Digital personal data protection act, 2023.pptxDineshPrasad64
Digital personal data protection act, 2023 passed by the parliament and shall be enforced as soon as central government publish rules in the official gazette. It apply to the processing of digital personal data within the territory of India where the personal data is collected–(i) in digital form; or (ii) in non-digital form and digitised subsequently.
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
Digital personal data protection act, 2023.pptxDineshPrasad64
Digital personal data protection act, 2023 passed by the parliament and shall be enforced as soon as central government publish rules in the official gazette. It apply to the processing of digital personal data within the territory of India where the personal data is collected–(i) in digital form; or (ii) in non-digital form and digitised subsequently.
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
Privacy right under it act, 2000 and under other lawNitya Nand Pandey
After coming the computer age our privacy is not so secure. We are bening followed and traced if we are using multimedia mobile with internet connection. What are the remedies against this, this Notes reply.
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
Right to Privacy and its Legal Framework, The Concept of Privacy, National Legal
Framework for Protecting Privacy, International Legal Framework for Protecting Privacy, Privacy Related Wrongs and Remedies, Data Security, The Concept of Security in Cyberspace, Technological Vulnerabilities, Legal Response to Technological
Vulnerabilities, Security Audit (VA/PT), Data Protection, Data Protection Position in
India, Privacy Policy, Emerging Issues in Data Protection and Privacy, BPOs and
Legal Regime in India, Protect Kids' Privacy Online, Evolving Trends in Data Protection and Information Security
Presented at: 2nd Annual Gulf Cooperation Council e-Participation & e-Governance Forum – Organised by: Abu Dhabi University Knowledge Group and UAE Telecommunications Regulatory Authority.
9 – 11 September 2013 | Dusit Thani Hotel | Abu Dhabi | UAE.
Data Decoded: Understanding India's Draft Data Protection BillAntaraa Vasudev
India's draft Data Protection Bill has been drafted by a committee of experts, before it becomes a law, you can share your inputs on the Bill.
Better understand the Bill through this presentation and share your feedback before 30th September on the MEITY website or www.civis.vote.
Privacy right under it act, 2000 and under other lawNitya Nand Pandey
After coming the computer age our privacy is not so secure. We are bening followed and traced if we are using multimedia mobile with internet connection. What are the remedies against this, this Notes reply.
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
Right to Privacy and its Legal Framework, The Concept of Privacy, National Legal
Framework for Protecting Privacy, International Legal Framework for Protecting Privacy, Privacy Related Wrongs and Remedies, Data Security, The Concept of Security in Cyberspace, Technological Vulnerabilities, Legal Response to Technological
Vulnerabilities, Security Audit (VA/PT), Data Protection, Data Protection Position in
India, Privacy Policy, Emerging Issues in Data Protection and Privacy, BPOs and
Legal Regime in India, Protect Kids' Privacy Online, Evolving Trends in Data Protection and Information Security
Presented at: 2nd Annual Gulf Cooperation Council e-Participation & e-Governance Forum – Organised by: Abu Dhabi University Knowledge Group and UAE Telecommunications Regulatory Authority.
9 – 11 September 2013 | Dusit Thani Hotel | Abu Dhabi | UAE.
Data Decoded: Understanding India's Draft Data Protection BillAntaraa Vasudev
India's draft Data Protection Bill has been drafted by a committee of experts, before it becomes a law, you can share your inputs on the Bill.
Better understand the Bill through this presentation and share your feedback before 30th September on the MEITY website or www.civis.vote.
On 25 May 2018 the new General Data Protection Regulation (GDPR) will come into force, replacing all existing data protection regulations.
Payroll bureaus process large amounts of personal data in relation to their customers, their customers’ employees, and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
BrightPay hosted a free CPD accredited webinar alongside Bright Contracts where we discussed everything that accountants, bookkeepers and payroll bureaus need to know about GDPR.
For more information visit https://www.brightpay.co.uk
Talk by Polina Zvyagina, Airbnb (San Francisco), at Stanford Engineering on February 25 2019, Session #6: 'Growing ‘Bitcoin Cities’ Across the Globe from Slovenia || GDPR Compliance Case Study || EU Digital Economy Policy'.
Website: http://www.StanfordEuropreneurs.org
YouTube Channel: https://www.youtube.com/user/StanfordEuropreneurs
Twitter: @Europreneurs
General Data Protection Regulation (GDPR) tidal wave that has hit, are you ready? Is your organization prepared for the extensive privacy requirements GDPR puts forth for any organization handling EU Data Subjects' personal Data? At this point, organizations must have a complete inventory of personal data and have conducted a DPIA against it. A handful of supervisory authorities have issued compliance guidelines, but your organizations must be able to assess compliance with this ambiguous regulation at any time.
Many aspects of GDPR define the distinction between a data collector and a data processor, their respective responsibilities and compliance requirements. Those responsibilities will have an effect on the contracts you negotiate with third parties, the way in which you evaluate the risks involved with establishing a business relationship and the policies you develop to maintain compliance to the regulations.
Join this webinar to learn:
*More information about GDPR and what the industry is experiencing to date
*What minimum requirements you should have had in place by May 25, 2018
*What you should plan to do for the next 12-18 months if you are not completely ready
*What the SEC Privacy Shield program is and why you should self-certify
*How to continuously monitor vendor risk KPIs
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...Harrison Clark Rickerbys
Slideshow from GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Directors, IT Directors & Ops Directors, on 7th March 2018 at Hilton Puckrup Hall
This Presentation explains what GDPR is and the impact it'll have for Companies who process data of EU Citizens.
This Guide explains the principles of GDPR, Consent, User Rights and also explains how to implement GDPR in your organization.
Originally appeared at
http://backlinkme.net/definitive-guide-for-general-data-protection-regulation-gdpr-compliance/
Data Privacy and Data Protection: Rotary’s Compliance with GDPRRotary International
As stewards of personal data for more than 1.2 million Rotarians and friends of Rotary worldwide, Rotary takes data privacy and protection seriously. To ensure compliance with the European Union's new privacy law, the General Data Protection Regulation (GDPR), we will apply these standards globally. Find out more about these efforts and how they affect data privacy and protection for Rotary.
Following the GDPR, the CCPA quickly presented additional and different requirements that organizations must include in their privacy programs if they are subject to the regulation. With more disclosures surrounding personal information required, privacy is not limited to a designated office - stakeholders from various departments must be aware of and take ownership of activities within their functional realms.
Now, more than ever, we are seeing a blend of the privacy and security roles, and it is not uncommon to see Chief Information Security Officers (CISOs) heavily involved in privacy risk activities. Whether it’s taking data inventory and assessing risk to having a rock solid data breach response plan in place, CISOs provide the security component that is critical for a successful CCPA compliance plan.
-The CISOs role in CCPA compliance
-Potential risks to the security and privacy of sensitive information
-Mapping CCPA requirements to security processes and procedures
California Consumer Privacy Act and the Role of IAMWSO2
This deck explores the basics of the CCPA including what CCPA is, how enterprises can prepare for it, a comparison with GDPR, and how IAM can help with CCPA and other privacy regulations.
Watch the On-Demand Webinar here - https://wso2.com/library/webinars/2019/04/california-consumer-privacy-act-and-the-role-of-iam/
GDPR clinic - A strategic approach for compliance with the European General Data Protection regulation
Paolo Balboni Ph.D. - Founding Partner at ICT Legal Consulting & President of the European Privacy Association
Nicola Franchetto LL.M. - Associate at ICT Legal Consulting &
Fellow of the European Privacy Association
For more information visit https://www.thesaurus.ie or https://www.brightpay.ie
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Payroll bureaus process large amounts of personal data, not least in relation to their customers, their customers’ employees, and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this CPD accredited webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How it will impact payroll bureaus
How to prepare for GDPR
How we are working to help you
Similar to WB-2022-01-25-India Data Protection Bill (20)
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc
In today's digital world, trust is key to customer relationships, but keeping it is a huge challenge. Customers are well-informed and empowered, quick to change brands if their trust is broken, even if it costs them more. This puts a lot of pressure on organizations to handle trust and safety issues with great care and transparency.
The challenge, however, is real. Fragmented solutions have left privacy, legal, and security teams in a perpetual cycle of catch-up, struggling to update privacy notices, manage customer data rights, and answer lengthy security questionnaires—all while trying to prove ROI to the business. It's a thankless job, filled with repetition, tedious tasks, and constant interdepartmental coordination. Combine this with fast regulatory changes and the quick evolution of AI, and it becomes overwhelming.
Join this webinar to learn more about TrustArc's new innovative solution Trust Center, the only unified, no-code online hub for trust and safety information built for privacy, security, compliance, and legal teams. Trust Center streamlines your path to compliance, shortens the pre-sales cycle, and reduces both legal and regulatory risks, saving time, effort, and cost.
This webinar will review:
- Why companies are building unified Trust Centers for a robust privacy program.
- How unified Trust Centers streamline sales cycles, ensure regulatory compliance, and reduce operational bottlenecks.
- How compliance, legal, security, GRC, and privacy teams benefit from a unified Trust Center in terms of needs, pains, and outcomes.
- How TrustArc Trust Center saves time and work while reducing legal, reputational, and compliance risk by effectively managing policies, notices, terms, and disclosures, and providing real-time updates on subprocessors.
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data.
Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery.
You'll learn how to:
- Effortlessly maintain a comprehensive, up-to-date data inventory
- Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning
- Simplify compliance by leveraging Privya's integration with TrustArc
- Implement proven strategies to mitigate third-party risks
Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly.
How will data privacy evolve in the US in 2024? How to stay compliant?
Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements.
This webinar will review:
- The essential aspects of each state's privacy landscape and the latest updates
- Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence
- Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
Want to win over both existing and potential customers? Show them you value their privacy rights. And make opting in or out of targeted services and marketing a breeze. Businesses build trust by giving consumers control over their personal information. When you prioritize privacy, everyone wins!
How to accelerate the setup and management of complex cookie activities while ensuring compliance with privacy laws in all countries you operate in? How to use consumer trust as a competitive advantage?
In this webinar, you will learn:
- How to solve the challenge of identifying customers and respecting their choices across devices and browsers
- How to ensure a frictionless consent choice experience for your customers
- How to manage different and evolving cookie requirements and always stay compliant with data privacy laws
- What is Trustworthy AI and why it is important
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
Google announced it will phase out the use of third-party cookies on Chrome in 2024. Since Chrome has a market share of 65% of browser users, this practice will affect most businesses and cookie marketing.
As a marketer, how can you adapt to this significant change? How will you need to change your practices in the way you do business online in order to reach your target audience and drive revenue success?
In this webinar, you will learn how to prepare your organization for Google’s third-party phase-out and ensure marketing success.
This webinar will review:
- What to keep in mind about the latest cookie phase-out and what is coming
- What you need to know about the laws and regulations around cookies
- How to explore new privacy-friendly approaches to engage with your audience
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc
There’s no question the AI wave is here to stay. Regulators, organizations and consumers are all dealing with the acceleration of AI adoption in different ways.
Regulators are rushing to create and pass standards and laws like the EU AI Act, NIST AI RMP and OECD AI Principles to guide how organizations can and should adopt transparent, accountable AI practices to protect consumer privacy. For consumers, despite acknowledgement around the increasing value of AI, 60% of consumers say they have lost trust in how AI is used by organizations. And organization are left in the middle trying to keep up with regulations, drive AI adoption in their business process and products, and maintain consumer trust.
Introducing two innovative solutions designed to help organizations navigate the shifting AI landscape:
- TRUSTe Responsible AI Certification - The first AI certification designed for data protection and privacy. Crafted by a team with 10,000+ privacy certifications issued, this framework integrated industry standards and emerging laws for responsible AI governance.
- NymityAI - Your personalized privacy legal navigator to help you learn the law faster and easier - with confidence.
Join us on this webinar to learn how to establish responsible AI governance and instill trust in your partners, consumers, and customers around AI use and privacy data protection.
This webinar will review:
- How TRUSTe’s Responsible AI Certification will help you demonstrate accountable AI data governance that is fair, transparent and secure
- How to save time and work smarter in understanding regulatory obligations, including AI
- How to operationalize and deploy AI governance best practices in your organization
Unlock the definitive guide to managing your online tracking technology vendors effectively. This webinar delves into a comprehensive and actionable set of best practices that every organization needs. From meticulous website scans to in-depth contract reviews, from precise consent categorization to harmonizing diverse frameworks, our checklist ensures you cover all the crucial touchpoints. Equip yourself with this essential framework and confidently navigate the complex landscape of online tracking compliance, using our step-by-step roadmap as your trusted reference.
Join our panel of experts in the webinar as they equip you with the knowledge and strategies for navigating vendor relationships under CPRA.
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc
In a healthcare landscape where data flows are constant, and patient trust is paramount, it’s critical to understand and implement adequate data security and privacy practices. Start navigating the importance of privacy in healthcare for 2023 and beyond. Remembering that privacy is more than just checking a box is essential.
To better understand how to measure privacy in a healthcare setting correctly, healthcare leaders must understand how to grow and maintain privacy programs effectively and have insights into their privacy methods.
Whether you are wondering what data privacy is or already know, this webinar will help you better understand the importance of privacy in protecting you and your clients.
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
Artificial Intelligence (AI) has emerged as a transformative force in various industries, from healthcare to finance and beyond. While AI offers incredible opportunities, it also raises ethical, legal, and social challenges that must be addressed. To navigate this complex landscape in the world of privacy, it is crucial to conduct comprehensive Privacy Impact Assessments (PIAs).
Conducting PIAs in this dynamic and evolving world of AI has brought new challenges to the privacy world. With AI increasingly being integrated into different areas of our lives, understanding the intersection between AI and PIAs is essential for any organization to ensure they are privacy forward.
Take advantage of this opportunity to gain a comprehensive understanding of AI impact assessments and their role in shaping the future of AI. In this insightful webinar, our experts will explore the power of Privacy Impact Assessments (PIAs) in ensuring responsible AI development and deployment.
In this webinar, some key topics that will be covered include:
- Introduction to AI PIAs
- PIAs demystified (why they are essential in the context of AI)
- Explore the evolving legal and regulatory landscape governing AI and privacy, including GDPR, CCPA, and other international standards
- Best practices for conducting effective PIAs in AI projects
- Future outlooks for AI and PIAs
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...TrustArc
Organizations rely heavily on third-party vendors and partners to enhance operational efficiency and deliver innovative solutions in today's interconnected digital landscape. However, this increased reliance on third parties also introduces a complex web of security and privacy risks that can have far-reaching consequences for organizations' data, reputation, and compliance.
Join us for an insightful and informative webinar as we delve into mitigating third-party risks. This webinar will provide essential strategies and best practices to ensure robust security and privacy measures when collaborating with external entities.
Nymity Framework: Privacy & Data Protection Update in 7 StatesTrustArc
As privacy and data protection regulations evolve rapidly, organizations opera
ting in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in Iowa, Indiana, Montana, Tennessee, Texas, Florida, and Oregon, it is essential to understand what their unique data protection regulations will require clearly.
Discover how to stay compliant and safeguard customer data as our panelists decode state-specific privacy laws, share best practices, and discuss data security risk management. Prepare your organization for the future with insights into emerging trends.
Our panelists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements.
CBPR - Navigating Cross-Border Data Privacy ComplianceTrustArc
Just over a year ago, on 21 April 2022, seven economies, including Canada, Japan, the Republic of Korea, the Philippines, Singapore, Taiwan, and the USA, announced the launch of the Global CBPR Forum. Since then, Australia and Mexico have joined the Forum, marking a significant stride towards a global approach to data privacy cooperation.
In this highly anticipated webinar, we explore the background, the future direction, and assess the potential business case for companies considering certification under the new Global CBPR System. As an Associate Member of the Forum, the UK has demonstrated a keen interest in joining this innovative system, making it the first country outside the APEC region to express such intent.
Everything You Need to Know about DPF But Are Afraid to Ask.pdfTrustArc
Hooray! The long-awaited EU-U.S. and Swiss-U.S. Data Privacy Frameworks are officially adequate! Now what?
Well, now the real work begins for companies who want to join (or re-join!) into one of the premier international privacy standards. As the White House shared, transatlantic data flows are critical to enabling the $7.1 trillion EU-U.S. economic relationship. With the EU-US Data Privacy Framework in effect, businesses will have the ability to transfer personal data from the EU to the U.S. in compliance with GDPR and EU law.
Join our panel of experts for an interactive discussion about all things DPF. Be sure to bring your questions to the session because we will be ready to answer them!
We'll answer these questions and more:
- Why is the EU-US DPF important to the international community and businesses?
- What are the benefits of DPF verification?
- How do I get started with DPF?
- How can I get verified or certified quickly?
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...TrustArc
Back in 2020, GPC was introduced in the CCPA as a way to help keep consumer information safe by allowing users to opt-out with a single click rather than manually selecting each opt-out. However, the recent CCPA regulations create greater obligations for certain companies, specifically those that can identify known users and those that provide loyalty programs. Being unprepared for the new Global Privacy Control (GPC) obligations under the CPRA can open your company to risk.
Prepare your business for compliance with GPC and other browser signals.
Join the TrustArc privacy experts to learn:
- What is GPC & why is it important
- How does GPC impact your business and your customers under the new CCPA regulations?
- How to operationalize GPC requirements using software for your business
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsTrustArc
Privacy Enhancing Technologies (PETs) comprise a range of tools that mitigate the risks associated with the collection of data. These technologies offer various functionalities, which help uphold data governance choices, foster data collaboration, and enhance accountability.
As privacy regulations continue to evolve, organizations are increasingly turning to Privacy Enhancing Technologies (PETs) to protect personal data while enabling data-driven business decisions. In this webinar, we will explore the benefits of PETs, how they are used, and why they are critical for enhancing privacy.
Building Trust and Competitive Advantage: The Value of Privacy CertificationsTrustArc
As privacy concerns continue to grow, businesses are under increased pressure to demonstrate their commitment to protecting personal data. Privacy certifications are emerging as a way for organizations to demonstrate they are taking privacy seriously and following best practices.
Whether you are a small business or a large corporation, understanding the value of privacy certifications and how they can help you demonstrate your commitment to protecting personal data is important.
Learn the importance of how privacy certifications can unlock business value and help you stay ahead of the competition in today's privacy-conscious landscape.
The California Age Appropriate Design Code Act Navigating the New Requirement...TrustArc
The California Age-Appropriate Design Code Act (CAADCA) was signed into law by Governor Gavin Newsom in September 2022. Starting on July 1, 2024, the bill will mandate businesses providing online services or features that are "likely to be accessed by children" take certain measures, such as conducting a data protection impact assessment.
In this webinar, experts explore the intersection between CAADCA and existing children's privacy laws, and provide guidance on how companies, especially those in the gaming and child data handling app industries, can achieve compliance well in advance of the effective date.
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdfTrustArc
Discover how organizational priorities and strategic approaches to data security and privacy are developing across the globe. Gain a deeper understanding of how your organization's privacy program compares to those of your peers and learn about the emerging trends that will shape the future of privacy.
Hear insights from more than 1,500 global privacy professionals and business executives. Our 4th Annual Global Privacy Benchmarks Survey presents a comprehensive analysis of the progress made by privacy programs in the past year, the expansion of privacy teams, and the most pressing privacy challenges faced by organizations.
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceTrustArc
Artificial Intelligence (AI) is increasingly being used to make decisions that impact individuals and society as a whole. As the use of AI continues to grow, there is a need to establish guidelines and regulations to ensure that it is being used responsibly and ethically.
In October 2022, the White House Office of Science and Technology Policy (OSTP) published a Blueprint for an AI Bill of Rights (“Blueprint”), which shared a nonbinding roadmap for the responsible use of artificial intelligence (AI). In this webinar, we will examine the key principles that underpin the bill, such as transparency, accountability, and fairness, and discuss how they can help ensure that the use of AI aligns with the values and rights of individuals.
How To Do Data Transfers Between EU-US in 2023TrustArc
Since March 2022, businesses in the EU and U.S. have been waiting for an adequacy decision on the revamped Privacy Shield data transfer agreement, the U.S.-EU Data Transfer Framework Executive Order. The agreement would allow Europeans’ data to flow to the U.S. once again, after a long two years since Schrems II overturned Privacy Shield.
Yet the European Data Protection Board (EDPB) and European Parliament announced that the U.S.-EU Data Transfer Framework Executive Order is insufficient and does not provide adequate safeguards in March 2023.
What does this mean for businesses that have been in cross-border data transfer limbo since Schrems II? Is it possible to do data transfers between the EU and the US?
This webinar reviews:
- Where does the EU-U.S. Data Transfer Framework stand today?
- What adequate safeguards are currently missing from the framework in the eyes of the EDPB and European Parliament?
- How SCCs can be used for cross-border data transfers
- Risk mitigation for international data transfers
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
3. 3
3
Agenda
• The key components of the India’s Data Protection Bill
• The PDPB’s implications to your business
• The similarities and differences with the other global regulations (GDPR, PIPL, LGPD)
4. 4
4
Key Components - Application
The bill applies to:
• Personal data collected, stored, disclosed, shared or
otherwise processed within India;
• Processing of personal data by any person under Indian law;
• Foreign data fiduciaries or data processors, if such
processing is in connection with:
○ any business carried on in India;
○ any systematic activity of offering goods or services to
data principals within India; or
○ any activity which involves profiling of data principals
within India.
• Processing of non-personal data including anonymised personal data.
5. 5
5
Key Components - Definitions
Personal Data means data about or relating to a natural person who is directly or indirectly
identifiable, having regard to any characteristic, trait, attribute or any other feature of the
identity of such natural person, whether online or offline, or any combination of such
features with any other information, and shall include any inference drawn from such data
for the purpose of profiling;
Entities deciding the purposes and means of processing: Data Fiduciaries
Natural persons whose personal data is being processed: Data Principals
Sensitive Personal Data includes GDPR categories (except trade union membership) and
adds official identifiers, financial data, transgender and intersex status, caste or tribe.
6. 6
6
Key Components - Obligations for All
• Fair and reasonable processing
• Purpose specification
• Data minimization
• Limited retention
• Transparency (notice in multiple languages,
• fairness of algorithms, data trust scores)
• Data quality (heightened accuracy for
decision-making and disclosures)
• Accountability
Data Privacy Principles
7. 7
7
Key Components - Obligations for All
• Consent:
○ Free, informed, specific, clear, and capable of being withdrawn.
○ Explicitly obtained for sensitive data (cannot infer consent by conduct or context).
• If necessary under any law;
• For compliance with any judgment or order of any court, quasi-judicial authority or
Tribunal in India;
• For employment:
○ recruitment or termination, provision of benefits;
○ verify attendance, and performance assessment.
• Processing is necessary for “reasonable purposes” set out in Regs:
○ Examples: fraud detection, whistleblowing, mergers & acquisitions, credit scoring, network
and information security, debt collection, publicly available data, and search engines.
Legal Grounds for Processing (a selection…)
8. 8
8
Key Components - Obligations for All
• Children & Minors:
○ Age verification - parental consent required for <18;
○ No profiling, tracking, behavioural monitoring or targeted advertising to children;
○ No processing of personal data that can cause “significant harm” to the child.
○ Explicitly obtained for sensitive data (cannot infer consent by conduct or context).
• Privacy by Design:
○ Policy required; can get certified.
• Security Safeguards
• Breach Notification:
○ Notify the DPA within 72 hours, DPA decides whether to notify data principals.
○ DPA shall take other necessary steps in case of breach of non-personal data.
9. 9
9
Key Components - Obligations for All
• Data processors:
○ Contract necessary.
○ Data processors cannot involve a subprocessor w/o data fiduciary authorisation.
○ Only process personal data in accordance with instructions and treat as confidential.
• Grievance redressal mechanism:
○ DPO or other designated individual must resolve complaints within 30 days.
• Data Localization:
○ Must keep a copy of sensitive personal data in India (even if transferring abroad).
○ Critical personal data shall only be processed in India (to be defined).
• Cross Border Transfers:
○ Sensitive personal data transferred only with explicit consent and approved contract or
intra-group scheme, adequacy determination, otherwise allowed for a specific purpose.
10. 10
10
Key Components - Data Principals’ Rights
• Confirmation & Access:
○ In a manner that is easily comprehensible to a
reasonable individual in a similar context;
○ Identify the identities of data fiduciaries with whom
personal data has been shared.
• Correction & Rectification
• Data Portability (unless not technically feasible)
• Right to be Forgotten & Restriction (only on order
of an Adjudicating Officer)
11. 11
11
Key Components - Obligations for Some… Significant Fiduciaries
• Register with the DPA.
• Appoint a DPO.
• DPIAs (DPOs to review and submit to DPA):
○ New tech, Large scale processing, Sensitive personal data;
○ Any processing that carries a risk of significant harm to
data principals.
• Maintain Records:
○ Important operations in the data life cycle;
○ Periodic reviews of security safeguards;
○ DPIAs.
• Annual Independent Audits.
12. 12
12
Key Components - Others
• Social Media Platforms:
○ To be treated as significant data fiduciaries if they
have a certain number of users and their actions have
or are likely to have a significant impact on the
sovereignty and integrity of India, electoral
democracy, security of the State or public order.
○ Enable persons who register for their services to
voluntarily verify their account.
• Government Agencies & Data Processors:
○ May be exempted from the Act.
13. 13
13
Key Components - Penalties & Fines
• DPA can:
○ Order suspension or discontinuation of processing activities;
○ Vary, suspend or cancel any granted registrations.
• Penalties to be set out in regulations, but where not
specified, subject to a maximum of ~$135,000 USD
in case of significant data fiduciaries and ~$33,500 in
other cases.
• Representative actions may be filed with the DPA on
behalf of a group of data principals.
15. 15
15
Comparison against other Global Laws
Definition of
Personal Information
CCPA / CPRA GDPR PIPL PDPB
information that identifies,
relates to, describes, is
capable of being
associated with, or could
reasonably be linked,
directly or indirectly, with a
particular consumer or
household (followed by
specifics)
information relating to an
identified or identifiable
natural person (ʻdata
subjectʼ); an identifiable
natural person is one who
can be identified, directly
or indirectly, in particular
by reference to an identifier
such as a name, an
identification number,
location data, an online
identifier or to one or more
factors specific to the
physical, physiological,
genetic, mental, economic,
cultural or social identity of
that natural person;
all kinds of information,
recorded by electronic or
other means, related to
identified or identifiable
natural persons, not
including information after
anonymization handling
Personal data is data
about or relating to a
natural person who is
directly or indirectly
identifiable, having regard
to any characteristic, trait,
attribute or any other
feature of the identity of
such natural person,
whether online or
offline, or any
combination of such
features with any
other information, and
shall include any
inference drawn
from such data for the
purpose of profiling
16. 16
16
Sensitive Data CCPA / CPRA GDPR PIPL PDPB
Racial or ethnic origin X X i X (adds caste & tribe)
Religious & Philosophical Belief X X i X
Political opinions X i X
Union membership X X
Mental or physical health X X X X
Sexual orientation or sex life X X i X (adds intersex &
transgender status)
Citizenship or immigration i
Genetic or biometric data X X X X
Precise geolocation X X
Govt-issued ID numbers X i X
Account access credentials X i X (financial accounts)
Financial Accounts /
Information
X X
17. 17
17
CCPA / CPRA GDPR PIPL PDPB
Sensitive Data Consent No / CPRA - may limit Yes, explicit consent Yes, separate consent Yes, Explicit Consent
Minors, Age <13, 13-15 <16 (member states cannot
go <13)
<14 <18
Applies B2B No (CCPA moratorium) Yes Yes Yes
Applies to Employees No (CCPA moratorium) Yes Yes Yes
Sale / Sharing Data Expansive Expansive Expansive Expansive
Opt-outs Sell / CPRA Share Right to object Sensitive data, transfers,
ads
Right to Withdraw Consent
Vendor Contract
Requirements
Yes Yes Yes Yes
Security Audits No / CPRA Yes No No Yes
DPIA / PIAs Yes (CPRA) Yes Yes Yes
(significant data fiduciaries)
18. 18
18
Legal Basis for
Processing
CCPA / CPRA GDPR PIPL PDPB
Consent Opt-in for minors
If financial incentives
X X X
Contract (as party) X X
Legal obligation X X X
HR purposes X X
Vital interests X X (incl. property)
Public interest X X X
Legitimate interests X X (reasonable purposes)
Lawfully disclosed X X (within rules) X
Other under law X (member states) X X
19. 19
19
Individual Rights CCPA / CPRA GDPR PIPL PDPB
Know
(transparency, notice,
confirm)
X X X X
Access X X X X
Rectification X X X X
Erasure X X X X (only on order by
Adjudicating Officer)
Restriction X X (if cannot delete) X (only on order by
Adjudicating Officer)
Portability O X X X
Objection X (minors, sell / share) X X
Automated Decision-Making X X X
Non-discrimination X X X
20. 20
20
Thank You!
See http://www.trustarc.com/insightseries for the
2021 Privacy Insight Series and past webinar recordings.
If you would like to learn more about how TrustArc can support you with
compliance, please reach out to sales@trustarc.com for a free demo.