This document introduces Aurelie Pols, a data governance and privacy engineer. It provides details about her work experience, including currently serving as the DPO for mParticle and founding her own firm, Aurelie Pols & Associates. The document discusses her views that data has become the new infrastructure, privacy the new environmental issue, and trust the new currency. It outlines her perspective that balancing solving problems, sharing knowledge, and building the future are the three pillars of a balanced career.
The GDPR is here. So do you know what the courts are saying?Aurélie Pols
While the ink is dry on the final text of the GDPR since May 2016, the same can not be said for the courts. They are busier than ever with respect to data protection litigation! (there hasn't been a lot before to be honest as the legal instruments weren't as adequate)
One could say former legal student Max Schrems partially paved the way by getting the European Court of Justice (ECJ) to declare SafeHarbour invalid and today again with his not-for-profit NOYB.eu. (that's for Non of Your Business)
While we might discuss Cambridge Analitica in light of a potential class action against Facebook in Belgium, this presentation will mainly walk the audience through those case laws (Digital Rights Ireland, Google Spain, Schrems, Wirtschatfstsakademie) that are shaping the interpretation of the previous Data Protection Directive and the GDPR. Hopefully this would allow us to better understands where those clear red lines are being drawn in the sand, for now.
So, Right to be Forgotten: is it still comparable to "book burning in the Nazi period" or can we move beyond to find better ways to balance technological opportunities with societal needs, for the benefit of all?
Interoperability in Digital will take a Global VillageAurélie Pols
It's a never ending game of whack-a-mole, where Peter Swire already talked about technological escalation wars back in 2012 when chairing the W3C DNT efforts.
It used to be "it's not PII hence privacy legislation doesn't apply". The scope of action with respect to data privacy legislation has broadened, on both sides of the Atlantic.
Yet similar dodging techniques are now also being applied to actual existing and enforced legislation. Under the CCPA, the California Consumer Privacy Act, it's about not going beyond 25 million $ a year in revenue, avoiding employee data and this US based legislation not being applicable to governmental institutions (hail to surveillance capitalism fed by public authorities!).
We've long talked about ePrivacy being unclear while the legislator does move towards applying the GDPR also to digital data.
Those are the legislative loopholes but then also come the technical techniques Simo is going to talk about as we both come to the same conclusion: players are influencing the data, possibly seeing a way to compete not on analytics but on privacy?
As companies, even US based ones such as Apple and Microsoft, recognise privacy to be a fundamental right, let's explore which risks companies are facing and what some of the emerging best practices could look like.
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...Aurélie Pols
In a democratic society, it is always essential to search for the mechanisms contributing to a greater protection of citizens’ fundamental rights. For years we have been witnessing a debate, on both sides of the Atlantic, about the relevance of the formulation of a right of ownership of personal data.
It is interesting to analyse how the creation of this new right has different implications in different legal systems. In this panel we will consider the following questions:
- Can the right of ownership of personal data contribute to reinforcing the right to data protection and the right to privacy?
- What would be the impact of the formulation of a right of ownership of personal data in the field of data-driven innovation?
- Can this right contribute to the development of technological innovations based on data?
- Can the vision based on a property right in our personal data fit in a context of the defence of a fundamental right in our democratic societies?
- Can personal data be an asset that may be subject to commercial and / or economic operations?
- Is the legal view about data ownership shared on both sides of the Atlantic?
Video of the entire panel here: https://www.youtube.com/watch?v=YA8kMGM_kWU
Who Goes There? Demystifying Digital Identity for All (1/2)Aurélie Pols
Who goes there? It’s a question as old as time that is asked at the beginning of most transactions. In order for people and organizations to do business they must first ask – Who are you? How can I trust you?
Digital identity is becoming the most important challenge to solve at the intersection of people, process, and technology. Ask people about digital identity and they might think of a password and user ID to access services. But it’s much more. Digital identity is the digital representation of you – the Facebook you, Twitter you, and Google you.
Why is digital identity challenging? Perhaps because digital identity must intertwine with existing and evolving governance and cultural norms. Notions of privacy and sharing can vary greatly from person to person and from culture to culture.
This workshop explores what it means to be you in the digital world. We’ll uncover the forces and influences that impact the digital you – for better or for worse. Attendees will gain introductory insights about how digital identities and digital relationships connect and interact within a society. Join us to learn how Canada will advance digital identity for the socio-economic good of all.
https://fwd50.com/session/demystifying-digital-identity-for-all-1-2/
From GDPR to ePrivacy: what does it mean to the advertising sector?Aurélie Pols
The GDPR which comes into force in May 2018 includes 6 ways to assure lawfulness of processing, of which consent
and legitimate interests. The ePrivacy Regulation, a lex specialis of the GDPR, remains in draft mode, waiting for trialogue.
This presentation will explain what a risk based approach means for the advertising sector, taking the angle of media and
communication agencies, vendors of tools as well as their end clients, the advertisers.
State of EU legislation: GDPR & ePrivacy for SuperweekAurélie Pols
Building on 3 years worth of presentations on Privacy in the digital data ecosystem for Superweek, tackling transparency and sensitive data, this one addresses data subject rights while grounding the European project into the Charter of Fundamental Rights of the European Union. It includes a word of caution with respect to legitimate interests: not an easy choice to uphold!
The GDPR is here. So do you know what the courts are saying?Aurélie Pols
While the ink is dry on the final text of the GDPR since May 2016, the same can not be said for the courts. They are busier than ever with respect to data protection litigation! (there hasn't been a lot before to be honest as the legal instruments weren't as adequate)
One could say former legal student Max Schrems partially paved the way by getting the European Court of Justice (ECJ) to declare SafeHarbour invalid and today again with his not-for-profit NOYB.eu. (that's for Non of Your Business)
While we might discuss Cambridge Analitica in light of a potential class action against Facebook in Belgium, this presentation will mainly walk the audience through those case laws (Digital Rights Ireland, Google Spain, Schrems, Wirtschatfstsakademie) that are shaping the interpretation of the previous Data Protection Directive and the GDPR. Hopefully this would allow us to better understands where those clear red lines are being drawn in the sand, for now.
So, Right to be Forgotten: is it still comparable to "book burning in the Nazi period" or can we move beyond to find better ways to balance technological opportunities with societal needs, for the benefit of all?
Interoperability in Digital will take a Global VillageAurélie Pols
It's a never ending game of whack-a-mole, where Peter Swire already talked about technological escalation wars back in 2012 when chairing the W3C DNT efforts.
It used to be "it's not PII hence privacy legislation doesn't apply". The scope of action with respect to data privacy legislation has broadened, on both sides of the Atlantic.
Yet similar dodging techniques are now also being applied to actual existing and enforced legislation. Under the CCPA, the California Consumer Privacy Act, it's about not going beyond 25 million $ a year in revenue, avoiding employee data and this US based legislation not being applicable to governmental institutions (hail to surveillance capitalism fed by public authorities!).
We've long talked about ePrivacy being unclear while the legislator does move towards applying the GDPR also to digital data.
Those are the legislative loopholes but then also come the technical techniques Simo is going to talk about as we both come to the same conclusion: players are influencing the data, possibly seeing a way to compete not on analytics but on privacy?
As companies, even US based ones such as Apple and Microsoft, recognise privacy to be a fundamental right, let's explore which risks companies are facing and what some of the emerging best practices could look like.
CPDP: Data ownership, Innovation and Privacy: looking for an approach on both...Aurélie Pols
In a democratic society, it is always essential to search for the mechanisms contributing to a greater protection of citizens’ fundamental rights. For years we have been witnessing a debate, on both sides of the Atlantic, about the relevance of the formulation of a right of ownership of personal data.
It is interesting to analyse how the creation of this new right has different implications in different legal systems. In this panel we will consider the following questions:
- Can the right of ownership of personal data contribute to reinforcing the right to data protection and the right to privacy?
- What would be the impact of the formulation of a right of ownership of personal data in the field of data-driven innovation?
- Can this right contribute to the development of technological innovations based on data?
- Can the vision based on a property right in our personal data fit in a context of the defence of a fundamental right in our democratic societies?
- Can personal data be an asset that may be subject to commercial and / or economic operations?
- Is the legal view about data ownership shared on both sides of the Atlantic?
Video of the entire panel here: https://www.youtube.com/watch?v=YA8kMGM_kWU
Who Goes There? Demystifying Digital Identity for All (1/2)Aurélie Pols
Who goes there? It’s a question as old as time that is asked at the beginning of most transactions. In order for people and organizations to do business they must first ask – Who are you? How can I trust you?
Digital identity is becoming the most important challenge to solve at the intersection of people, process, and technology. Ask people about digital identity and they might think of a password and user ID to access services. But it’s much more. Digital identity is the digital representation of you – the Facebook you, Twitter you, and Google you.
Why is digital identity challenging? Perhaps because digital identity must intertwine with existing and evolving governance and cultural norms. Notions of privacy and sharing can vary greatly from person to person and from culture to culture.
This workshop explores what it means to be you in the digital world. We’ll uncover the forces and influences that impact the digital you – for better or for worse. Attendees will gain introductory insights about how digital identities and digital relationships connect and interact within a society. Join us to learn how Canada will advance digital identity for the socio-economic good of all.
https://fwd50.com/session/demystifying-digital-identity-for-all-1-2/
From GDPR to ePrivacy: what does it mean to the advertising sector?Aurélie Pols
The GDPR which comes into force in May 2018 includes 6 ways to assure lawfulness of processing, of which consent
and legitimate interests. The ePrivacy Regulation, a lex specialis of the GDPR, remains in draft mode, waiting for trialogue.
This presentation will explain what a risk based approach means for the advertising sector, taking the angle of media and
communication agencies, vendors of tools as well as their end clients, the advertisers.
State of EU legislation: GDPR & ePrivacy for SuperweekAurélie Pols
Building on 3 years worth of presentations on Privacy in the digital data ecosystem for Superweek, tackling transparency and sensitive data, this one addresses data subject rights while grounding the European project into the Charter of Fundamental Rights of the European Union. It includes a word of caution with respect to legitimate interests: not an easy choice to uphold!
(video summary at: https://conversionhotel.com/session/keynote-2019-future-of-data-governance-gdpr/)
This is an amazing woman with so much knowledge on analytics data and privacy in particular. I bumped into Aurélie Pols around 14 years ago when she was already publishing analytics content on the analytics blog of her former company (which might even be the first webanalytics agency being sold to a large firm). The blog was an inspiration for me to move away from writing about analytics for big broad marketing blogs and to start webanalisten.nl back in 2008 – a Dutch written niche blog on analytics and optimization. By then Aurélie already had 10 years of statistics and analytics experience… She moved on and did her work with Web Analytics Demystified and the Digital Analytics Association before she moved into the field of analytics & privacy. Yes, she focused on data and privacy already in 2012!
So when I saw privacy and issues with data quality among the top 10 topics the #CH2019 attendees want to learn form I immediately thought of Aurélie. She accepted the challenge to keynote at Texel, also because she was born nearby in Alkmaar. Great Aurélie is coming over – she will enlighten us on all the questions we have on data and privacy.
Cheers,
Ton Wesseling
Founder & host of The Conference formerly known as Conversion Hotel
AI Roles and Risk for election year 2024Aurélie Pols
Are we replacing one tyranny for another? reflexion on 10 years at Superweek, which challenges lie ahead for the digital analytics community this election year as the ink is slowly but surely drying on the AI Act.
Creative destruction & Privacy Whitewashing: where does risk lie? Aurélie Pols
Almost 5 years into GDPR enforcement, the courts and the supervisory authorities have peddled through quite some decisions and more are expected while this description is being written.
More importantly, privacy legislations globally continue to evolve, some at state levels while entire continents are taking a stance, enclosing positions on Competition, obligations for Platforms, also called Gatekeepers, and uses of ADM, ML or even AI. This presentation will highlight where risks lie for your company and what compliance should start to look like moving forward.
Technical Consequences of the Data Subject's RightsAurélie Pols
In her keynote speech Aurélie will focus on data subject's rights and the technical consequences of these obligations.
As the General Data Protection Regulation (GDPR) has come into force on May 25th 2018, data subject’s rights are being re-introduced and reinforced, building the ground work for a more balanced approaches towards data uses within our increasingly digitised societies.
Aurélie dives into the practical perspective of how to manage these new GDPR data subject rights, what it means for your processes and IT systems and when or to what type of data they apply.
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyAurélie Pols
Defining the SAM Pro’s Role in Data Privacy
As software and IT asset managers gather increasing amounts of data about employee use of company systems, concerns arise over employee privacy. How can the need to monitor access to software and systems be balanced with local legislation designed to protect employees' privacy rights in the work place?
This is the concern attendees at the 2014 SAM Summit London will discuss in a keynote session with European privacy and digital analytics specialist Aurélie Pols, co-founder and chief visionary officer at Mind Your Privacy.
"As more employers let workers bring their own devices to the office or access company data in the cloud from home, software asset managers are faced with a new task," says Pols. "They have to ensure that the measurements and controls put in place to secure data and license compliance, are not violating employee privacy."
An employee's right to privacy is defined in local law, posing a challenge for companies that operate throughout Europe. Spain has one of the strictest data protection laws in Europe, notes Pols, who is based in Madrid. "When it comes to fines issued by data protection authorities in Europe, Spain accounts for 80 percent of them," she says. This has turned Spain into a country where corporate lawyers, and IT managers, make sure they have the right processes in place to avoid the legal risks surrounding improper data collection and use.
The Spanish model has become the ideal to apply to client environments throughout Europe, notes Pols. " We try to find the best and most homogenous set of data governance practices that will work worldwide to ensure minimal risk—and maximum compliance."
Best practices of data use
The first data governance challenge for software and IT asset management professionals is to define what kind of data they are collecting from their workforce and how it will be used.
"Of course the software asset manager wants to track employee usage to ensure that data is not leaked or improperly accessed, but a subset of this activity is that suddenly you have data about what employees are doing," notes Pols. "This can run afoul of privacy laws unless there's close collaboration with the HR department."
Companies are now faced with the question: Do we want to use this data on employee activity, and if so, for what purpose? Do we want to use it within certain teams to assess whether certain employees are productive? Do we want to use this to assure that they are using the right processes?
"Before you measure, you need to know what and why you’re measuring," says Pols. "Although the software asset manager isn’t going to be looking at this employee data, they do need to ensure that any data collected is done in accordance with local laws."
Data Privacy & Protection Conference - Unlocking the Value of Digital Ethics
Boussias communication presentation, Athens June 23rd 2016 http://dataprivacy.boussiasconferences.gr/default.asp?pid=12&la=1&SpeakerId=1
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...Aurélie Pols
The Privacy discussions started with Do Not Track (DNT) some years ago, before we all went through the nightmarish EU Cookie Directive and some kind of consent mechanism. From Cookie cliff, losing over 90% of tracking, to implicit consent; from asking for forgiveness instead of permission, the analytics community is slowly but surely getting used to Privacy, Security and Compliance discussions.
But what does this really imply?
Your role as a company collecting, processing and retargeting data is one thing.
The tools you use, their Terms and Conditions and the surrounding processes yet another.
Follow this session if you make sure that within this chain of data responsibility you are not the weak link.
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...Aurélie Pols
Advertisers are collecting as much data as possible in order to sell finely targeted audiences to corporations. Privacy advocates are trying to wake up the populace to the continuous loss of civil liberties. Marketers are just trying to use the best tools to sell more stuff without alienating the public. Aurélie offers up a global view privacy rules and regulations to highlight how the upcoming European Union Personal Data Protection Regulation will influence digital analytics around the world. Then David identifies key data collection and usage issues and discusses ways to obtain the data we need while maintaining the trust and confidence of those we need to reach.
A Framework of Purpose and Consent for Data Security and Consumer PrivacyAurélie Pols
Introducing a basic Privacy framework of purpose and consent, this presentation continues with exploring data minimization opportunities and related internal procedures to assure this framework is respected and aligned with global regulation.
Arguing that in light of increased data collection, the very notion of PII or personal information is more than a blurry concept and that de-identification of data is not as easy as it is suggested to be, the conversation should evolve towards the particular context within which data is being used.
The question to ask then becomes “what risk does an individual face if her data is used in a particular way?”
Borrowing from Spanish information security best practices and in the light of increasing data breach regulations, the presentation examines how data flows should ideally be defined and secured in order to assure accountability through an entire data lifecycle.
Such a lifecycles must also include evolving legislative minimal and maximum data retention periods after which action needs to be taken, either through anonymization of collected and used data or through its thorough deletion.
Last but not least, data transits through multiple systems, hosted within multiple environments, ranging from internal and national to international cloud based solutions. Each actor of this data chain has a role to play and responsibility to abide by in order to assure compliance and mitigate risk.
Preparing for the AI Act - 5 years into GDPR enforcementAurélie Pols
Starting off from a recent fine from the Berlin Beauftragte für Datenschutz und Informationsfreiheit (BlnBDI) around obligations for automated decision making (art. 22 of the GDPR), this presentation will walk the audience through how teams collaborate around compliance obligations. Risk with respect to processing of personal data continues to increase since the ink dried on the GDPR in 2016. Enforcement as of 2018 has signaled a need for companies to act responsibly with their data processing operations. While data governance is surely not the sexist job of the XXI st century and data self-service is on everybody’s mind, the increased complexity of integrated data systems requires collaboration. You possibly know who your companies’ data protection officer is. Or not. Let’s talk about who could be responsible for what, how privacy-by-design consensus can be reached and where technology plays a role in preparing for an accountable, increasingly automated and risk mitigated, future.
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-decke-SIDES.eu
This is the slide-deck of the workshop held at the BDV Meet-UP on June 27, 2019 in Riga, titled "Towards Value-Centric Big Data". It includes the presentations given by the speakers.
Privacy Regulations and Your Digital SetupPiwik PRO
How Will the New Privacy Regulations Affect Your Digital Set-up? In less than 2 years from now, Europe’s new data privacy law will come into effect, changing the way organizations handle information of their users. General Data Protection Regulation will heavily impact usage of digital tools for customer insights and analytics.
This presentation was created by the Piwik PRO Team for a webinar session with Aurelie Pols. Webinar recording is available on: https://youtu.be/dPOvbbZ3vdo
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...FLUZO
In a data driven economy, analysts must be concerned with how data is collected, processed and subsequently used to improve online customer experiences, during those moments that matter.
Unlocking Value & Controlling Risk by #MindYourPrivacy
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...Aurélie Pols
10th European Data Protection SUMMIT Applied To Health Data
December 2022
Track #3 Cookies are not so appetising anymore
ePrivacy Directive to be as compliant as possible
(video summary at: https://conversionhotel.com/session/keynote-2019-future-of-data-governance-gdpr/)
This is an amazing woman with so much knowledge on analytics data and privacy in particular. I bumped into Aurélie Pols around 14 years ago when she was already publishing analytics content on the analytics blog of her former company (which might even be the first webanalytics agency being sold to a large firm). The blog was an inspiration for me to move away from writing about analytics for big broad marketing blogs and to start webanalisten.nl back in 2008 – a Dutch written niche blog on analytics and optimization. By then Aurélie already had 10 years of statistics and analytics experience… She moved on and did her work with Web Analytics Demystified and the Digital Analytics Association before she moved into the field of analytics & privacy. Yes, she focused on data and privacy already in 2012!
So when I saw privacy and issues with data quality among the top 10 topics the #CH2019 attendees want to learn form I immediately thought of Aurélie. She accepted the challenge to keynote at Texel, also because she was born nearby in Alkmaar. Great Aurélie is coming over – she will enlighten us on all the questions we have on data and privacy.
Cheers,
Ton Wesseling
Founder & host of The Conference formerly known as Conversion Hotel
AI Roles and Risk for election year 2024Aurélie Pols
Are we replacing one tyranny for another? reflexion on 10 years at Superweek, which challenges lie ahead for the digital analytics community this election year as the ink is slowly but surely drying on the AI Act.
Creative destruction & Privacy Whitewashing: where does risk lie? Aurélie Pols
Almost 5 years into GDPR enforcement, the courts and the supervisory authorities have peddled through quite some decisions and more are expected while this description is being written.
More importantly, privacy legislations globally continue to evolve, some at state levels while entire continents are taking a stance, enclosing positions on Competition, obligations for Platforms, also called Gatekeepers, and uses of ADM, ML or even AI. This presentation will highlight where risks lie for your company and what compliance should start to look like moving forward.
Technical Consequences of the Data Subject's RightsAurélie Pols
In her keynote speech Aurélie will focus on data subject's rights and the technical consequences of these obligations.
As the General Data Protection Regulation (GDPR) has come into force on May 25th 2018, data subject’s rights are being re-introduced and reinforced, building the ground work for a more balanced approaches towards data uses within our increasingly digitised societies.
Aurélie dives into the practical perspective of how to manage these new GDPR data subject rights, what it means for your processes and IT systems and when or to what type of data they apply.
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyAurélie Pols
Defining the SAM Pro’s Role in Data Privacy
As software and IT asset managers gather increasing amounts of data about employee use of company systems, concerns arise over employee privacy. How can the need to monitor access to software and systems be balanced with local legislation designed to protect employees' privacy rights in the work place?
This is the concern attendees at the 2014 SAM Summit London will discuss in a keynote session with European privacy and digital analytics specialist Aurélie Pols, co-founder and chief visionary officer at Mind Your Privacy.
"As more employers let workers bring their own devices to the office or access company data in the cloud from home, software asset managers are faced with a new task," says Pols. "They have to ensure that the measurements and controls put in place to secure data and license compliance, are not violating employee privacy."
An employee's right to privacy is defined in local law, posing a challenge for companies that operate throughout Europe. Spain has one of the strictest data protection laws in Europe, notes Pols, who is based in Madrid. "When it comes to fines issued by data protection authorities in Europe, Spain accounts for 80 percent of them," she says. This has turned Spain into a country where corporate lawyers, and IT managers, make sure they have the right processes in place to avoid the legal risks surrounding improper data collection and use.
The Spanish model has become the ideal to apply to client environments throughout Europe, notes Pols. " We try to find the best and most homogenous set of data governance practices that will work worldwide to ensure minimal risk—and maximum compliance."
Best practices of data use
The first data governance challenge for software and IT asset management professionals is to define what kind of data they are collecting from their workforce and how it will be used.
"Of course the software asset manager wants to track employee usage to ensure that data is not leaked or improperly accessed, but a subset of this activity is that suddenly you have data about what employees are doing," notes Pols. "This can run afoul of privacy laws unless there's close collaboration with the HR department."
Companies are now faced with the question: Do we want to use this data on employee activity, and if so, for what purpose? Do we want to use it within certain teams to assess whether certain employees are productive? Do we want to use this to assure that they are using the right processes?
"Before you measure, you need to know what and why you’re measuring," says Pols. "Although the software asset manager isn’t going to be looking at this employee data, they do need to ensure that any data collected is done in accordance with local laws."
Data Privacy & Protection Conference - Unlocking the Value of Digital Ethics
Boussias communication presentation, Athens June 23rd 2016 http://dataprivacy.boussiasconferences.gr/default.asp?pid=12&la=1&SpeakerId=1
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...Aurélie Pols
The Privacy discussions started with Do Not Track (DNT) some years ago, before we all went through the nightmarish EU Cookie Directive and some kind of consent mechanism. From Cookie cliff, losing over 90% of tracking, to implicit consent; from asking for forgiveness instead of permission, the analytics community is slowly but surely getting used to Privacy, Security and Compliance discussions.
But what does this really imply?
Your role as a company collecting, processing and retargeting data is one thing.
The tools you use, their Terms and Conditions and the surrounding processes yet another.
Follow this session if you make sure that within this chain of data responsibility you are not the weak link.
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...Aurélie Pols
Advertisers are collecting as much data as possible in order to sell finely targeted audiences to corporations. Privacy advocates are trying to wake up the populace to the continuous loss of civil liberties. Marketers are just trying to use the best tools to sell more stuff without alienating the public. Aurélie offers up a global view privacy rules and regulations to highlight how the upcoming European Union Personal Data Protection Regulation will influence digital analytics around the world. Then David identifies key data collection and usage issues and discusses ways to obtain the data we need while maintaining the trust and confidence of those we need to reach.
A Framework of Purpose and Consent for Data Security and Consumer PrivacyAurélie Pols
Introducing a basic Privacy framework of purpose and consent, this presentation continues with exploring data minimization opportunities and related internal procedures to assure this framework is respected and aligned with global regulation.
Arguing that in light of increased data collection, the very notion of PII or personal information is more than a blurry concept and that de-identification of data is not as easy as it is suggested to be, the conversation should evolve towards the particular context within which data is being used.
The question to ask then becomes “what risk does an individual face if her data is used in a particular way?”
Borrowing from Spanish information security best practices and in the light of increasing data breach regulations, the presentation examines how data flows should ideally be defined and secured in order to assure accountability through an entire data lifecycle.
Such a lifecycles must also include evolving legislative minimal and maximum data retention periods after which action needs to be taken, either through anonymization of collected and used data or through its thorough deletion.
Last but not least, data transits through multiple systems, hosted within multiple environments, ranging from internal and national to international cloud based solutions. Each actor of this data chain has a role to play and responsibility to abide by in order to assure compliance and mitigate risk.
Preparing for the AI Act - 5 years into GDPR enforcementAurélie Pols
Starting off from a recent fine from the Berlin Beauftragte für Datenschutz und Informationsfreiheit (BlnBDI) around obligations for automated decision making (art. 22 of the GDPR), this presentation will walk the audience through how teams collaborate around compliance obligations. Risk with respect to processing of personal data continues to increase since the ink dried on the GDPR in 2016. Enforcement as of 2018 has signaled a need for companies to act responsibly with their data processing operations. While data governance is surely not the sexist job of the XXI st century and data self-service is on everybody’s mind, the increased complexity of integrated data systems requires collaboration. You possibly know who your companies’ data protection officer is. Or not. Let’s talk about who could be responsible for what, how privacy-by-design consensus can be reached and where technology plays a role in preparing for an accountable, increasingly automated and risk mitigated, future.
"Towards Value-Centric Big Data" e-SIDES Workshop - Slide-decke-SIDES.eu
This is the slide-deck of the workshop held at the BDV Meet-UP on June 27, 2019 in Riga, titled "Towards Value-Centric Big Data". It includes the presentations given by the speakers.
Privacy Regulations and Your Digital SetupPiwik PRO
How Will the New Privacy Regulations Affect Your Digital Set-up? In less than 2 years from now, Europe’s new data privacy law will come into effect, changing the way organizations handle information of their users. General Data Protection Regulation will heavily impact usage of digital tools for customer insights and analytics.
This presentation was created by the Piwik PRO Team for a webinar session with Aurelie Pols. Webinar recording is available on: https://youtu.be/dPOvbbZ3vdo
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...FLUZO
In a data driven economy, analysts must be concerned with how data is collected, processed and subsequently used to improve online customer experiences, during those moments that matter.
Unlocking Value & Controlling Risk by #MindYourPrivacy
ePrivacy Directive, a 10 steps framework to be as compliant as possible for m...Aurélie Pols
10th European Data Protection SUMMIT Applied To Health Data
December 2022
Track #3 Cookies are not so appetising anymore
ePrivacy Directive to be as compliant as possible
GDPR and the aftermath: what are we building towards?Aurélie Pols
“Human dignity is inviolable. It must be respected and protected.” is stated within article 1 of the Charter of Fundamental Rights of the EU. This document is the result of historical evolutions in the rule of law with respect to human rights, originating in 1948 with the Declaration of Human Rights and the creation of the United Nations.
Today we face global challenges, where sovereignties and personal identities are challenged, amongst others, through digitalization. The foundational values that touch upon our own dignity, as well as those of the tribes we belong to, need to be redefined in order to assure we build the societies we can proudly pass onto our children.
2018 is undoubtedly the year of Ethics. Which values should digital ethics reflect, beyond article 1 of the Charter of Fundamental Rights of the EU to assure we all move forward in the same direction?
How digitization challenges our values as citizens Aurélie Pols
Aurélie will be talking about how our cherished European values that we strive to pass onto our children are being challenged through increased access to information and digitisation.
She will examine out responsibility as data subjects, citizens and parents to assure technology works for the benefit of human beings in the long run. We know that the processing of personal data should be designed to serve mankind - but what could that mean for us today and for the next generation to come?
The Great GDPR MyData Debate - Aurelie Pols - KeynoteAurélie Pols
The GDPR empowers citizens with several fundamentally new rights. This session will summarise some of those new rights with an exciting keynote and three supporting presentations. In particular we will discuss the various implementation opportunities, technical and legal challenges and form a view on how these new rights should manifest for a mydata economy. We will then enter an audience participatory debate led by the speaker panel and your GDPR Mydata hosts, finalised with 4 key questions the debate has surfaced and poll the audience views on the most likely market solutions.
https://mydata2017.org/session/gdpr-debate/
The Data Subject First? Decoding the GDPR at StrataDataAurélie Pols
Aurélie Pols draws a broad philosophical picture of the data ecosystem and then hones in on the right to data portability.
Strata keynote London may 2017, https://www.oreilly.com/ideas/the-data-subject-first
Brussels data science - Privacy Engineering for Big Data & Data ScienceAurélie Pols
This presentation walks through the challenges and opportunities for data scientists and big data professionals, with a focus on Privacy, describing which future roles will be needed in order to successfully bridge the written word of the law with coded data trails. Data Science will inevitably need to jump through intricate compliance hoops that could also sound the drum of a new ethical data dawn, in light of globalisation. Or... it might not.
Coexisting safely and ethically with intelligent machines is one of the central challenges of the 21st Century. It demonstrates and strengthen the need to establish ethical standards for Artificial Intelligence to help us preserve the values we cherish the most.
https://www.sibos.com/conference/conference-programme/digital-ethics
Superweek 2016 Would You Lie to Your Physician?Aurélie Pols
A tale of caution about lack of transparency and rolling heads. Pragmatic Data Privacy take-aways for an era of Digital Entanglement and fluid Privacy legislation. See superweek.hu
Multi-tasking teams within cyber security departmentsAurélie Pols
Data Risk Mitigation Of Digital Transformation Projects explained, upon invitation #Cybercamp15 in Madrid, sponsored by INCIBE (Instituto Nacional de CiberSeguridad) & the Spanish Ministry of Industry, Energy and Tourism
BIG DATA IN BUSINESS Implement and use Big Data to your organization’s advantageAurélie Pols
IE Business School - Executive Education
3-Day International Executive Program
June 22-24, 2015, Monday-Wednesday
Madrid, Spain
Session 9: Managing Privacy and Data Governance, a Risk based Approach
Big Data Big Ideas: Data is the New Oil, Privacy is the New GreenAurélie Pols
Data is a specific type of property for which legislation is not ready. Technology continues to advance at a rapid pace. What are Privacy best practices? what are Privacy and Compliance challenges facing your business using analytics? How do you turn this into a Risk exercise or an opportunity for Business Development?
Presented in Istanbul Turkey, May 2015 at http://smartcon.com/en/istanbul-2015-big-data-big-ideas-overview
IAPP Data Protection Intensive London - Transparency in Marketing (AP part III)Aurélie Pols
https://privacyassociation.org/conference/iapp-europe-data-protection-intensive-2015/
Just how transparent should organisations be with their customers in communicating the personal data use behind their sophisticated marketing plans? Before making tough decisions, companies must be transparent with themselves.
Responsible Data Uses: Privacy, Security, Ethics & ComplianceAurélie Pols
What do these words actually mean for digital analytics?
See the forest for the trees and take away what you can do today to work towards more responsible uses of data, in light of collaborative efforts with Marcom and IT but also the folks at legal council, those in charge of security or entrusted with corporate social responsibility. Understand what the risks with legislation for our industry are in Scandinavia, Europe and globally and where to draw the line.
Privacy & Ethics: Should you measure when a user logs out?Aurélie Pols
This Amicus Brief is intended to support the digital analytics community and members of the Digital Analytics Association (DAA) with the understanding of the implications of digital measurement practices from the angle of increasing Privacy, Compliance, Ethics and Security requirements.
This document is not intended to hold any legal recommendations.
The purpose of this document is to foster reflections and discussions within the digital analytics community about vendors’ measurement practices, ways to tackle evolving global Privacy legislation and increased feelings of lack of trust that is felt by Internet users all over the world.
Opendatabay - Open Data Marketplace.pptxOpendatabay
Opendatabay.com unlocks the power of data for everyone. Open Data Marketplace fosters a collaborative hub for data enthusiasts to explore, share, and contribute to a vast collection of datasets.
First ever open hub for data enthusiasts to collaborate and innovate. A platform to explore, share, and contribute to a vast collection of datasets. Through robust quality control and innovative technologies like blockchain verification, opendatabay ensures the authenticity and reliability of datasets, empowering users to make data-driven decisions with confidence. Leverage cutting-edge AI technologies to enhance the data exploration, analysis, and discovery experience.
From intelligent search and recommendations to automated data productisation and quotation, Opendatabay AI-driven features streamline the data workflow. Finding the data you need shouldn't be a complex. Opendatabay simplifies the data acquisition process with an intuitive interface and robust search tools. Effortlessly explore, discover, and access the data you need, allowing you to focus on extracting valuable insights. Opendatabay breaks new ground with a dedicated, AI-generated, synthetic datasets.
Leverage these privacy-preserving datasets for training and testing AI models without compromising sensitive information. Opendatabay prioritizes transparency by providing detailed metadata, provenance information, and usage guidelines for each dataset, ensuring users have a comprehensive understanding of the data they're working with. By leveraging a powerful combination of distributed ledger technology and rigorous third-party audits Opendatabay ensures the authenticity and reliability of every dataset. Security is at the core of Opendatabay. Marketplace implements stringent security measures, including encryption, access controls, and regular vulnerability assessments, to safeguard your data and protect your privacy.
As Europe's leading economic powerhouse and the fourth-largest hashtag#economy globally, Germany stands at the forefront of innovation and industrial might. Renowned for its precision engineering and high-tech sectors, Germany's economic structure is heavily supported by a robust service industry, accounting for approximately 68% of its GDP. This economic clout and strategic geopolitical stance position Germany as a focal point in the global cyber threat landscape.
In the face of escalating global tensions, particularly those emanating from geopolitical disputes with nations like hashtag#Russia and hashtag#China, hashtag#Germany has witnessed a significant uptick in targeted cyber operations. Our analysis indicates a marked increase in hashtag#cyberattack sophistication aimed at critical infrastructure and key industrial sectors. These attacks range from ransomware campaigns to hashtag#AdvancedPersistentThreats (hashtag#APTs), threatening national security and business integrity.
🔑 Key findings include:
🔍 Increased frequency and complexity of cyber threats.
🔍 Escalation of state-sponsored and criminally motivated cyber operations.
🔍 Active dark web exchanges of malicious tools and tactics.
Our comprehensive report delves into these challenges, using a blend of open-source and proprietary data collection techniques. By monitoring activity on critical networks and analyzing attack patterns, our team provides a detailed overview of the threats facing German entities.
This report aims to equip stakeholders across public and private sectors with the knowledge to enhance their defensive strategies, reduce exposure to cyber risks, and reinforce Germany's resilience against cyber threats.
Techniques to optimize the pagerank algorithm usually fall in two categories. One is to try reducing the work per iteration, and the other is to try reducing the number of iterations. These goals are often at odds with one another. Skipping computation on vertices which have already converged has the potential to save iteration time. Skipping in-identical vertices, with the same in-links, helps reduce duplicate computations and thus could help reduce iteration time. Road networks often have chains which can be short-circuited before pagerank computation to improve performance. Final ranks of chain nodes can be easily calculated. This could reduce both the iteration time, and the number of iterations. If a graph has no dangling nodes, pagerank of each strongly connected component can be computed in topological order. This could help reduce the iteration time, no. of iterations, and also enable multi-iteration concurrency in pagerank computation. The combination of all of the above methods is the STICD algorithm. [sticd] For dynamic graphs, unchanged components whose ranks are unaffected can be skipped altogether.
Adjusting primitives for graph : SHORT REPORT / NOTESSubhajit Sahu
Graph algorithms, like PageRank Compressed Sparse Row (CSR) is an adjacency-list based graph representation that is
Multiply with different modes (map)
1. Performance of sequential execution based vs OpenMP based vector multiply.
2. Comparing various launch configs for CUDA based vector multiply.
Sum with different storage types (reduce)
1. Performance of vector element sum using float vs bfloat16 as the storage type.
Sum with different modes (reduce)
1. Performance of sequential execution based vs OpenMP based vector element sum.
2. Performance of memcpy vs in-place based CUDA based vector element sum.
3. Comparing various launch configs for CUDA based vector element sum (memcpy).
4. Comparing various launch configs for CUDA based vector element sum (in-place).
Sum with in-place strategies of CUDA mode (reduce)
1. Comparing various launch configs for CUDA based vector element sum (in-place).
Explore our comprehensive data analysis project presentation on predicting product ad campaign performance. Learn how data-driven insights can optimize your marketing strategies and enhance campaign effectiveness. Perfect for professionals and students looking to understand the power of data analysis in advertising. for more details visit: https://bostoninstituteofanalytics.org/data-science-and-artificial-intelligence/
Predicting Product Ad Campaign Performance: A Data Analysis Project Presentation
Women in STEM for IE Girl Up Club
1. Perspectives of Data Protection in
the public and private sector
Data is the new infrastructure & Privacy is the new
green. Is Trust the new currency?
Founder, Aurélie Pols & Associates
February 21st 2022
aurelie.pols@protonmail.com
1
3. What I do for a living
In case you’re wondering ;-)
3
4. 3 pillars for a balanced (?) career
Solving problems
4
Sharing knowledge Building the future
Aurelie Pols and Associates
It takes a global village
Collaboration is key
5. Interlocking liabilities & obligations
People
Company
(Telco,
Bank,
Insurance..)
Company
(Agency,
consultancy,
vendor, ...)
Cloud
provider
• Aligning contract obligations
• (+ enforcement?)
• Providing
• Security
• Privacy features
• Privacy engineering
B2C
B2B
B2B
Privacy
policies
Consent
MSA
SOW
T&C
5