SlideShare a Scribd company logo

Digital Velocity London 2017 - Data Privacy and Sovereignty, Sheila Fitz Patrick

Download as PPTX, PDF
Tealium
Tealium

Data Privacy and Sovereignty Changing Legal Landscape - GDPR Sheila M. FitzPatrick Chief Privacy Officer, NetApp Presented at Digital Velocity London 2017, The Landmark Hotel

Marketing
1 of 27
© 2017 Tealium Inc. All rights reserved. | 1© 2017 Tealium Inc. All rights reserved. | 1
© 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---2 Data Privacy and Sovereignty Changing Legal Landscape – GDPR Sheila M. FitzPatrick Chief Privacy Officer NetApp, Inc.
Agenda 1) Why do data privacy and sovereignty laws matter? 2) Data protection legal landscape 3) General Data Protection Regulation: Key highlights 4) Shared concerns and misperceptions 5) Data privacy versus data security 6) How do you mitigate the risks? 7) The NetApp global model of excellence 8) The NetApp value proposition: Start with the legal framework 9) Key takeaways © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---3
▪ Heightened concerns over data access ▪ New technology driving the importance of privacy considerations ▪ Serious privacy risks with new technology (for example, cloud and internet of things [IoT]) ▪ Focus moving toward data sovereignty or cross-border flows ▪ Lack of companies addressing privacy Why do data privacy and sovereignty laws matter? ▪ Concern for customers ▪ Global business expansion ▪ New business and business models ▪ Global regulation expanding ▪ Greater sanctions and penalties ▪ Intense media and social media focus on privacy and security breaches © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---4
© 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---5 Data Protection Legal Landscape
Global Data Protection Laws © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---6 ▪ General Data Protection Regulation (GDPR) ▪ ePrivacy directive ▪ Country-specific laws ▪ Cloud computing directive ▪ Data sovereignty obligations ▪ Cybersecurity directive ▪ Antispam laws ▪ Healthcare privacy laws ▪ Data breach regulation European Union (EU) Asia-Pacific Canada Latin America ▪ Country-specific privacy laws ▪ Healthcare privacy laws ▪ Asia-Pacific Economic Cooperation (APEC) cyber privacy code ▪ Cross Border Privacy Rules (CBPR) ▪ Restrictions on marketing activities ▪ Restrictions on cloud computing ▪ Data breach regulations ▪ Privacy Act ▪ Personal Information Protection and Electronic Documents Act (PIPEDA) ▪ Digital Privacy Act 2015 ▪ Provincial or sovereignty laws ▪ Medical records laws ▪ Cybersecurity regulations ▪ Canada Anti-Spam Law (CASL) ▪ Data breach regulations ▪ Cross-border transfer restrictions ▪ Country-specific privacy laws ▪ Personal health information privacy laws ▪ Cloud computing regulations ▪ Organization of American States (OAS) cybersecurity guidelines ▪ Data breach regulations
▪ Patchwork system of privacy laws ▪ Federal Trade Commission Act (consumer protection) ▪ Electronic Communications Privacy Act ▪ Judicial Redress Act ▪ Cybersecurity Executive Order (voluntary) ▪ Data breach regulations ▪ Healthcare—Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act ▪ Regulated industries (government, financial, and critical infrastructure) ▪ State privacy laws ▪ Privacy Shield U.S. Data Protection Laws 7 © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---
General Data Protection Regulation: Key highlights ▪ First and foremost a legal compliance issue, not an IT or technology issue ▪ Affects any company regardless of location ▪ Requires appointment of Data Protection Officer (DPO), who “owns” responsibility for GDPR ▪ Requires a strong data privacy compliance framework ▪ Affects business functions that collect or process personal data ▪ Requires data retention and destruction policies and procedures ▪ Has legal and relevant need to know how to collect, access, or process personal data ▪ Has greater data processor obligations or accountability ▪ Effective May 25, 2018 © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---8
What does GDPR mean for companies? ▪ The law has a broader definition of personal data and pulls more data into the “regulatory net.” ▪ The definition of personal data now includes unique identifiers, IP address, biometrics, genetic data, and location data. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---9
▪ The law is extraterritorial. ▪ The law applies to any organization anywhere in the world that collects, processes, accesses, shares, stores, or transfers EU personal data. What does GDPR mean for companies? © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---10
What does GDPR mean for companies? ▪ New obligations include transparency, accountability, data minimization, data destruction, and 72-hour data breach notification. ▪ The law mandates privacy by design before embracing new technology. ▪ The law requires privacy impact assessments (PIAs). © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---11
▪ The law features new accountability rules for data processors. ▪ The law applies to any organization that provides a service on behalf of another organization. What does GDPR mean for companies? © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---12
What does GDPR mean for companies? ▪ The law mandates the attainment of freely given, explicit, and unambiguous consent (not implied or forced). ▪ The law enables the deletion of data when it is no longer needed. ▪ The law provides the right to erasure. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---13
What does GDPR mean for companies? The law increases the penalties for breaches or noncompliance to €20 million or 4% of annual global turnover. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---14
▪ Understand it is first and foremost, a legal issue, not an IT issue. ▪ The CPO “owns” the GDPR issue. ▪ Tools and technology are great, but you cannot start there. ▪ A strong data privacy compliance framework or program must be in place. ▪ Assess the personal data that you collect and store. ▪ Review current agreements, internal and external, in regard to data privacy. How do you prepare for GDPR? ▪ Implement a violation mitigation process for privacy and security. ▪ Implement relevant and transparent policies and procedures. ▪ Introduce Privacy Impact Assessments (PIAs). ▪ Develop a global records retention policy and schedule. ▪ Form a GDPR swat team. ▪ Evaluate tools and technology to help maintain ongoing compliance. ▪ Find a trusted advisor who truly understands GDPR and privacy laws. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---15
▪ Location of data centers ▪ EU data stored or processed in UK ▪ Lead authority for BCRs ▪ Model Contractual Clauses in place ▪ UK may be deemed “inadequate” Will BREXIT impact you? 16 © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE --- ▪ New agreements with UK providers ▪ UK Data Protection Act vs. GDPR ▪ Identified deficiencies by EU Authorities ▪ Data breach notification ▪ UK investigatory powers
EU-US Privacy Shield – Is it the Right Direction? © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---17 ▪ ECJ Adequacy ▪ ECJ invalidation ▪ Member State Challenges ▪ Mistrust of US Commitment ▪ “Cosmetic” change to Safe Harbor ▪ Not compliant with GDPR Pros Cons Potential ObstaclesStatus ▪ No current enforcement mechanism in the US ▪ US self-certification ▪ Challenges from Max Schremes and other privacy advocates companies ▪ “Loopholes” in US Redress Act ▪ No mass surveillance ▪ EU citizens’ redress mechanism ▪ Strong obligations/robust enforcement ▪ Transparency regarding US Gov’t access ▪ Recently approved – 4 abstentions ▪ US appointment of an Ombudsman ▪ Dissatisfaction in some Member States and privacy advocates ▪ Self-certification as of August 1, 2016
© 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---18 Shared Concerns and Misperceptions
Foremost on the minds of companies ▪ How to embrace the cloud and new technology ▪ Compliance with data privacy and sovereignty laws ▪ Where to begin with GDPR ▪ Mixed messages and misleading information ▪ Data location and sovereignty ▪ Cybersecurity ▪ Data breach remediation and contingency plans ▪ Loss of control ▪ Data security ▪ Accountability and liability ▪ Data retention and destruction capability ▪ Whom to turn to for help © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---19
Challenges in the world of cloud computing ▪ Global restrictions ▪ Compliance with data privacy and sovereignty laws ▪ Volume of data from unknown sources ▪ Data location, jurisdiction, and cross-border data flow ▪ Data control and/or ownership ▪ Lack of transparency ▪ Data that could or should live in the cloud (and type of cloud) ▪ Data breach remediation and contingency plans ▪ Security, including encryption and tokenization ▪ Use of third parties ▪ Litigation and electronic discovery ▪ Misperception of privacy versus security © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---20
Data privacy versus data security ▪ Data security is not data privacy. ▪ Privacy is the legal collection, use, sharing, storage, and transfer of data; privacy is legislated and regulated. ▪ Security is a fortress around the data. ▪ Companies can have world-class security but no data privacy. ▪ International Organization for Standardization (ISO) 27018 addresses security but not data privacy. ▪ All cloud vendors can address security, but few can address privacy. ▪ The legal PIA is a critical decision mechanism. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---21
▪ Clear and explicit policies and procedures ▪ Privacy Impact Assessments (PIAs) ▪ Data privacy agreements and model contractual clauses ▪ Knowing the difference between privacy and security ▪ Restricted access to data ▪ Well-defined data ownership of data controller versus data processor ▪ Transparency: opt ins and opt outs How do you mitigate the risks? ▪ Classified data (what should or should not live in the cloud) ▪ Vetted third parties ▪ Asking the right questions ▪ Knowing your risk tolerance © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---22
© 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---23 NetApp’s Model of Excellence
The NetApp global model of excellence © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---24 Business-Impacting Decisions NetApp Expertise: A Model Global Company for Addressing These Concerns NetApp Internal Global Model Program Global Policies and Procedures Monitor and Advocate Internal and External Partnerships Internal and External Training Verify That Products Mitigate Privacy Risks Execute on Laws Key Business Needs Store Data Protect Data Understand Legislation and Regulation Balance Risks Manage Costs Global Data Privacy Cybersecurity Cloud Computing Big Data
▪ NetApp uses its business model to help enterprises prepare for and be compliant with EU GDPR regulations (95% compliant with GDPR) ▪ NetApp has a reputation for excellence in global data privacy and is one of fewer than 100 companies that have BCRs. ▪ NetApp educates customers on the data privacy compliance foundation before introducing products that help maintain compliance with GDPR. ▪ The Data Fabric strategy enables organizations to control, manage, secure, and protect their data whenever and wherever access is needed. The NetApp value proposition: Start with the legal framework Key components © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---25
Key takeaways ▪ Embrace the laws instead of running from them ▪ Start with the data privacy compliance framework, not technology ▪ Know the importance of privacy due diligence ▪ Know the difference between privacy and security ▪ Ask the hard questions and push back on their suppliers ▪ Know that there is more at stake than where the data center is located ▪ Reach out to NetApp as a data privacy and governance-trusted advisor © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---26
THANK YOU © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---27 Sheila.fitzpatrick@netapp.com @sheilafitzp

Recommended

GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?DATUM LLC
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
12th July GDPR event slides
12th July GDPR event slides12th July GDPR event slides
12th July GDPR event slidesExponential_e
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM TyszkaJean-Michel Tyszka
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationGhostery, Inc.
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdprExponential_e
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
VMTN6642E - GDPR Slide Deck
VMTN6642E - GDPR Slide DeckVMTN6642E - GDPR Slide Deck
VMTN6642E - GDPR Slide DeckKyle Davies
 

Recommended

GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?DATUM LLC
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
12th July GDPR event slides
12th July GDPR event slides12th July GDPR event slides
12th July GDPR event slidesExponential_e
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM TyszkaJean-Michel Tyszka
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationGhostery, Inc.
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdprExponential_e
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
VMTN6642E - GDPR Slide Deck
VMTN6642E - GDPR Slide DeckVMTN6642E - GDPR Slide Deck
VMTN6642E - GDPR Slide DeckKyle Davies
 
Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkLeigh Hill
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for DummiesCaroline Boscher
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR ComplianceDATAVERSITY
 
Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceDave James
 
Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?Ulf Mattsson
 
Privacy by design
Privacy by designPrivacy by design
Privacy by designMichelangelo van Dam
 
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNtxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNorth Texas Chapter of the ISSA
 
Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery, Inc.
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...TrustArc
 
The Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationThe Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationJake DiMare
 
EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017Cliff Ashcroft
 
Gdpr action plan
Gdpr action plan Gdpr action plan
Gdpr action plan Ulf Mattsson
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection RegulationBCC - Solutions for IBM Collaboration Software
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processingTim Gough
 
GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.Matthias Dobbelaere-Welvaert
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...DATUM LLC
 
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...TrustArc
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationIBM Security
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for TechiesLilian Edwards
 
What happens if you’re not ready for the GDPR?
What happens if you’re not ready for the GDPR?What happens if you’re not ready for the GDPR?
What happens if you’re not ready for the GDPR?Digital Transformation EXPO Event Series
 
Understanding Global Data Protection Laws: Webinar
Understanding Global Data Protection Laws: WebinarUnderstanding Global Data Protection Laws: Webinar
Understanding Global Data Protection Laws: WebinarCipherCloud
 

More Related Content

What's hot

Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkLeigh Hill
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR ComplianceDATAVERSITY
 
Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceDave James
 
Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?Ulf Mattsson
 
Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery, Inc.
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...TrustArc
 
The Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationThe Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationJake DiMare
 
EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017Cliff Ashcroft
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processingTim Gough
 
GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.Matthias Dobbelaere-Welvaert
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...DATUM LLC
 
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...TrustArc
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationIBM Security
 

What's hot (20)

Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection framework
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR Compliance
 
Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR compliance
 
Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNtxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
 
Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery MCM - May 2016
Ghostery MCM - May 2016
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
 
The Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationThe Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection Regulation
 
EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017
 
Gdpr action plan
Gdpr action plan Gdpr action plan
Gdpr action plan
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPR
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processing
 
GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.GDPR: the legal aspects. By Matthias of theJurists Europe.
GDPR: the legal aspects. By Matthias of theJurists Europe.
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
 
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity Legislation
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
 

Similar to Digital Velocity London 2017 - Data Privacy and Sovereignty, Sheila Fitz Patrick

Understanding Global Data Protection Laws: Webinar
Understanding Global Data Protection Laws: WebinarUnderstanding Global Data Protection Laws: Webinar
Understanding Global Data Protection Laws: WebinarCipherCloud
 
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Complianceaccenture
 
2019 11-13 how to comply with ccpa as part of a global privacy strategy
2019 11-13 how to comply with ccpa as part of a global privacy strategy2019 11-13 how to comply with ccpa as part of a global privacy strategy
2019 11-13 how to comply with ccpa as part of a global privacy strategyTrustArc
 
ABCON-AGM-2021-Final-2.pptx
ABCON-AGM-2021-Final-2.pptxABCON-AGM-2021-Final-2.pptx
ABCON-AGM-2021-Final-2.pptxHillaryObomighie
 
Data protection For CYP Organisations
Data protection For CYP OrganisationsData protection For CYP Organisations
Data protection For CYP OrganisationsCliff Ashcroft
 
Isaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big dataIsaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big dataUlf Mattsson
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSAUlf Mattsson
 
The first steps towards GDPR compliance 
The first steps towards GDPR compliance The first steps towards GDPR compliance 
The first steps towards GDPR compliance IT Governance Ltd
 
Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Faidepro
 
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...TrustArc
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...CIO Edge
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsUlf Mattsson
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionInfoGoTo
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 

Similar to Digital Velocity London 2017 - Data Privacy and Sovereignty, Sheila Fitz Patrick (20)

What happens if you’re not ready for the GDPR?
What happens if you’re not ready for the GDPR?What happens if you’re not ready for the GDPR?
What happens if you’re not ready for the GDPR?
 
Understanding Global Data Protection Laws: Webinar
Understanding Global Data Protection Laws: WebinarUnderstanding Global Data Protection Laws: Webinar
Understanding Global Data Protection Laws: Webinar
 
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Compliance
 
20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is here20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is here
 
2019 11-13 how to comply with ccpa as part of a global privacy strategy
2019 11-13 how to comply with ccpa as part of a global privacy strategy2019 11-13 how to comply with ccpa as part of a global privacy strategy
2019 11-13 how to comply with ccpa as part of a global privacy strategy
 
ABCON-AGM-2021-Final-2.pptx
ABCON-AGM-2021-Final-2.pptxABCON-AGM-2021-Final-2.pptx
ABCON-AGM-2021-Final-2.pptx
 
Data protection For CYP Organisations
Data protection For CYP OrganisationsData protection For CYP Organisations
Data protection For CYP Organisations
 
GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
 
Isaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big dataIsaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big data
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSA
 
The first steps towards GDPR compliance 
The first steps towards GDPR compliance The first steps towards GDPR compliance 
The first steps towards GDPR compliance 
 
Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)Data theft rules and regulations things you should know (pt.1)
Data theft rules and regulations things you should know (pt.1)
 
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and Retention
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
 
2016 11-17-gdpr-integro-webinar
2016 11-17-gdpr-integro-webinar2016 11-17-gdpr-integro-webinar
2016 11-17-gdpr-integro-webinar
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
 

More from Tealium

2022 State of the CDP: Key Findings for Tackling the New Age of Data
2022 State of the CDP: Key Findings for Tackling the New Age of Data2022 State of the CDP: Key Findings for Tackling the New Age of Data
2022 State of the CDP: Key Findings for Tackling the New Age of DataTealium
 
Show Me You Care: Why You Should Be Talking About Privacy and Value-Exchange
Show Me You Care: Why You Should Be Talking About Privacy and Value-ExchangeShow Me You Care: Why You Should Be Talking About Privacy and Value-Exchange
Show Me You Care: Why You Should Be Talking About Privacy and Value-ExchangeTealium
 
Third-Party Cookie Loss Masterclass 3: Making Sense of the Changing Identity ...
Third-Party Cookie Loss Masterclass 3: Making Sense of the Changing Identity ...Third-Party Cookie Loss Masterclass 3: Making Sense of the Changing Identity ...
Third-Party Cookie Loss Masterclass 3: Making Sense of the Changing Identity ...Tealium
 
Third-Party Cookie Loss Masterclass 2: Dude, What About My DMP?
Third-Party Cookie Loss Masterclass 2: Dude, What About My DMP?Third-Party Cookie Loss Masterclass 2: Dude, What About My DMP?
Third-Party Cookie Loss Masterclass 2: Dude, What About My DMP?Tealium
 
Third-Party Cookie Loss Masterclass 1: So Your Cookie Crumbled, What's Next?
Third-Party Cookie Loss Masterclass 1: So Your Cookie Crumbled, What's Next?Third-Party Cookie Loss Masterclass 1: So Your Cookie Crumbled, What's Next?
Third-Party Cookie Loss Masterclass 1: So Your Cookie Crumbled, What's Next?Tealium
 
Tasty Tech: 3 Proven Recipes for Increasing Loyalty and Retention
Tasty Tech: 3 Proven Recipes for Increasing Loyalty and RetentionTasty Tech: 3 Proven Recipes for Increasing Loyalty and Retention
Tasty Tech: 3 Proven Recipes for Increasing Loyalty and RetentionTealium
 
Acquisition, Loyalty and Retention: How a CDP Creates Customers for Life
Acquisition, Loyalty and Retention: How a CDP Creates Customers for LifeAcquisition, Loyalty and Retention: How a CDP Creates Customers for Life
Acquisition, Loyalty and Retention: How a CDP Creates Customers for LifeTealium
 
[Webinar] The Best Kept Marketing Secret to Achieving Complete Customer Views
[Webinar] The Best Kept Marketing Secret to Achieving Complete Customer Views[Webinar] The Best Kept Marketing Secret to Achieving Complete Customer Views
[Webinar] The Best Kept Marketing Secret to Achieving Complete Customer ViewsTealium
 
[Webinar] How the Cookie Crumbled: Preparing for a Time without Third-Party C...
[Webinar] How the Cookie Crumbled: Preparing for a Time without Third-Party C...[Webinar] How the Cookie Crumbled: Preparing for a Time without Third-Party C...
[Webinar] How the Cookie Crumbled: Preparing for a Time without Third-Party C...Tealium
 
Digital Velocity London 2018 - How to Build Your Company's Core Innovation Ma...
Digital Velocity London 2018 - How to Build Your Company's Core Innovation Ma...Digital Velocity London 2018 - How to Build Your Company's Core Innovation Ma...
Digital Velocity London 2018 - How to Build Your Company's Core Innovation Ma...Tealium
 
Digital Velocity London 2018 - Getting to Grips with Global B2B, Julian Brewer
Digital Velocity London 2018 - Getting to Grips with Global B2B, Julian BrewerDigital Velocity London 2018 - Getting to Grips with Global B2B, Julian Brewer
Digital Velocity London 2018 - Getting to Grips with Global B2B, Julian BrewerTealium
 
Digital Velocity London - What's The Future for Data Orchestration, Tealium D...
Digital Velocity London - What's The Future for Data Orchestration, Tealium D...Digital Velocity London - What's The Future for Data Orchestration, Tealium D...
Digital Velocity London - What's The Future for Data Orchestration, Tealium D...Tealium
 
Digital Velocity London 2018 - How to drive personalisation at a global B2B c...
Digital Velocity London 2018 - How to drive personalisation at a global B2B c...Digital Velocity London 2018 - How to drive personalisation at a global B2B c...
Digital Velocity London 2018 - How to drive personalisation at a global B2B c...Tealium
 
Digital Velocity London 2018 - James Morgan, Sainsbury's
Digital Velocity London 2018 - James Morgan, Sainsbury'sDigital Velocity London 2018 - James Morgan, Sainsbury's
Digital Velocity London 2018 - James Morgan, Sainsbury'sTealium
 
Digital Velocity London 2017: Understanding AudienceStream Timeline and Funne...
Digital Velocity London 2017: Understanding AudienceStream Timeline and Funne...Digital Velocity London 2017: Understanding AudienceStream Timeline and Funne...
Digital Velocity London 2017: Understanding AudienceStream Timeline and Funne...Tealium
 
Digital Velocity London 2017: Mobile, IOT, Cloud
Digital Velocity London 2017: Mobile, IOT, CloudDigital Velocity London 2017: Mobile, IOT, Cloud
Digital Velocity London 2017: Mobile, IOT, CloudTealium
 
Digital Velocity London 2017: Data Layer Enrichment API
Digital Velocity London 2017: Data Layer Enrichment APIDigital Velocity London 2017: Data Layer Enrichment API
Digital Velocity London 2017: Data Layer Enrichment APITealium
 
Digital Velocity London 2017: Build Your Own Connector
Digital Velocity London 2017: Build Your Own ConnectorDigital Velocity London 2017: Build Your Own Connector
Digital Velocity London 2017: Build Your Own ConnectorTealium
 
Digital Velocity London 2017: All About The Data
Digital Velocity London 2017: All About The DataDigital Velocity London 2017: All About The Data
Digital Velocity London 2017: All About The DataTealium
 
Digital Velocity London 2017: Combining AudienceStream Attributes
Digital Velocity London 2017: Combining AudienceStream AttributesDigital Velocity London 2017: Combining AudienceStream Attributes
Digital Velocity London 2017: Combining AudienceStream AttributesTealium
 

More from Tealium (20)

2022 State of the CDP: Key Findings for Tackling the New Age of Data
2022 State of the CDP: Key Findings for Tackling the New Age of Data2022 State of the CDP: Key Findings for Tackling the New Age of Data
2022 State of the CDP: Key Findings for Tackling the New Age of Data
 
Show Me You Care: Why You Should Be Talking About Privacy and Value-Exchange
Show Me You Care: Why You Should Be Talking About Privacy and Value-ExchangeShow Me You Care: Why You Should Be Talking About Privacy and Value-Exchange
Show Me You Care: Why You Should Be Talking About Privacy and Value-Exchange
 
Third-Party Cookie Loss Masterclass 3: Making Sense of the Changing Identity ...
Third-Party Cookie Loss Masterclass 3: Making Sense of the Changing Identity ...Third-Party Cookie Loss Masterclass 3: Making Sense of the Changing Identity ...
Third-Party Cookie Loss Masterclass 3: Making Sense of the Changing Identity ...
 
Third-Party Cookie Loss Masterclass 2: Dude, What About My DMP?
Third-Party Cookie Loss Masterclass 2: Dude, What About My DMP?Third-Party Cookie Loss Masterclass 2: Dude, What About My DMP?
Third-Party Cookie Loss Masterclass 2: Dude, What About My DMP?
 
Third-Party Cookie Loss Masterclass 1: So Your Cookie Crumbled, What's Next?
Third-Party Cookie Loss Masterclass 1: So Your Cookie Crumbled, What's Next?Third-Party Cookie Loss Masterclass 1: So Your Cookie Crumbled, What's Next?
Third-Party Cookie Loss Masterclass 1: So Your Cookie Crumbled, What's Next?
 
Tasty Tech: 3 Proven Recipes for Increasing Loyalty and Retention
Tasty Tech: 3 Proven Recipes for Increasing Loyalty and RetentionTasty Tech: 3 Proven Recipes for Increasing Loyalty and Retention
Tasty Tech: 3 Proven Recipes for Increasing Loyalty and Retention
 
Acquisition, Loyalty and Retention: How a CDP Creates Customers for Life
Acquisition, Loyalty and Retention: How a CDP Creates Customers for LifeAcquisition, Loyalty and Retention: How a CDP Creates Customers for Life
Acquisition, Loyalty and Retention: How a CDP Creates Customers for Life
 
[Webinar] The Best Kept Marketing Secret to Achieving Complete Customer Views
[Webinar] The Best Kept Marketing Secret to Achieving Complete Customer Views[Webinar] The Best Kept Marketing Secret to Achieving Complete Customer Views
[Webinar] The Best Kept Marketing Secret to Achieving Complete Customer Views
 
[Webinar] How the Cookie Crumbled: Preparing for a Time without Third-Party C...
[Webinar] How the Cookie Crumbled: Preparing for a Time without Third-Party C...[Webinar] How the Cookie Crumbled: Preparing for a Time without Third-Party C...
[Webinar] How the Cookie Crumbled: Preparing for a Time without Third-Party C...
 
Digital Velocity London 2018 - How to Build Your Company's Core Innovation Ma...
Digital Velocity London 2018 - How to Build Your Company's Core Innovation Ma...Digital Velocity London 2018 - How to Build Your Company's Core Innovation Ma...
Digital Velocity London 2018 - How to Build Your Company's Core Innovation Ma...
 
Digital Velocity London 2018 - Getting to Grips with Global B2B, Julian Brewer
Digital Velocity London 2018 - Getting to Grips with Global B2B, Julian BrewerDigital Velocity London 2018 - Getting to Grips with Global B2B, Julian Brewer
Digital Velocity London 2018 - Getting to Grips with Global B2B, Julian Brewer
 
Digital Velocity London - What's The Future for Data Orchestration, Tealium D...
Digital Velocity London - What's The Future for Data Orchestration, Tealium D...Digital Velocity London - What's The Future for Data Orchestration, Tealium D...
Digital Velocity London - What's The Future for Data Orchestration, Tealium D...
 
Digital Velocity London 2018 - How to drive personalisation at a global B2B c...
Digital Velocity London 2018 - How to drive personalisation at a global B2B c...Digital Velocity London 2018 - How to drive personalisation at a global B2B c...
Digital Velocity London 2018 - How to drive personalisation at a global B2B c...
 
Digital Velocity London 2018 - James Morgan, Sainsbury's
Digital Velocity London 2018 - James Morgan, Sainsbury'sDigital Velocity London 2018 - James Morgan, Sainsbury's
Digital Velocity London 2018 - James Morgan, Sainsbury's
 
Digital Velocity London 2017: Understanding AudienceStream Timeline and Funne...
Digital Velocity London 2017: Understanding AudienceStream Timeline and Funne...Digital Velocity London 2017: Understanding AudienceStream Timeline and Funne...
Digital Velocity London 2017: Understanding AudienceStream Timeline and Funne...
 
Digital Velocity London 2017: Mobile, IOT, Cloud
Digital Velocity London 2017: Mobile, IOT, CloudDigital Velocity London 2017: Mobile, IOT, Cloud
Digital Velocity London 2017: Mobile, IOT, Cloud
 
Digital Velocity London 2017: Data Layer Enrichment API
Digital Velocity London 2017: Data Layer Enrichment APIDigital Velocity London 2017: Data Layer Enrichment API
Digital Velocity London 2017: Data Layer Enrichment API
 
Digital Velocity London 2017: Build Your Own Connector
Digital Velocity London 2017: Build Your Own ConnectorDigital Velocity London 2017: Build Your Own Connector
Digital Velocity London 2017: Build Your Own Connector
 
Digital Velocity London 2017: All About The Data
Digital Velocity London 2017: All About The DataDigital Velocity London 2017: All About The Data
Digital Velocity London 2017: All About The Data
 
Digital Velocity London 2017: Combining AudienceStream Attributes
Digital Velocity London 2017: Combining AudienceStream AttributesDigital Velocity London 2017: Combining AudienceStream Attributes
Digital Velocity London 2017: Combining AudienceStream Attributes
 

Recently uploaded

Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...
Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...
Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...ChesterYang6
 
Moving beyond multi-touch attribution - DigiMarCon CanWest 2024
Moving beyond multi-touch attribution - DigiMarCon CanWest 2024Moving beyond multi-touch attribution - DigiMarCon CanWest 2024
Moving beyond multi-touch attribution - DigiMarCon CanWest 2024Richard Ingilby
 
Red bull marketing presentation pptxxxxx
Red bull marketing presentation pptxxxxxRed bull marketing presentation pptxxxxx
Red bull marketing presentation pptxxxxx216310017
 
Social Samosa Guidebook for SAMMIES 2024.pdf
Social Samosa Guidebook for SAMMIES 2024.pdfSocial Samosa Guidebook for SAMMIES 2024.pdf
Social Samosa Guidebook for SAMMIES 2024.pdfSocial Samosa
 
DIGITAL MARKETING STRATEGY_INFOGRAPHIC IMAGE.pdf
DIGITAL MARKETING STRATEGY_INFOGRAPHIC IMAGE.pdfDIGITAL MARKETING STRATEGY_INFOGRAPHIC IMAGE.pdf
DIGITAL MARKETING STRATEGY_INFOGRAPHIC IMAGE.pdfmayanksharma0441
 
TAM AdEx 2023 Cross Media Advertising Recap - Auto Sector
TAM AdEx 2023 Cross Media Advertising Recap - Auto SectorTAM AdEx 2023 Cross Media Advertising Recap - Auto Sector
TAM AdEx 2023 Cross Media Advertising Recap - Auto SectorSocial Samosa
 
TOP DUBAI AGENCY OFFERS EXPERT DIGITAL MARKETING SERVICES.pdf
TOP DUBAI AGENCY OFFERS EXPERT DIGITAL MARKETING SERVICES.pdfTOP DUBAI AGENCY OFFERS EXPERT DIGITAL MARKETING SERVICES.pdf
TOP DUBAI AGENCY OFFERS EXPERT DIGITAL MARKETING SERVICES.pdfasiyahanif9977
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Film Nagar high-profile Call ...
VIP 7001035870 Find & Meet Hyderabad Call Girls Film Nagar high-profile Call ...VIP 7001035870 Find & Meet Hyderabad Call Girls Film Nagar high-profile Call ...
VIP 7001035870 Find & Meet Hyderabad Call Girls Film Nagar high-profile Call ...aditipandeya
 
Cost-effective tactics for navigating CPC surges
Cost-effective tactics for navigating CPC surgesCost-effective tactics for navigating CPC surges
Cost-effective tactics for navigating CPC surgesPushON Ltd
 
Snapshot of Consumer Behaviors of March 2024-EOLiSurvey (EN).pdf
Snapshot of Consumer Behaviors of March 2024-EOLiSurvey (EN).pdfSnapshot of Consumer Behaviors of March 2024-EOLiSurvey (EN).pdf
Snapshot of Consumer Behaviors of March 2024-EOLiSurvey (EN).pdfEastern Online-iSURVEY
 
DGTLmart : Digital Solutions for 4X Growth
DGTLmart : Digital Solutions for 4X GrowthDGTLmart : Digital Solutions for 4X Growth
DGTLmart : Digital Solutions for 4X Growthcsear2019
 
Omnichannel Marketing: Defining Omnichannel Marketing
Omnichannel Marketing: Defining Omnichannel MarketingOmnichannel Marketing: Defining Omnichannel Marketing
Omnichannel Marketing: Defining Omnichannel MarketingDove Soft Ltd
 
DGR_Digital Advertising Strategies for a Cookieless World_Presentation.pdf
DGR_Digital Advertising Strategies for a Cookieless World_Presentation.pdfDGR_Digital Advertising Strategies for a Cookieless World_Presentation.pdf
DGR_Digital Advertising Strategies for a Cookieless World_Presentation.pdfDemandbase
 
What are the 4 characteristics of CTAs that convert?
What are the 4 characteristics of CTAs that convert?What are the 4 characteristics of CTAs that convert?
What are the 4 characteristics of CTAs that convert?Juan Pineda
 
Best Persuasive selling skills presentation.pptx
Best Persuasive selling skills presentation.pptxBest Persuasive selling skills presentation.pptx
Best Persuasive selling skills presentation.pptxMasterPhil1
 
Call Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCRCall Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCRSapana Sha
 
Influencer Marketing Power point presentation
Influencer Marketing Power point presentationInfluencer Marketing Power point presentation
Influencer Marketing Power point presentationdgtivemarketingagenc
 
Digital Marketing Spotlight: Lifecycle Advertising Strategies.pdf
Digital Marketing Spotlight: Lifecycle Advertising Strategies.pdfDigital Marketing Spotlight: Lifecycle Advertising Strategies.pdf
Digital Marketing Spotlight: Lifecycle Advertising Strategies.pdfDemandbase
 
VIP Call Girls In Green Park 9654467111 Escorts Service
VIP Call Girls In Green Park 9654467111 Escorts ServiceVIP Call Girls In Green Park 9654467111 Escorts Service
VIP Call Girls In Green Park 9654467111 Escorts ServiceSapana Sha
 
9654467111 Call Girls In Mahipalpur Women Seeking Men
9654467111 Call Girls In Mahipalpur Women Seeking Men9654467111 Call Girls In Mahipalpur Women Seeking Men
9654467111 Call Girls In Mahipalpur Women Seeking MenSapana Sha
 

Recently uploaded (20)

Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...
Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...
Netflix Ads The Game Changer in Video Ads – Who Needs YouTube.pptx (Chester Y...
 
Moving beyond multi-touch attribution - DigiMarCon CanWest 2024
Moving beyond multi-touch attribution - DigiMarCon CanWest 2024Moving beyond multi-touch attribution - DigiMarCon CanWest 2024
Moving beyond multi-touch attribution - DigiMarCon CanWest 2024
 
Red bull marketing presentation pptxxxxx
Red bull marketing presentation pptxxxxxRed bull marketing presentation pptxxxxx
Red bull marketing presentation pptxxxxx
 
Social Samosa Guidebook for SAMMIES 2024.pdf
Social Samosa Guidebook for SAMMIES 2024.pdfSocial Samosa Guidebook for SAMMIES 2024.pdf
Social Samosa Guidebook for SAMMIES 2024.pdf
 
DIGITAL MARKETING STRATEGY_INFOGRAPHIC IMAGE.pdf
DIGITAL MARKETING STRATEGY_INFOGRAPHIC IMAGE.pdfDIGITAL MARKETING STRATEGY_INFOGRAPHIC IMAGE.pdf
DIGITAL MARKETING STRATEGY_INFOGRAPHIC IMAGE.pdf
 
TAM AdEx 2023 Cross Media Advertising Recap - Auto Sector
TAM AdEx 2023 Cross Media Advertising Recap - Auto SectorTAM AdEx 2023 Cross Media Advertising Recap - Auto Sector
TAM AdEx 2023 Cross Media Advertising Recap - Auto Sector
 
TOP DUBAI AGENCY OFFERS EXPERT DIGITAL MARKETING SERVICES.pdf
TOP DUBAI AGENCY OFFERS EXPERT DIGITAL MARKETING SERVICES.pdfTOP DUBAI AGENCY OFFERS EXPERT DIGITAL MARKETING SERVICES.pdf
TOP DUBAI AGENCY OFFERS EXPERT DIGITAL MARKETING SERVICES.pdf
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Film Nagar high-profile Call ...
VIP 7001035870 Find & Meet Hyderabad Call Girls Film Nagar high-profile Call ...VIP 7001035870 Find & Meet Hyderabad Call Girls Film Nagar high-profile Call ...
VIP 7001035870 Find & Meet Hyderabad Call Girls Film Nagar high-profile Call ...
 
Cost-effective tactics for navigating CPC surges
Cost-effective tactics for navigating CPC surgesCost-effective tactics for navigating CPC surges
Cost-effective tactics for navigating CPC surges
 
Snapshot of Consumer Behaviors of March 2024-EOLiSurvey (EN).pdf
Snapshot of Consumer Behaviors of March 2024-EOLiSurvey (EN).pdfSnapshot of Consumer Behaviors of March 2024-EOLiSurvey (EN).pdf
Snapshot of Consumer Behaviors of March 2024-EOLiSurvey (EN).pdf
 
DGTLmart : Digital Solutions for 4X Growth
DGTLmart : Digital Solutions for 4X GrowthDGTLmart : Digital Solutions for 4X Growth
DGTLmart : Digital Solutions for 4X Growth
 
Omnichannel Marketing: Defining Omnichannel Marketing
Omnichannel Marketing: Defining Omnichannel MarketingOmnichannel Marketing: Defining Omnichannel Marketing
Omnichannel Marketing: Defining Omnichannel Marketing
 
DGR_Digital Advertising Strategies for a Cookieless World_Presentation.pdf
DGR_Digital Advertising Strategies for a Cookieless World_Presentation.pdfDGR_Digital Advertising Strategies for a Cookieless World_Presentation.pdf
DGR_Digital Advertising Strategies for a Cookieless World_Presentation.pdf
 
What are the 4 characteristics of CTAs that convert?
What are the 4 characteristics of CTAs that convert?What are the 4 characteristics of CTAs that convert?
What are the 4 characteristics of CTAs that convert?
 
Best Persuasive selling skills presentation.pptx
Best Persuasive selling skills presentation.pptxBest Persuasive selling skills presentation.pptx
Best Persuasive selling skills presentation.pptx
 
Call Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCRCall Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCR
 
Influencer Marketing Power point presentation
Influencer Marketing Power point presentationInfluencer Marketing Power point presentation
Influencer Marketing Power point presentation
 
Digital Marketing Spotlight: Lifecycle Advertising Strategies.pdf
Digital Marketing Spotlight: Lifecycle Advertising Strategies.pdfDigital Marketing Spotlight: Lifecycle Advertising Strategies.pdf
Digital Marketing Spotlight: Lifecycle Advertising Strategies.pdf
 
VIP Call Girls In Green Park 9654467111 Escorts Service
VIP Call Girls In Green Park 9654467111 Escorts ServiceVIP Call Girls In Green Park 9654467111 Escorts Service
VIP Call Girls In Green Park 9654467111 Escorts Service
 
9654467111 Call Girls In Mahipalpur Women Seeking Men
9654467111 Call Girls In Mahipalpur Women Seeking Men9654467111 Call Girls In Mahipalpur Women Seeking Men
9654467111 Call Girls In Mahipalpur Women Seeking Men
 

Digital Velocity London 2017 - Data Privacy and Sovereignty, Sheila Fitz Patrick

  • 1. © 2017 Tealium Inc. All rights reserved. | 1© 2017 Tealium Inc. All rights reserved. | 1
  • 2. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---2 Data Privacy and Sovereignty Changing Legal Landscape – GDPR Sheila M. FitzPatrick Chief Privacy Officer NetApp, Inc.
  • 3. Agenda 1) Why do data privacy and sovereignty laws matter? 2) Data protection legal landscape 3) General Data Protection Regulation: Key highlights 4) Shared concerns and misperceptions 5) Data privacy versus data security 6) How do you mitigate the risks? 7) The NetApp global model of excellence 8) The NetApp value proposition: Start with the legal framework 9) Key takeaways © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---3
  • 4. ▪ Heightened concerns over data access ▪ New technology driving the importance of privacy considerations ▪ Serious privacy risks with new technology (for example, cloud and internet of things [IoT]) ▪ Focus moving toward data sovereignty or cross-border flows ▪ Lack of companies addressing privacy Why do data privacy and sovereignty laws matter? ▪ Concern for customers ▪ Global business expansion ▪ New business and business models ▪ Global regulation expanding ▪ Greater sanctions and penalties ▪ Intense media and social media focus on privacy and security breaches © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---4
  • 5. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---5 Data Protection Legal Landscape
  • 6. Global Data Protection Laws © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---6 ▪ General Data Protection Regulation (GDPR) ▪ ePrivacy directive ▪ Country-specific laws ▪ Cloud computing directive ▪ Data sovereignty obligations ▪ Cybersecurity directive ▪ Antispam laws ▪ Healthcare privacy laws ▪ Data breach regulation European Union (EU) Asia-Pacific Canada Latin America ▪ Country-specific privacy laws ▪ Healthcare privacy laws ▪ Asia-Pacific Economic Cooperation (APEC) cyber privacy code ▪ Cross Border Privacy Rules (CBPR) ▪ Restrictions on marketing activities ▪ Restrictions on cloud computing ▪ Data breach regulations ▪ Privacy Act ▪ Personal Information Protection and Electronic Documents Act (PIPEDA) ▪ Digital Privacy Act 2015 ▪ Provincial or sovereignty laws ▪ Medical records laws ▪ Cybersecurity regulations ▪ Canada Anti-Spam Law (CASL) ▪ Data breach regulations ▪ Cross-border transfer restrictions ▪ Country-specific privacy laws ▪ Personal health information privacy laws ▪ Cloud computing regulations ▪ Organization of American States (OAS) cybersecurity guidelines ▪ Data breach regulations
  • 7. ▪ Patchwork system of privacy laws ▪ Federal Trade Commission Act (consumer protection) ▪ Electronic Communications Privacy Act ▪ Judicial Redress Act ▪ Cybersecurity Executive Order (voluntary) ▪ Data breach regulations ▪ Healthcare—Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act ▪ Regulated industries (government, financial, and critical infrastructure) ▪ State privacy laws ▪ Privacy Shield U.S. Data Protection Laws 7 © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---
  • 8. General Data Protection Regulation: Key highlights ▪ First and foremost a legal compliance issue, not an IT or technology issue ▪ Affects any company regardless of location ▪ Requires appointment of Data Protection Officer (DPO), who “owns” responsibility for GDPR ▪ Requires a strong data privacy compliance framework ▪ Affects business functions that collect or process personal data ▪ Requires data retention and destruction policies and procedures ▪ Has legal and relevant need to know how to collect, access, or process personal data ▪ Has greater data processor obligations or accountability ▪ Effective May 25, 2018 © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---8
  • 9. What does GDPR mean for companies? ▪ The law has a broader definition of personal data and pulls more data into the “regulatory net.” ▪ The definition of personal data now includes unique identifiers, IP address, biometrics, genetic data, and location data. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---9
  • 10. ▪ The law is extraterritorial. ▪ The law applies to any organization anywhere in the world that collects, processes, accesses, shares, stores, or transfers EU personal data. What does GDPR mean for companies? © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---10
  • 11. What does GDPR mean for companies? ▪ New obligations include transparency, accountability, data minimization, data destruction, and 72-hour data breach notification. ▪ The law mandates privacy by design before embracing new technology. ▪ The law requires privacy impact assessments (PIAs). © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---11
  • 12. ▪ The law features new accountability rules for data processors. ▪ The law applies to any organization that provides a service on behalf of another organization. What does GDPR mean for companies? © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---12
  • 13. What does GDPR mean for companies? ▪ The law mandates the attainment of freely given, explicit, and unambiguous consent (not implied or forced). ▪ The law enables the deletion of data when it is no longer needed. ▪ The law provides the right to erasure. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---13
  • 14. What does GDPR mean for companies? The law increases the penalties for breaches or noncompliance to €20 million or 4% of annual global turnover. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---14
  • 15. ▪ Understand it is first and foremost, a legal issue, not an IT issue. ▪ The CPO “owns” the GDPR issue. ▪ Tools and technology are great, but you cannot start there. ▪ A strong data privacy compliance framework or program must be in place. ▪ Assess the personal data that you collect and store. ▪ Review current agreements, internal and external, in regard to data privacy. How do you prepare for GDPR? ▪ Implement a violation mitigation process for privacy and security. ▪ Implement relevant and transparent policies and procedures. ▪ Introduce Privacy Impact Assessments (PIAs). ▪ Develop a global records retention policy and schedule. ▪ Form a GDPR swat team. ▪ Evaluate tools and technology to help maintain ongoing compliance. ▪ Find a trusted advisor who truly understands GDPR and privacy laws. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---15
  • 16. ▪ Location of data centers ▪ EU data stored or processed in UK ▪ Lead authority for BCRs ▪ Model Contractual Clauses in place ▪ UK may be deemed “inadequate” Will BREXIT impact you? 16 © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE --- ▪ New agreements with UK providers ▪ UK Data Protection Act vs. GDPR ▪ Identified deficiencies by EU Authorities ▪ Data breach notification ▪ UK investigatory powers
  • 17. EU-US Privacy Shield – Is it the Right Direction? © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---17 ▪ ECJ Adequacy ▪ ECJ invalidation ▪ Member State Challenges ▪ Mistrust of US Commitment ▪ “Cosmetic” change to Safe Harbor ▪ Not compliant with GDPR Pros Cons Potential ObstaclesStatus ▪ No current enforcement mechanism in the US ▪ US self-certification ▪ Challenges from Max Schremes and other privacy advocates companies ▪ “Loopholes” in US Redress Act ▪ No mass surveillance ▪ EU citizens’ redress mechanism ▪ Strong obligations/robust enforcement ▪ Transparency regarding US Gov’t access ▪ Recently approved – 4 abstentions ▪ US appointment of an Ombudsman ▪ Dissatisfaction in some Member States and privacy advocates ▪ Self-certification as of August 1, 2016
  • 18. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---18 Shared Concerns and Misperceptions
  • 19. Foremost on the minds of companies ▪ How to embrace the cloud and new technology ▪ Compliance with data privacy and sovereignty laws ▪ Where to begin with GDPR ▪ Mixed messages and misleading information ▪ Data location and sovereignty ▪ Cybersecurity ▪ Data breach remediation and contingency plans ▪ Loss of control ▪ Data security ▪ Accountability and liability ▪ Data retention and destruction capability ▪ Whom to turn to for help © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---19
  • 20. Challenges in the world of cloud computing ▪ Global restrictions ▪ Compliance with data privacy and sovereignty laws ▪ Volume of data from unknown sources ▪ Data location, jurisdiction, and cross-border data flow ▪ Data control and/or ownership ▪ Lack of transparency ▪ Data that could or should live in the cloud (and type of cloud) ▪ Data breach remediation and contingency plans ▪ Security, including encryption and tokenization ▪ Use of third parties ▪ Litigation and electronic discovery ▪ Misperception of privacy versus security © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---20
  • 21. Data privacy versus data security ▪ Data security is not data privacy. ▪ Privacy is the legal collection, use, sharing, storage, and transfer of data; privacy is legislated and regulated. ▪ Security is a fortress around the data. ▪ Companies can have world-class security but no data privacy. ▪ International Organization for Standardization (ISO) 27018 addresses security but not data privacy. ▪ All cloud vendors can address security, but few can address privacy. ▪ The legal PIA is a critical decision mechanism. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---21
  • 22. ▪ Clear and explicit policies and procedures ▪ Privacy Impact Assessments (PIAs) ▪ Data privacy agreements and model contractual clauses ▪ Knowing the difference between privacy and security ▪ Restricted access to data ▪ Well-defined data ownership of data controller versus data processor ▪ Transparency: opt ins and opt outs How do you mitigate the risks? ▪ Classified data (what should or should not live in the cloud) ▪ Vetted third parties ▪ Asking the right questions ▪ Knowing your risk tolerance © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---22
  • 23. © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---23 NetApp’s Model of Excellence
  • 24. The NetApp global model of excellence © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---24 Business-Impacting Decisions NetApp Expertise: A Model Global Company for Addressing These Concerns NetApp Internal Global Model Program Global Policies and Procedures Monitor and Advocate Internal and External Partnerships Internal and External Training Verify That Products Mitigate Privacy Risks Execute on Laws Key Business Needs Store Data Protect Data Understand Legislation and Regulation Balance Risks Manage Costs Global Data Privacy Cybersecurity Cloud Computing Big Data
  • 25. ▪ NetApp uses its business model to help enterprises prepare for and be compliant with EU GDPR regulations (95% compliant with GDPR) ▪ NetApp has a reputation for excellence in global data privacy and is one of fewer than 100 companies that have BCRs. ▪ NetApp educates customers on the data privacy compliance foundation before introducing products that help maintain compliance with GDPR. ▪ The Data Fabric strategy enables organizations to control, manage, secure, and protect their data whenever and wherever access is needed. The NetApp value proposition: Start with the legal framework Key components © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---25
  • 26. Key takeaways ▪ Embrace the laws instead of running from them ▪ Start with the data privacy compliance framework, not technology ▪ Know the importance of privacy due diligence ▪ Know the difference between privacy and security ▪ Ask the hard questions and push back on their suppliers ▪ Know that there is more at stake than where the data center is located ▪ Reach out to NetApp as a data privacy and governance-trusted advisor © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---26
  • 27. THANK YOU © 2017 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL LIMITED USE ---27 Sheila.fitzpatrick@netapp.com @sheilafitzp