing devices to monitor driving habits. At the same time, however, hackers are embedding malicious software in company computers, opening a virtual door for criminals to rifle through an organization’s valuable personal and financial information.
This presentation explores:
•What company data should be tagged as “sensitive” data?
•Who within the company has access to personal data?
•Is the company breaking any privacy laws by storing PII data?
•Is the data secure from both internal and external hackers?
•What happens if there is an external data breech?
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
Today, balancing business opportunity and customer's data protection has become a difficult challenge. As technology, data sources and targeting abilities grow, so does the crucial need to respect user privacy and ensure a good data protection. But with laws, practices and definitions that are constantly evolving around the world, it can all seem a bit confusing.
Not sure where to start? Wondering how you can better align with privacy law? Then this webinar is for you.
The document discusses how to mitigate data risks with web analytics in light of evolving privacy legislation. It outlines that if a business collects and processes personal data, it needs to follow strict privacy laws to avoid fines. It then discusses key topics around privacy for web analytics, including evolving privacy legislation like the General Data Protection Regulation (GDPR), distinguishing between personal data and personally identifiable information (PII), and using methods like the RACI model and privacy impact assessments to classify risks and assign responsibilities for data use. Color coding of green, orange and red is also suggested to classify risk levels associated with different types of customer data processing.
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Delphix
With the California Consumer Privacy Act (CCPA) going into effect in 2020, organizations must comply with a new set of sweeping provisions designed to protect the privacy of consumer data. Organizations inside and outside of the state must assess their exposure to CCPA, then quickly transform how they process, share, and protect sensitive data.
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
This document provides an overview of the General Data Protection Regulation (GDPR) and how Windows 10 can help organizations comply with it. It begins with background on the GDPR, including its key implications like enhanced privacy rights for EU citizens and mandatory breach reporting. It defines personal and sensitive data under the GDPR. The document then outlines the key steps for an organization's GDPR compliance journey and describes various security and privacy capabilities in Windows 10 that can help with compliance, such as threat protection, identity protection, and information protection features. It concludes by providing Windows 10 resources to help organizations meet GDPR requirements.
The document provides an overview and agenda for a conference on achieving compliance with the General Data Protection Regulation (GDPR). It discusses key aspects of GDPR compliance including identifying personal data, data subject rights, security requirements, international data transfers, and remedies for non-compliance. Various vendors also present on how their products can help organizations meet GDPR requirements through features such as digital consent management and customizable reporting on personal data. An example case study highlights how one company used DocuSign to address challenges around manual processes, GDPR readiness, and security of personal information.
Data privacy awareness is on the rise. Users become more and more concerned with how online service providers collect and protect their personal information. And so should you. Discover how to balance the risks and benefits of collecting data in the age of customer centricity.
The document discusses how Acronis solutions help organizations comply with the GDPR through features that allow for privacy impact assessments, data access governance, secure backup storage, data breach response, and data deletion in accordance with data subject rights like access, rectification, erasure and portability. It outlines how Acronis Backup, Storage, Backup Cloud and Disaster Recovery Service provide control over data location, strong encryption, easy data access and modification, fast recovery, and logging to meet GDPR requirements.
The General Data Protection Regulation and the DAMA DMBOK – Tools you can use for Compliance
Abstract: The General Data Protection Regulation will be the law governing data privacy in Europe in 2018. Surveys show that less than 50% of organisations are aware of the changes within the legislation, and even fewer have any plan for achieving compliance. In this session, Daragh O Brien takes us on a high level overview of the GDPR and how the disciplines of the DMBOK can help compliance.
Notes: DMBOK is an abbreviation for the "Data Management Book of Knowledge" which is published by DAMA International (The Data Management Association)
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...CIO Edge
Learn what the EU Global Data Protection Regulation means for your business – Carrot or Stick its your choice but with fines of €20m or up to 4% of Global Revenue (whichever is the larger) being applied for every data breach and every data mis-use after May 2018 the carrot is the better option.
Are you aware? Are you prepared? Do you comply?
To book a free non sales consultation about GDPR with Ian West contact us enquiry@digitalenterprisefest.com
Guardians of Trust: Building Trust in Data & AnalyticsEryk Budi Pratama
Presented at Absolut Data Event, 17 Dec 2019, at GoWork Kuningan.
Event URL: https://www.eventbrite.com/e/panel-discussion-what-will-you-prepare-with-data-in-2020-tickets-84851546259
My presentation summarized the two of KPMG publication related to Trust in Data & Analytics. The focus of this event was panel discussion.
Ref 1 : https://assets.kpmg/content/dam/kpmg/xx/pdf/2016/10/building-trust-in-analytics.pdf
Ref 2: https://assets.kpmg/content/dam/kpmg/xx/pdf/2018/02/guardians-of-trust.pdf
GDPR From the Trenches - Real-world examples of how companies are approaching...Ardoq
As GDPR enforcement approaches, companies around the world are making changes to their internal processes and systems to ensure they are compliant by May 2018. For many, getting started can be a daunting task, especially at larger organizations.
There’s no one-size-fits-all strategy for GDPR compliance, but there are some steps that every business should take:
1. Document the data and processes that power your organization
2. Assess the realistic compliance risks that you need to protect against
3. Keep your documentation up-to-date to demonstrate continuous compliance.
In this slide deck, you’ll read about a real-world example of a company that has started their compliance project and how they structured it.
A recording of this webinar is available for free here: http://bit.ly/2hMsQmu
INATSUMMIT 2018 - Belgrade April 14th, 2018
How to comply to General Data Protection Regulation and still run a wealthy organization in post-digital economy
The European Union (EU) is implementing GDPR (General Data Protection Regulation) on May 25, 2018. Organizations who offer goods or services to EU residents or monitor the behavior of EU residents must comply, or they may incur significant financial penalties. Are you ready? Time is running out to ensure you comply with the new requirements.
In this webinar presentation, Dean Evans, Satori Consulting to learn what the GDPR requirements mean for your organization, plus get a practical guide to achieving GDPR readiness including how to implement processes to satisfy the privacy rights of individuals. Dean will cover:
=> What is GDPR?
=> Common GDPR misconceptions
=> Key considerations
=> How to develop a plan of action
=> Process owners as data stewards
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...DATUM LLC
In May of 2018 the European Union’s General Data Protection Regulation (GDPR) will go into effect and organizations seeking to be ready by the deadline will need to move quickly. There are a multitude of considerations: policies, marketing programs, systems, operations and the overall information architecture. This session provides a primer on GDPR, the required data management capabilities, and how governance will need to evolve for compliance.
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]TrustArc
Watch the webinar on-demand: https://info.trustarc.com/building-pia-dpia-program-webinar.html
DPIA/PIA guidance, tips for success and case studies from the field.
The GDPR mandates Privacy by Design and requires documented Data Protection Impact Assessments (DPIAs) for high risk processing. How can you build this into a sustainable program across your business? Having a good understanding of what DPIA/PIAs are and how to implement them can be the key to embedding privacy in the heart of your organization as well as achieving GDPR compliance.
Watch this webinar on-demand to:
- Hear PIA best practices
- Review GDPR compliance requirements
- Receive a range of tips and tools to help streamline and embed the process
- Hear how Volvo Financial Services has approached assessments across their organization
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceIDERA Software
You can watch the replay for this Geek Sync webcast in the IDERA Resource Center: http://ow.ly/tLtr50A5b4b
The General Data Protection Regulation (GDPR) is inevitable and goes live in the EU beginning May 25th 2018. It touches all technical and organizational measures as well as the design of internal systems and processes, and affects all companies around the world that have customers in the EU.
Join IDERA and Dr. Sultan Shiffa as he focuses on how data modeling, governance and collaboration help Executives, IT Managers, Architects, DBAs and Developers tackle the key challenges around data protection by design and by default, individual rights to access and erasure, valid consent, data protection roles and accountabilities, data breach notifications, and auditing the records of data processing activities. This session will also explore best practices and examples for how to master those challenges and assess the data protection impact. After this session, you can be prepared to become GDPR compliant ahead of the deadline and beyond.
Dama Ireland slides - Data Trust event 9th June 2016Ken O'Connor
DAMA Ireland held a networking event to discuss establishing a Data Trust or Data Quality Mark. The event provided context on DAMA Ireland as a chapter of DAMA International focused on data management discussions. It then discussed how organizations need facts about the data they depend on, like food labels provide nutrition information. Currently, most assume their data is correct without understanding its quality. The event proposed documenting data as an asset, including definitions, rules, and quality metrics. It suggested a cultural shift is needed for all to understand their role in the data supply chain and raising defects if data is incorrect. Finally, a panel discussed the idea of a Data Trust or Quality Mark to provide transparency into data accuracy.
India'a Proposed Privacy & Personal Data Protection Law Priyanka Aash
This document summarizes key aspects of India's proposed Personal Data Protection Bill, 2019. It discusses the bill's applicability, categories of protected data, data controller obligations, rights of data subjects, provisions around children's data, and penalties. It also outlines rules for data localization and cross-border data transfers, noting sensitive personal data must stay in India unless an exception applies. The bill aims to strengthen data protection for Indian citizens and regulate how their personal information is collected and used.
This document discusses the European Union's General Data Protection Regulation (GDPR) and how the log analysis software Splunk can help organizations comply with GDPR requirements. The GDPR aims to strengthen data protection for all EU citizens and applies to any company processing personal data of EU residents. It introduces fines of up to 4% of annual global turnover for violations. Splunk allows organizations to detect, prevent and investigate data breaches, search and report on personal data processing activities to comply with GDPR provisions, and prove that appropriate technical and organizational security measures are in place.
This document discusses privacy engineering and assurance. It begins by defining key privacy terminology like personally identifiable information and privacy principles. It then discusses elements of an accountable privacy program, including executive oversight, policies and processes, risk assessment, and complaint handling. The document outlines privacy activities across a product life cycle, including privacy impact assessments and risk management. It also discusses assessing privacy maturity and related business processes. Finally, it provides an example use case for conducting a privacy assessment.
Using GDPR to Transform Customer ExperienceMongoDB
Infosys and MongoDB – A strategic relationship
What is GDPR?
Overview of GDPR – Infosys PoV [Key Focus Areas, Own Journey]
Infosys Solution Framework to GDPR
What Organizations are doing to be GDPR Ready and Infosys’ Relevant experience
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
This eBook outlines the role marketers and analysts play in helping their companies:
- Govern all existing web and app technologies
- Collect, store and analyze data properly
- Ensure ethical marketing and analytics practices
Imperative of advanced analytics and ai in leadership excellenceEbuka David Obi
Data has a soul that needs to be learned. Advanced analytics exposes a lot of deeper data insight and gives us the power to predict the next occurrence with better accuracy.
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
This document provides an overview of the General Data Protection Regulation (GDPR) and how Windows 10 can help organizations comply with it. It begins with background on the GDPR, including its key implications like enhanced privacy rights for EU citizens and mandatory breach reporting. It defines personal and sensitive data under the GDPR. The document then outlines the key steps for an organization's GDPR compliance journey and describes various security and privacy capabilities in Windows 10 that can help with compliance, such as threat protection, identity protection, and information protection features. It concludes by providing Windows 10 resources to help organizations meet GDPR requirements.
The document provides an overview and agenda for a conference on achieving compliance with the General Data Protection Regulation (GDPR). It discusses key aspects of GDPR compliance including identifying personal data, data subject rights, security requirements, international data transfers, and remedies for non-compliance. Various vendors also present on how their products can help organizations meet GDPR requirements through features such as digital consent management and customizable reporting on personal data. An example case study highlights how one company used DocuSign to address challenges around manual processes, GDPR readiness, and security of personal information.
Data privacy awareness is on the rise. Users become more and more concerned with how online service providers collect and protect their personal information. And so should you. Discover how to balance the risks and benefits of collecting data in the age of customer centricity.
The document discusses how Acronis solutions help organizations comply with the GDPR through features that allow for privacy impact assessments, data access governance, secure backup storage, data breach response, and data deletion in accordance with data subject rights like access, rectification, erasure and portability. It outlines how Acronis Backup, Storage, Backup Cloud and Disaster Recovery Service provide control over data location, strong encryption, easy data access and modification, fast recovery, and logging to meet GDPR requirements.
The General Data Protection Regulation and the DAMA DMBOK – Tools you can use for Compliance
Abstract: The General Data Protection Regulation will be the law governing data privacy in Europe in 2018. Surveys show that less than 50% of organisations are aware of the changes within the legislation, and even fewer have any plan for achieving compliance. In this session, Daragh O Brien takes us on a high level overview of the GDPR and how the disciplines of the DMBOK can help compliance.
Notes: DMBOK is an abbreviation for the "Data Management Book of Knowledge" which is published by DAMA International (The Data Management Association)
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...CIO Edge
Learn what the EU Global Data Protection Regulation means for your business – Carrot or Stick its your choice but with fines of €20m or up to 4% of Global Revenue (whichever is the larger) being applied for every data breach and every data mis-use after May 2018 the carrot is the better option.
Are you aware? Are you prepared? Do you comply?
To book a free non sales consultation about GDPR with Ian West contact us enquiry@digitalenterprisefest.com
Guardians of Trust: Building Trust in Data & AnalyticsEryk Budi Pratama
Presented at Absolut Data Event, 17 Dec 2019, at GoWork Kuningan.
Event URL: https://www.eventbrite.com/e/panel-discussion-what-will-you-prepare-with-data-in-2020-tickets-84851546259
My presentation summarized the two of KPMG publication related to Trust in Data & Analytics. The focus of this event was panel discussion.
Ref 1 : https://assets.kpmg/content/dam/kpmg/xx/pdf/2016/10/building-trust-in-analytics.pdf
Ref 2: https://assets.kpmg/content/dam/kpmg/xx/pdf/2018/02/guardians-of-trust.pdf
GDPR From the Trenches - Real-world examples of how companies are approaching...Ardoq
As GDPR enforcement approaches, companies around the world are making changes to their internal processes and systems to ensure they are compliant by May 2018. For many, getting started can be a daunting task, especially at larger organizations.
There’s no one-size-fits-all strategy for GDPR compliance, but there are some steps that every business should take:
1. Document the data and processes that power your organization
2. Assess the realistic compliance risks that you need to protect against
3. Keep your documentation up-to-date to demonstrate continuous compliance.
In this slide deck, you’ll read about a real-world example of a company that has started their compliance project and how they structured it.
A recording of this webinar is available for free here: http://bit.ly/2hMsQmu
INATSUMMIT 2018 - Belgrade April 14th, 2018
How to comply to General Data Protection Regulation and still run a wealthy organization in post-digital economy
The European Union (EU) is implementing GDPR (General Data Protection Regulation) on May 25, 2018. Organizations who offer goods or services to EU residents or monitor the behavior of EU residents must comply, or they may incur significant financial penalties. Are you ready? Time is running out to ensure you comply with the new requirements.
In this webinar presentation, Dean Evans, Satori Consulting to learn what the GDPR requirements mean for your organization, plus get a practical guide to achieving GDPR readiness including how to implement processes to satisfy the privacy rights of individuals. Dean will cover:
=> What is GDPR?
=> Common GDPR misconceptions
=> Key considerations
=> How to develop a plan of action
=> Process owners as data stewards
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...DATUM LLC
In May of 2018 the European Union’s General Data Protection Regulation (GDPR) will go into effect and organizations seeking to be ready by the deadline will need to move quickly. There are a multitude of considerations: policies, marketing programs, systems, operations and the overall information architecture. This session provides a primer on GDPR, the required data management capabilities, and how governance will need to evolve for compliance.
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]TrustArc
Watch the webinar on-demand: https://info.trustarc.com/building-pia-dpia-program-webinar.html
DPIA/PIA guidance, tips for success and case studies from the field.
The GDPR mandates Privacy by Design and requires documented Data Protection Impact Assessments (DPIAs) for high risk processing. How can you build this into a sustainable program across your business? Having a good understanding of what DPIA/PIAs are and how to implement them can be the key to embedding privacy in the heart of your organization as well as achieving GDPR compliance.
Watch this webinar on-demand to:
- Hear PIA best practices
- Review GDPR compliance requirements
- Receive a range of tips and tools to help streamline and embed the process
- Hear how Volvo Financial Services has approached assessments across their organization
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceIDERA Software
You can watch the replay for this Geek Sync webcast in the IDERA Resource Center: http://ow.ly/tLtr50A5b4b
The General Data Protection Regulation (GDPR) is inevitable and goes live in the EU beginning May 25th 2018. It touches all technical and organizational measures as well as the design of internal systems and processes, and affects all companies around the world that have customers in the EU.
Join IDERA and Dr. Sultan Shiffa as he focuses on how data modeling, governance and collaboration help Executives, IT Managers, Architects, DBAs and Developers tackle the key challenges around data protection by design and by default, individual rights to access and erasure, valid consent, data protection roles and accountabilities, data breach notifications, and auditing the records of data processing activities. This session will also explore best practices and examples for how to master those challenges and assess the data protection impact. After this session, you can be prepared to become GDPR compliant ahead of the deadline and beyond.
Dama Ireland slides - Data Trust event 9th June 2016Ken O'Connor
DAMA Ireland held a networking event to discuss establishing a Data Trust or Data Quality Mark. The event provided context on DAMA Ireland as a chapter of DAMA International focused on data management discussions. It then discussed how organizations need facts about the data they depend on, like food labels provide nutrition information. Currently, most assume their data is correct without understanding its quality. The event proposed documenting data as an asset, including definitions, rules, and quality metrics. It suggested a cultural shift is needed for all to understand their role in the data supply chain and raising defects if data is incorrect. Finally, a panel discussed the idea of a Data Trust or Quality Mark to provide transparency into data accuracy.
India'a Proposed Privacy & Personal Data Protection Law Priyanka Aash
This document summarizes key aspects of India's proposed Personal Data Protection Bill, 2019. It discusses the bill's applicability, categories of protected data, data controller obligations, rights of data subjects, provisions around children's data, and penalties. It also outlines rules for data localization and cross-border data transfers, noting sensitive personal data must stay in India unless an exception applies. The bill aims to strengthen data protection for Indian citizens and regulate how their personal information is collected and used.
This document discusses the European Union's General Data Protection Regulation (GDPR) and how the log analysis software Splunk can help organizations comply with GDPR requirements. The GDPR aims to strengthen data protection for all EU citizens and applies to any company processing personal data of EU residents. It introduces fines of up to 4% of annual global turnover for violations. Splunk allows organizations to detect, prevent and investigate data breaches, search and report on personal data processing activities to comply with GDPR provisions, and prove that appropriate technical and organizational security measures are in place.
This document discusses privacy engineering and assurance. It begins by defining key privacy terminology like personally identifiable information and privacy principles. It then discusses elements of an accountable privacy program, including executive oversight, policies and processes, risk assessment, and complaint handling. The document outlines privacy activities across a product life cycle, including privacy impact assessments and risk management. It also discusses assessing privacy maturity and related business processes. Finally, it provides an example use case for conducting a privacy assessment.
Using GDPR to Transform Customer ExperienceMongoDB
Infosys and MongoDB – A strategic relationship
What is GDPR?
Overview of GDPR – Infosys PoV [Key Focus Areas, Own Journey]
Infosys Solution Framework to GDPR
What Organizations are doing to be GDPR Ready and Infosys’ Relevant experience
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
This eBook outlines the role marketers and analysts play in helping their companies:
- Govern all existing web and app technologies
- Collect, store and analyze data properly
- Ensure ethical marketing and analytics practices
Imperative of advanced analytics and ai in leadership excellenceEbuka David Obi
Data has a soul that needs to be learned. Advanced analytics exposes a lot of deeper data insight and gives us the power to predict the next occurrence with better accuracy.
Date: 15th November 2017
Location: AI Lab Theatre
Time: 16:30 - 17:00
Speaker: Elisabeth Olafsdottir / Santiago Castro
Organisation: Microsoft / Keyrus
Data- and database security & GDPR: end-to-end offerCapgemini
This document discusses Capgemini and Sogeti's end-to-end offering for database security and GDPR compliance. It outlines a four-phase approach including a GDPR readiness assessment, roadmap development, privacy impact assessment, and implementing database security solutions. Each phase has defined activities, timelines, and results to help organizations assess their GDPR compliance and secure databases containing personal data. The offering is designed to help organizations address new accountability and security requirements under the upcoming GDPR regulation.
This document discusses compliant digital marketing practices under GDPR regulations. It covers topics like lawful bases for processing personal data, obtaining consent, use of cookies, and the importance of user experience design. The presentation emphasizes the need for transparency, accountability, and putting privacy at the core of marketing systems and processes. It acknowledges that while compliance can be complex, the regulations should not prevent effective marketing. The future of e-Privacy regulations is also addressed.
Big Data is the lastest cashcow. Data Analytics has now a crucial role for industries. This article describes as to what is Big Data and Analytics and how a Chartered Accountant will be able to provide value in this field.
The document discusses organizations' experiences with GDPR compliance after the May 2018 deadline. It finds that many organizations are still dealing with residual risks and have uncovered more personal data than expected during their discovery processes. Specifically, organizations have struggled to fully comply with data deletion requests due to data being spread across systems without full lineage. The document advocates that organizations view GDPR not just as a compliance burden but as an opportunity to improve data governance, build customer trust, and enable digital expansion.
This document discusses data ethics and provides 5 key principles of data ethics for business professionals:
1) Ownership - individuals own their personal data and must provide consent for it to be collected
2) Transparency - individuals have a right to know how their data will be collected, stored, and used
3) Privacy - personal data must be securely stored and protected from unauthorized access
4) Intention - the intention behind collecting data must be considered to avoid potential harm
5) Outcomes - while intentions may be good, data analysis could inadvertently cause disparate impacts
Upholding data ethics helps businesses earn customer trust, which is essential to their success. Failure to do so can damage reputations and result
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCapgemini
This document discusses cybersecurity challenges and trends for organizations, and recommends outsourcing security operations to a managed security operations center (SOC) provided by Capgemini. Key points include:
- Many organizations lack strong data privacy/security frameworks and skills to manage growing cyber risks.
- Threats are becoming more sophisticated from hackers, crime and intelligence agencies while regulatory pressures like GDPR are increasing.
- Capgemini offers managed SOC services that can be fully dedicated or multi-tenant, providing security protections, compliance, and response capabilities.
- Their services help address concerns of chief information security officers while aligning with privacy principles of understanding data flows and implementing appropriate controls.
Big Data Analytics in light of Financial Industry Capgemini
Big data and analytics have the potential to transform economies and competition by delivering new productivity growth. Effective use of big data can increase operating margins over 60% for retailers and save $300 billion in US healthcare and $250 billion in European public sector. Companies that improve decision making through big data have seen a 26% performance improvement over 3 years on average. Emerging technologies like self-driving cars will rely heavily on analyzing vast amounts of real-time sensor data.
ISC2 Privacy-Preserving Analytics and Secure Multiparty ComputationUlfMattsson7
Use Cases in Machine learning (ML)
Secure Multi-Party Computation (SMPC)
Homomorphic encryption (HE)
Differential Privacy (DP) and K-Anonymity
Pseudonymization and Anonymization
Synthetic Data
Zero trust architecture (ZTA)
Zero-knowledge proofs (ZKP)
Private Set Intersection (PSI)
Trusted execution environments (TEE)
Post-Quantum Cryptography
Regulations and Standards in Data Privacy
This document discusses how life insurance companies can leverage big data analytics across their value chain. It begins by explaining how data sources have expanded dramatically in recent years due to factors like the growth of digital devices and the internet of things. It then outlines how big data can be used in various parts of the insurance lifecycle from product development to claims processing. The document presents a four stage framework for life insurers to adopt big data analytics and provides examples of how some companies have realized benefits. It concludes by noting that while insurers recognize big data's potential, many challenges remain in analyzing diverse and voluminous unstructured data.
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 6
• The role of the data protection officer (DPO).
• What constitutes personal data.
• Accountability, the privacy compliance framework and a personal information management system (PIMS).
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
The document discusses the rise of data ethics and security. It begins with an introduction of the speaker and their background. It then covers various topics related to data ethics including the data lifecycle, implementation of data ethics through vision, strategy, governance and more. Big data security is also discussed as it relates to data governance, challenges, and approaches to building a security program. Regulatory requirements and their impact on data scientists is covered as it relates to privacy. Techniques for privacy control like data masking and tokenization in ETL processes are presented.
Impact of GDPR on Third Party and M&A SecurityEQS Group
GDPR impact has been dissected and examined to death - however, M&A activities, as well as third-party security posture, can be greatly affected as well, and this aspect has not been very often pursued. This session hopes to be useful for that.
This document summarizes a presentation about the EU's General Data Protection Regulation (GDPR) given 58 days before the May 25, 2018 enforcement date. The presentation covers the GDPR landscape and compliance requirements, how to start a compliance project, and key risks to mitigate before the deadline. It emphasizes that GDPR compliance requires a cultural change and demonstrates protection of the six data processing principles and eight data subject rights. The presenter urges starting compliance assessments and plans immediately given the extensive work required to be fully prepared by the deadline.
My keynote speech at the ISACA IIA Belgium software watch day in October 2014 in Brussels on the value of big data and data analytics for auditors and other assurance professionals
PrivacyOps is a new organizational model that automates and unifies privacy and access operations across functional areas, such as marketing, sales, service, finance, and HR. PrivacyOps utilizes the Privacy by Design framework in order to align an organization’s resources and processes, and to deliver privacy compliance while freeing up resources to focus on their key business objectives and increasing customer trust.
When applied effectively, PrivacyOps can lead to dramatically improved critical business metrics, including conversion rates, referrals, customer retention, and revenues.
PrivacyOps
Framework
Privacy and Access: operations are an increasingly important functional area in organizations and businesses that process personal data governed by privacy laws, such as GDPR, HIPAA, PIPEDA, and DPA.
Similar to Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr (20)
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...Sangyun Lee
Presentation slides for a session held on June 4, 2024, at Kyoto University. This presentation is based on the presenter’s recent paper, coauthored with Hwang Lee, Professor, Korea University, with the same title, published in the Journal of Business Administration & Law, Volume 34, No. 2 (April 2024). The paper, written in Korean, is available at <https://shorturl.at/GCWcI>.
What are the common challenges faced by women lawyers working in the legal pr...lawyersonia
The legal profession, which has historically been male-dominated, has experienced a significant increase in the number of women entering the field over the past few decades. Despite this progress, women lawyers continue to encounter various challenges as they strive for top positions.
Receivership and liquidation Accounts
Being a Paper Presented at Business Recovery and Insolvency Practitioners Association of Nigeria (BRIPAN) on Friday, August 18, 2023.
Business law for the students of undergraduate level. The presentation contains the summary of all the chapters under the syllabus of State University, Contract Act, Sale of Goods Act, Negotiable Instrument Act, Partnership Act, Limited Liability Act, Consumer Protection Act.
Lifting the Corporate Veil. Power Point Presentationseri bangash
"Lifting the Corporate Veil" is a legal concept that refers to the judicial act of disregarding the separate legal personality of a corporation or limited liability company (LLC). Normally, a corporation is considered a legal entity separate from its shareholders or members, meaning that the personal assets of shareholders or members are protected from the liabilities of the corporation. However, there are certain situations where courts may decide to "pierce" or "lift" the corporate veil, holding shareholders or members personally liable for the debts or actions of the corporation.
Here are some common scenarios in which courts might lift the corporate veil:
Fraud or Illegality: If shareholders or members use the corporate structure to perpetrate fraud, evade legal obligations, or engage in illegal activities, courts may disregard the corporate entity and hold those individuals personally liable.
Undercapitalization: If a corporation is formed with insufficient capital to conduct its intended business and meet its foreseeable liabilities, and this lack of capitalization results in harm to creditors or other parties, courts may lift the corporate veil to hold shareholders or members liable.
Failure to Observe Corporate Formalities: Corporations and LLCs are required to observe certain formalities, such as holding regular meetings, maintaining separate financial records, and avoiding commingling of personal and corporate assets. If these formalities are not observed and the corporate structure is used as a mere façade, courts may disregard the corporate entity.
Alter Ego: If there is such a unity of interest and ownership between the corporation and its shareholders or members that the separate personalities of the corporation and the individuals no longer exist, courts may treat the corporation as the alter ego of its owners and hold them personally liable.
Group Enterprises: In some cases, where multiple corporations are closely related or form part of a single economic unit, courts may pierce the corporate veil to achieve equity, particularly if one corporation's actions harm creditors or other stakeholders and the corporate structure is being used to shield culpable parties from liability.
सुप्रीम कोर्ट ने यह भी माना था कि मजिस्ट्रेट का यह कर्तव्य है कि वह सुनिश्चित करे कि अधिकारी पीएमएलए के तहत निर्धारित प्रक्रिया के साथ-साथ संवैधानिक सुरक्षा उपायों का भी उचित रूप से पालन करें।
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence LawyersHarpreetSaini48
Discover how Mississauga criminal defence lawyers defend clients facing weapon offence charges with expert legal guidance and courtroom representation.
To know more visit: https://www.saini-law.com/
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordinary And Special Businesses And Ordinary And Special Resolutions with Companies (Postal Ballot) Regulations, 2018
Matthew Professional CV experienced Government LiaisonMattGardner52
As an experienced Government Liaison, I have demonstrated expertise in Corporate Governance. My skill set includes senior-level management in Contract Management, Legal Support, and Diplomatic Relations. I have also gained proficiency as a Corporate Liaison, utilizing my strong background in accounting, finance, and legal, with a Bachelor's degree (B.A.) from California State University. My Administrative Skills further strengthen my ability to contribute to the growth and success of any organization.
The Future of Criminal Defense Lawyer in India.pdfveteranlegal
https://veteranlegal.in/defense-lawyer-in-india/ | Criminal defense Lawyer in India has always been a vital aspect of the country's legal system. As defenders of justice, criminal Defense Lawyer play a critical role in ensuring that individuals accused of crimes receive a fair trial and that their constitutional rights are protected. As India evolves socially, economically, and technologically, the role and future of criminal Defense Lawyer are also undergoing significant changes. This comprehensive blog explores the current landscape, challenges, technological advancements, and prospects for criminal Defense Lawyer in India.
Genocide in International Criminal Law.pptxMasoudZamani13
Excited to share insights from my recent presentation on genocide! 💡 In light of ongoing debates, it's crucial to delve into the nuances of this grave crime.
2. CEO/Founder, (LL.M., M.Sc., CIPP/E)
AIPPI, National Expert Copyright Law
2006 Degrees in Law & Business
2006 Nokia Corp., Trainee
2007 Chalmers Invest, Legal Counsel
2009 District Court Gothenburg, Junior Judge
2010 Baker McKenzie, Stockholm & London, Advokat
2014 Synch, Advokat/Head of Business Development
2015 Sharp Cookie Advisors, CEO/Founder
Sofia Edvardsen
• Business law firm
• Focus on tech and growth in the digital market
• Our clients are tech leaders
• We help our clients to prioritise
• Expert in IT, AI, Data Protection, transactions, SaaS
• Legal Counsel as a Service
Background & Profile
6. Build solutions that are continuously
“approved” by an innovation task force
consisting of Sales, Marketing, Finance, Legal, IT.
Bots are a powerful service
tool spanning over numerous
building blocks.
Legal key
issues.
Adopt ethical principles for AI
development it is not only best practice, it is
good business (and the best way to stay on
the right side).
Databases
Software Development
Data Science & Business Intelligence
Commercial Offer
Marketing
Data Protection
Cloud Services
7. 1. Focus on the value add for the individual
2. Adopt an ethical approach to AI
3. Document the AI development properly
4. Evaluate the technical environment for your BOT
5. Design transparent, easy to understand terms
6. Monitor, evaluate and improve continuously
Cheat sheet
8. - Legal basis for processing the data
- Consent
- Agreement
- Legitimate interest
- Purpose Limitation and Second Use
- BRIS
- Counselling services to children, adults, families
- Information services to the public
1. Focus on the value add to the individual
9. GDPR on
Fairness.
Effects
- How big data is used is an important
factor in assessing fairness of the use
of the personal data for new purpose
of big data analytics.
- Targeted ads can be relevant or
profiled in a way that perpetuates
discrimination.
- The GDPR does not prevent
automated decision making or
profiling, but it does give individuals a
qualified right not to be subject to
purely automated decision making.
Fairness
- Some type of big data analytics, e.g.
profiling, can have intrusive effects
on individuals.
- Organisations need to consider
whether the use of personal data in
big data applications is within people’s
reasonable expectations.
- The complexity of the methods of big
data analysis, such as machine
learning, can make it difficult for
organisations to be transparent
about the processing of personal data.
Expectations
- Consider whether people could
reasonably expect their data to be
used in the ways that big data
analytics facilitates.
- Deciding what is a reasonable
expectation is linked to the issue of
transparency and the use of privacy
notices, and also to the principle of
purpose limitation, ie whether any
further use of the data is incompatible
with the purpose for which it was
obtained.
10. Data
minimisation.
Accuracy
- There are implications regarding the
accuracy of personal data at all stages
of a big data project: collection,
analysis and application.
- Results of data analysis may not be
representative of the population as a
whole.
- Hidden biases in datasets can lead to
inaccurate predictions about
individuals.
In brief
- Big data analytics can result in the
collection of personal data that is
excessive for the processing purpose.
- Organisations may be encouraged to
retain personal data for longer than
necessary because big data
applications are capable of analysing
large volumes of data.
Right to be forgotten (Art. 17)
- Data subjects will have the right for
their data to be erased in several
situations.
- Applicable where the data is no
longer necessary for the purpose for
which it was collected, or where it is
processed on the basis of consent and
the data subject withdraws that
consent.
11. 2. Adopt an ethical approach to AI
• the use of algorithms
• the opacity of the processing
• the tendency to collect “all data”
• the repurposing of data, and
• the use of new types of data
Some distinctive aspects of Business Intelligence and Big Data are:
Provided data - consciously given
Observed data - recorded automatically
*Derived data - produced data, e.g. calculations, grading
*Inferred data - correlations between datasets based on probabilities,
e.g. profiling
*High risk processing, take extra care and seek expert advice
12. Privacy Impact
Assessments &
Ethics.
Ethical approaches
- An ethical approach to the processing
of personal data in a big data context is
a very important compliance tool.
- Ethics boards at organisational and
national level can help to assess issues
and ensure the application of ethical
principles.
- Ethical approaches to the use of
personal data can help to build trust
with individuals and enhance brand
value.
In brief
- A privacy impact assessment is an
important tool that can help to
identify and mitigate privacy risks
before the processing of personal
data.
- Under the GDPR, it is highly likely that
doing a privacy impact assessment –
known as a ‘data protection impact
assessment’ – will be a requirement
for big data analytics involving the
processing of personal data.
“ Industry specific risks are
the use of inferred data and
predictive analytics.”
Private Sector
- IBM has published an ethical
framework for big data analytics (2014)
- Vodafone publishes a set of privacy
commitments (2015)
- International developments. In the
USA, the Alliance of Automobile
Manufacturers and the Global
Alliance of Automakers has produced
a set of privacy principles for the
consumer data derived from new
vehicle technologies (2014).
13. - Legal basis for processing the data
- Consent
- Agreement
- Legitimate interest
- Purpose Limitation and Second Use
- BRIS
- Instructions to developer
- Data Protection Programme
3. Document the AI development properly
14. Is Personal Data
actually required?
Use anonymised
data.
Be transparent.
Provide meaning-
ful privacy notices.
Is this processing
fair?
Do a Privacy Impact
Assessment.
Could we design
this more secure?
Adopt a privacy by
design approach.
Is this in line with
our ethical
principles?
Develop your
principles or ethics
board.
Is this algorithm
auditable?
Document the
rationale and audit
it regularly.
Key recommendations.
15. - Your own website or application?
- Security
- Consent or alternatives
- A partner’s website, messenger platform or app?
- Security
- Within the EU?
- Detailed instructions and requirements on data
- BRIS
- Simple BOT on Facebook Messenger and Kik
- Advanced BOT on own website
4. Evaluate the technical environment for your BOT
16. - The Legal Documents
- Terms and Conditions
- Privacy Policy
- Cookie Policy
- Emerging Best Practice
- Just in time notices
- Layered notices
- Highlights
- Full Terms
- FAQ
- Swedish or English
- A partner’s website, messenger platform or app?
- Detailed instructions and requirements
5. Design transparent, easy to understand terms
17. Conditions for
processing of
personal data.
Legitimate interest (Art. 6(1)(f)
- Processing is necessary for the
purposes of the legitimate interests
pursued by the controller or by a
third party, except if contrary to the
freedom of the data subject.
- The processing is not necessary if
there is another way of meeting the
legitimate interest that interferes less
with people’s privacy.
In brief
- Obtaining meaningful consent is
often difficult in a big data context, but
novel and innovative approaches can
help.
- Relying on the legitimate interests
condition is not a ‘soft option’. Big data
organisations must always balance
their own interests against those of
the individuals concerned.
- It may be difficult to show that big
data analytics are strictly necessary for
the performance of a contract.
Consent (Art. 6.(1)(a) + Art. 7)
- The opaque nature of analysis using
AI techniques can make it difficult for
meaningful consent to be provided.
- New alternative of ‘just in time’
notifications, yes/no at the time of
the offer through the relationship.
- If an organisation buys data sets, it
need to ascertain that the original
consent obtain by the supplier covers
the further use of the data.
- May be need to provide a new
privacy notice or seek further
consent.
18. - Monitor
- Evalute
- Improve
- BRIS
- Data Protection Programme with the Board’s support
- Embedded into the culture of BRIS
- Data Protection Officer
6. Monitor, evaluate and improve continuously
19. Compliant
approach
No Personal Data
Often, big data analytics will not require
the use of data that identifies individuals.
Algorithmic transparency
- Auditing techniques can be used to
identify the factors that
influence an algorithmic decision.
- Interactive visualisation systems can help
individuals to understand why a
recommendation was made and give
them control over future
recommendations.
Anonymisation - discovery phase
Anonymised data that do not identify an
individual is no longer personal data.
The anonymisation ‘keys’ and other
relevant data that enable identification
should not be kept by the organisation.
Data masking, aggregation,
pseudonymisation.
Ethics Boards
Can help shape and improve the
transparency of the development of
machine learning algorithms.
The Board should develop ethical values
for assuring assessment and evaluation of
big data analytics. E.g. Google’s AI Ethics
Board for Deep Mind (2014).
“Bottom up” approach
Begin with the data itself, experimenting
with what is available to see the
correlations it reveals. Do this with
anonymous data first.
20. 1. Focus on the value add for the individual
2. Adopt an ethical approach to AI
3. Document the AI development properly
4. Evaluate the technical environment for your BOT
5. Design transparent, easy to understand terms
6. Monitor, evaluate and improve continuously
Take aways