SlideShare a Scribd company logo

How to protect privacy sensitive data that is collected to control the coronavirus outbreak 2020 apr 28

In Singapore, the Government launched an app using short-distance Bluetooth signals to connect one phone using the app with another user who is close by. It stores detailed records on a user's phone for 21 days decrypt the data if there is a public health risk related to an individual's movements. China used a similar method to track a person's health status and to control movement in cities with high numbers of coronavirus cases. Individuals had to use the app and share their status to be able to access public transportation. The keys to addressing privacy concerns about high-tech surveillance by the state is de-identifying the data and giving individuals control over their own data. Personal details that may reveal your identity such as a user's name should not be collected or should be protected with access to be granted for only specific health purposes, and data should be deleted after its specific use is no longer needed. We will discuss how to protect privacy sensitive data that is collected to control the coronavirus outbreak.

1 of 61
Download to read offline
1
How to Protect Data Privacy
During the Coronavirus
Outbreak
Business Insider
ULFMATTSSON.COM
Ulf Mattsson| Founder
ulf@ulfmattsson.com
2 Business Insider
ULFMATTSSON.COM
Ulf Mattsson| Founder
ulf@ulfmattsson.com
Please submit your questions
during our session!
3
1. Founder of ULFMATTSSON.COM
2. Head of Innovation at TokenEx
3. Chief Technology Officer at
• Protegrity
• Atlantic BT
• Compliance Engineering
4. Architect & Developer at IBM Research and Development
5. Inventor of more than 70 awarded US Patents
6. Products and Services
• Data Encryption, Tokenization, and Data Discovery
• Security and Privacy Benchmarking/Gap-analysis for Financial Industry
• Managed Security Services, and Security Operation Centers
• Cloud Application Security Brokers, and Web Application Firewalls
• Robotics and Applications in Manufacturing
Ulf Mattsson
4
https://www.contrace.org/contact-tracing-jobs
5
Coronavirus &
Surveillance
6
How smart city tech is being used to control the coronavirus outbreak
https://www.techrepublic.com/article/how-smart-city-tech-is-being-used-to-control-the-coronavirus-outbreak/?ftag=COS-05-
10aaa0g&taid=5e8256ee9a7fcd0001c497db&utm_campaign=trueAnthem:+Twitter+Card&utm_medium=trueAnthemCard&utm_source=twitterCard
In Singapore, the Government Technology Agency of Singapore launched TraceTogether on March 20 in
collaboration with the Ministry of Health.
• The TraceTogether app uses short-distance Bluetooth signals to connect one phone using the app with another
user who is close by.
• It stores detailed records on a user's phone for 21 days but does not include location data.
• Authorities have said they will decrypt the data if there is a public health risk related to an individual's
movements.
China used a similar method to track a person's health status and to control movement in cities with high numbers
of coronavirus cases.
• Individuals had to use the app and share their status to be able to access public transportation.
David Heyman, founder and CEO of Smart City Works said that the keys to addressing privacy concerns about high-
tech surveillance by the state is anonymizing the data and giving individuals as much control over their own data as
possible.
• "Personal details that may reveal your identity such as a user's name should not be collected or should be
encrypted with access to be granted for only specific health purposes, and data should be deleted after its
specific use is no longer needed," he said.

Recommended

Data Protection & Privacy During the Coronavirus Pandemic
Data Protection & Privacy During the Coronavirus PandemicData Protection & Privacy During the Coronavirus Pandemic
Data Protection & Privacy During the Coronavirus PandemicUlf Mattsson
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeUlf Mattsson
 
What I Learned at RSAC 2020
What I Learned at RSAC 2020What I Learned at RSAC 2020
What I Learned at RSAC 2020Ulf Mattsson
 
Emerging application and data protection for cloud
Emerging application and data protection for cloudEmerging application and data protection for cloud
Emerging application and data protection for cloudUlf Mattsson
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningUlf Mattsson
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london   data protection, security and privacy risks - on premis...Jul 16 isaca london   data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyUlf Mattsson
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 

More Related Content

What's hot

Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudITDogadjaji.com
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloudUlf Mattsson
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloudUlf Mattsson
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
Data protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsData protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsUlf Mattsson
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Joseph White MPA CPM
 
ghostsinthemachine2
ghostsinthemachine2ghostsinthemachine2
ghostsinthemachine2Shane Kite
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationUlf Mattsson
 
Webinar: Securing Mobile Banking Apps
Webinar: Securing Mobile Banking AppsWebinar: Securing Mobile Banking Apps
Webinar: Securing Mobile Banking AppsWultra
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh WebinarArrow ECS UK
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston  - Practical data privacy and de-identification techniquesISACA Houston  - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesUlf Mattsson
 
Analyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaAnalyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaEMC
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudUlf Mattsson
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022Temok IT Services
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 
How to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarHow to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarJudgeEagle
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Ulf Mattsson
 

What's hot (20)

Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and Cloud
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
Data protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsData protection on premises, and in public and private clouds
Data protection on premises, and in public and private clouds
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government Sector
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
 
ghostsinthemachine2
ghostsinthemachine2ghostsinthemachine2
ghostsinthemachine2
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computation
 
Webinar: Securing Mobile Banking Apps
Webinar: Securing Mobile Banking AppsWebinar: Securing Mobile Banking Apps
Webinar: Securing Mobile Banking Apps
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh Webinar
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston  - Practical data privacy and de-identification techniquesISACA Houston  - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniques
 
Analyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaAnalyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - China
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
 
100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
 
How to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarHow to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jar
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0
 

Similar to How to protect privacy sensitive data that is collected to control the coronavirus outbreak 2020 apr 28

Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy  Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy Carolina Rossini
 
Getting the social side of pervasive computing right
Getting the social side of pervasive computing rightGetting the social side of pervasive computing right
Getting the social side of pervasive computing rightblogzilla
 
How Technology Has Changed Our Traditional Understanding...
How Technology Has Changed Our Traditional Understanding...How Technology Has Changed Our Traditional Understanding...
How Technology Has Changed Our Traditional Understanding...Brianna Johnson
 
Emerging Applications on Smart Phones: The Role of Privacy Concerns and its A...
Emerging Applications on Smart Phones: The Role of Privacy Concerns and its A...Emerging Applications on Smart Phones: The Role of Privacy Concerns and its A...
Emerging Applications on Smart Phones: The Role of Privacy Concerns and its A...AIRCC Publishing Corporation
 
Don't Panic. Making Progress on the 'Going Dark' Debate
Don't Panic. Making Progress on the 'Going Dark' DebateDon't Panic. Making Progress on the 'Going Dark' Debate
Don't Panic. Making Progress on the 'Going Dark' DebateFabio Chiusi
 
Future of privacy - An initial perspective - Stephen Deadman, Vodafone
Future of privacy - An initial perspective - Stephen Deadman, VodafoneFuture of privacy - An initial perspective - Stephen Deadman, Vodafone
Future of privacy - An initial perspective - Stephen Deadman, VodafoneFuture Agenda
 
GIVING UP PRIVACY FOR SECURITY: A SURVEY ON PRIVACY TRADE-OFF DURING PANDEMIC...
GIVING UP PRIVACY FOR SECURITY: A SURVEY ON PRIVACY TRADE-OFF DURING PANDEMIC...GIVING UP PRIVACY FOR SECURITY: A SURVEY ON PRIVACY TRADE-OFF DURING PANDEMIC...
GIVING UP PRIVACY FOR SECURITY: A SURVEY ON PRIVACY TRADE-OFF DURING PANDEMIC...ijcisjournal
 
Top contact tracing mobile apps for covid 19 in 2020
Top contact tracing mobile apps for covid 19 in 2020Top contact tracing mobile apps for covid 19 in 2020
Top contact tracing mobile apps for covid 19 in 2020FugenX
 
Data privacy and security
Data privacy and securityData privacy and security
Data privacy and securitytoomz32
 
Security techniques for intelligent spam sensing and anomaly detection in onl...
Security techniques for intelligent spam sensing and anomaly detection in onl...Security techniques for intelligent spam sensing and anomaly detection in onl...
Security techniques for intelligent spam sensing and anomaly detection in onl...IJECEIAES
 
(300-400 words)1- Watch anyone of the following documentarymovi.docx
(300-400 words)1- Watch anyone of the following documentarymovi.docx(300-400 words)1- Watch anyone of the following documentarymovi.docx
(300-400 words)1- Watch anyone of the following documentarymovi.docxmayank272369
 
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docxAccessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docxnettletondevon
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?Hayden McCall
 
The criticality-of-security-in-the-internet-of-things joa-eng_1115
The criticality-of-security-in-the-internet-of-things joa-eng_1115The criticality-of-security-in-the-internet-of-things joa-eng_1115
The criticality-of-security-in-the-internet-of-things joa-eng_1115Devaraj Sl
 
A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...LUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
The Impact Of Internet On Information Privacy
The Impact Of Internet On Information PrivacyThe Impact Of Internet On Information Privacy
The Impact Of Internet On Information PrivacyPamela Smith
 
Essay On Cyber Intelligence Sharing And Protection Act
Essay On  Cyber Intelligence Sharing And Protection ActEssay On  Cyber Intelligence Sharing And Protection Act
Essay On Cyber Intelligence Sharing And Protection ActMary Stevenson
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxadampcarr67227
 

Similar to How to protect privacy sensitive data that is collected to control the coronavirus outbreak 2020 apr 28 (20)

privtechsomeassemb
privtechsomeassembprivtechsomeassemb
privtechsomeassemb
 
Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy  Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy
 
Getting the social side of pervasive computing right
Getting the social side of pervasive computing rightGetting the social side of pervasive computing right
Getting the social side of pervasive computing right
 
How Technology Has Changed Our Traditional Understanding...
How Technology Has Changed Our Traditional Understanding...How Technology Has Changed Our Traditional Understanding...
How Technology Has Changed Our Traditional Understanding...
 
Emerging Applications on Smart Phones: The Role of Privacy Concerns and its A...
Emerging Applications on Smart Phones: The Role of Privacy Concerns and its A...Emerging Applications on Smart Phones: The Role of Privacy Concerns and its A...
Emerging Applications on Smart Phones: The Role of Privacy Concerns and its A...
 
Don't Panic. Making Progress on the 'Going Dark' Debate
Don't Panic. Making Progress on the 'Going Dark' DebateDon't Panic. Making Progress on the 'Going Dark' Debate
Don't Panic. Making Progress on the 'Going Dark' Debate
 
Future of privacy - An initial perspective - Stephen Deadman, Vodafone
Future of privacy - An initial perspective - Stephen Deadman, VodafoneFuture of privacy - An initial perspective - Stephen Deadman, Vodafone
Future of privacy - An initial perspective - Stephen Deadman, Vodafone
 
GIVING UP PRIVACY FOR SECURITY: A SURVEY ON PRIVACY TRADE-OFF DURING PANDEMIC...
GIVING UP PRIVACY FOR SECURITY: A SURVEY ON PRIVACY TRADE-OFF DURING PANDEMIC...GIVING UP PRIVACY FOR SECURITY: A SURVEY ON PRIVACY TRADE-OFF DURING PANDEMIC...
GIVING UP PRIVACY FOR SECURITY: A SURVEY ON PRIVACY TRADE-OFF DURING PANDEMIC...
 
Top contact tracing mobile apps for covid 19 in 2020
Top contact tracing mobile apps for covid 19 in 2020Top contact tracing mobile apps for covid 19 in 2020
Top contact tracing mobile apps for covid 19 in 2020
 
Data privacy and security
Data privacy and securityData privacy and security
Data privacy and security
 
Security techniques for intelligent spam sensing and anomaly detection in onl...
Security techniques for intelligent spam sensing and anomaly detection in onl...Security techniques for intelligent spam sensing and anomaly detection in onl...
Security techniques for intelligent spam sensing and anomaly detection in onl...
 
(300-400 words)1- Watch anyone of the following documentarymovi.docx
(300-400 words)1- Watch anyone of the following documentarymovi.docx(300-400 words)1- Watch anyone of the following documentarymovi.docx
(300-400 words)1- Watch anyone of the following documentarymovi.docx
 
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docxAccessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docx
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?
 
The criticality-of-security-in-the-internet-of-things joa-eng_1115
The criticality-of-security-in-the-internet-of-things joa-eng_1115The criticality-of-security-in-the-internet-of-things joa-eng_1115
The criticality-of-security-in-the-internet-of-things joa-eng_1115
 
A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...
 
The Impact Of Internet On Information Privacy
The Impact Of Internet On Information PrivacyThe Impact Of Internet On Information Privacy
The Impact Of Internet On Information Privacy
 
Essay On Cyber Intelligence Sharing And Protection Act
Essay On  Cyber Intelligence Sharing And Protection ActEssay On  Cyber Intelligence Sharing And Protection Act
Essay On Cyber Intelligence Sharing And Protection Act
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
 

More from Ulf Mattsson

Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Ulf Mattsson
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
May 6 evolving international privacy regulations and cross border data tran...
May 6   evolving international privacy regulations and cross border data tran...May 6   evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
Qubit conference-new-york-2021
Qubit conference-new-york-2021Qubit conference-new-york-2021
Qubit conference-new-york-2021Ulf Mattsson
 
Secure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesSecure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesUlf Mattsson
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Ulf Mattsson
 
Data encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeData encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeUlf Mattsson
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchainUlf Mattsson
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protectionUlf Mattsson
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsUlf Mattsson
 
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaUlf Mattsson
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKUlf Mattsson
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonUlf Mattsson
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAUlf Mattsson
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?Ulf Mattsson
 
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics   ulf mattsson 2020 nov 2bNov 2 security for blockchain and analytics   ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2bUlf Mattsson
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020Ulf Mattsson
 

More from Ulf Mattsson (20)

Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
Book
BookBook
Book
 
May 6 evolving international privacy regulations and cross border data tran...
May 6   evolving international privacy regulations and cross border data tran...May 6   evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
 
Qubit conference-new-york-2021
Qubit conference-new-york-2021Qubit conference-new-york-2021
Qubit conference-new-york-2021
 
Secure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesSecure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use cases
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...
 
Data encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeData encryption and tokenization for international unicode
Data encryption and tokenization for international unicode
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchain
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protection
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA Atlanta
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UK
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS London
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACA
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?
 
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics   ulf mattsson 2020 nov 2bNov 2 security for blockchain and analytics   ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020
 

Recently uploaded

Artificial Intelligence, Design, and More-than-Human Justice
Artificial Intelligence, Design, and More-than-Human JusticeArtificial Intelligence, Design, and More-than-Human Justice
Artificial Intelligence, Design, and More-than-Human JusticeJosh Gellers
 
Building Bridges: Merging RPA Processes, UiPath Apps, and Data Service to bu...
Building Bridges:  Merging RPA Processes, UiPath Apps, and Data Service to bu...Building Bridges:  Merging RPA Processes, UiPath Apps, and Data Service to bu...
Building Bridges: Merging RPA Processes, UiPath Apps, and Data Service to bu...DianaGray10
 
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlueCloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlueShapeBlue
 
Low Latency at Extreme Scale: Proven Practices & Pitfalls
Low Latency at Extreme Scale: Proven Practices & PitfallsLow Latency at Extreme Scale: Proven Practices & Pitfalls
Low Latency at Extreme Scale: Proven Practices & PitfallsScyllaDB
 
Large Language Models and Applications in Healthcare
Large Language Models and Applications in HealthcareLarge Language Models and Applications in Healthcare
Large Language Models and Applications in HealthcareAsma Ben Abacha
 
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)François
 
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHubHow We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHubShapeBlue
 
Roundtable_-_API_Research__Testing_Tools.pdf
Roundtable_-_API_Research__Testing_Tools.pdfRoundtable_-_API_Research__Testing_Tools.pdf
Roundtable_-_API_Research__Testing_Tools.pdfMostafa Higazy
 
KUBRICK Graphs: A journey from in vogue to success-ion
KUBRICK Graphs: A journey from in vogue to success-ionKUBRICK Graphs: A journey from in vogue to success-ion
KUBRICK Graphs: A journey from in vogue to success-ionNeo4j
 
Centralized TLS Certificates Management Using Vault PKI + Cert-Manager
Centralized TLS Certificates Management Using Vault PKI + Cert-ManagerCentralized TLS Certificates Management Using Vault PKI + Cert-Manager
Centralized TLS Certificates Management Using Vault PKI + Cert-ManagerSaiLinnThu2
 
Q4 2023 Quarterly Investor Presentation - FINAL.pdf
Q4 2023 Quarterly Investor Presentation - FINAL.pdfQ4 2023 Quarterly Investor Presentation - FINAL.pdf
Q4 2023 Quarterly Investor Presentation - FINAL.pdfTejal81
 
Enterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewEnterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewAshraf Fouad
 
VM Migration from VMware to CloudStack and KVM – Suresh Anaparti, ShapeBlue
VM Migration from VMware to CloudStack and KVM – Suresh Anaparti, ShapeBlueVM Migration from VMware to CloudStack and KVM – Suresh Anaparti, ShapeBlue
VM Migration from VMware to CloudStack and KVM – Suresh Anaparti, ShapeBlueShapeBlue
 
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxThe Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxNeo4j
 
Pragmatic UI testing with Compose Semantics.pdf
Pragmatic UI testing with Compose Semantics.pdfPragmatic UI testing with Compose Semantics.pdf
Pragmatic UI testing with Compose Semantics.pdfinfogdgmi
 
Boosting Developer Effectiveness with a Java platform team 1.4 - ArnhemJUG
Boosting Developer Effectiveness with a Java platform team 1.4 - ArnhemJUGBoosting Developer Effectiveness with a Java platform team 1.4 - ArnhemJUG
Boosting Developer Effectiveness with a Java platform team 1.4 - ArnhemJUGRick Ossendrijver
 
Establishing data sharing standards to promote global industry development
Establishing data sharing standards to promote global industry developmentEstablishing data sharing standards to promote global industry development
Establishing data sharing standards to promote global industry developmentThorsten Huelsmann
 
Trending now: Book subjects on the move in the Canadian market - Tech Forum 2024
Trending now: Book subjects on the move in the Canadian market - Tech Forum 2024Trending now: Book subjects on the move in the Canadian market - Tech Forum 2024
Trending now: Book subjects on the move in the Canadian market - Tech Forum 2024BookNet Canada
 
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...Neo4j
 
Python For Kids - Sách Lập trình cho trẻ em
Python For Kids - Sách Lập trình cho trẻ emPython For Kids - Sách Lập trình cho trẻ em
Python For Kids - Sách Lập trình cho trẻ emNho Vĩnh
 

Recently uploaded (20)

Artificial Intelligence, Design, and More-than-Human Justice
Artificial Intelligence, Design, and More-than-Human JusticeArtificial Intelligence, Design, and More-than-Human Justice
Artificial Intelligence, Design, and More-than-Human Justice
 
Building Bridges: Merging RPA Processes, UiPath Apps, and Data Service to bu...
Building Bridges:  Merging RPA Processes, UiPath Apps, and Data Service to bu...Building Bridges:  Merging RPA Processes, UiPath Apps, and Data Service to bu...
Building Bridges: Merging RPA Processes, UiPath Apps, and Data Service to bu...
 
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlueCloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
 
Low Latency at Extreme Scale: Proven Practices & Pitfalls
Low Latency at Extreme Scale: Proven Practices & PitfallsLow Latency at Extreme Scale: Proven Practices & Pitfalls
Low Latency at Extreme Scale: Proven Practices & Pitfalls
 
Large Language Models and Applications in Healthcare
Large Language Models and Applications in HealthcareLarge Language Models and Applications in Healthcare
Large Language Models and Applications in Healthcare
 
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
 
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHubHow We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
 
Roundtable_-_API_Research__Testing_Tools.pdf
Roundtable_-_API_Research__Testing_Tools.pdfRoundtable_-_API_Research__Testing_Tools.pdf
Roundtable_-_API_Research__Testing_Tools.pdf
 
KUBRICK Graphs: A journey from in vogue to success-ion
KUBRICK Graphs: A journey from in vogue to success-ionKUBRICK Graphs: A journey from in vogue to success-ion
KUBRICK Graphs: A journey from in vogue to success-ion
 
Centralized TLS Certificates Management Using Vault PKI + Cert-Manager
Centralized TLS Certificates Management Using Vault PKI + Cert-ManagerCentralized TLS Certificates Management Using Vault PKI + Cert-Manager
Centralized TLS Certificates Management Using Vault PKI + Cert-Manager
 
Q4 2023 Quarterly Investor Presentation - FINAL.pdf
Q4 2023 Quarterly Investor Presentation - FINAL.pdfQ4 2023 Quarterly Investor Presentation - FINAL.pdf
Q4 2023 Quarterly Investor Presentation - FINAL.pdf
 
Enterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewEnterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book Review
 
VM Migration from VMware to CloudStack and KVM – Suresh Anaparti, ShapeBlue
VM Migration from VMware to CloudStack and KVM – Suresh Anaparti, ShapeBlueVM Migration from VMware to CloudStack and KVM – Suresh Anaparti, ShapeBlue
VM Migration from VMware to CloudStack and KVM – Suresh Anaparti, ShapeBlue
 
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxThe Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
 
Pragmatic UI testing with Compose Semantics.pdf
Pragmatic UI testing with Compose Semantics.pdfPragmatic UI testing with Compose Semantics.pdf
Pragmatic UI testing with Compose Semantics.pdf
 
Boosting Developer Effectiveness with a Java platform team 1.4 - ArnhemJUG
Boosting Developer Effectiveness with a Java platform team 1.4 - ArnhemJUGBoosting Developer Effectiveness with a Java platform team 1.4 - ArnhemJUG
Boosting Developer Effectiveness with a Java platform team 1.4 - ArnhemJUG
 
Establishing data sharing standards to promote global industry development
Establishing data sharing standards to promote global industry developmentEstablishing data sharing standards to promote global industry development
Establishing data sharing standards to promote global industry development
 
Trending now: Book subjects on the move in the Canadian market - Tech Forum 2024
Trending now: Book subjects on the move in the Canadian market - Tech Forum 2024Trending now: Book subjects on the move in the Canadian market - Tech Forum 2024
Trending now: Book subjects on the move in the Canadian market - Tech Forum 2024
 
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
 
Python For Kids - Sách Lập trình cho trẻ em
Python For Kids - Sách Lập trình cho trẻ emPython For Kids - Sách Lập trình cho trẻ em
Python For Kids - Sách Lập trình cho trẻ em
 

How to protect privacy sensitive data that is collected to control the coronavirus outbreak 2020 apr 28

  • 1. 1 How to Protect Data Privacy During the Coronavirus Outbreak Business Insider ULFMATTSSON.COM Ulf Mattsson| Founder ulf@ulfmattsson.com
  • 2. 2 Business Insider ULFMATTSSON.COM Ulf Mattsson| Founder ulf@ulfmattsson.com Please submit your questions during our session!
  • 3. 3 1. Founder of ULFMATTSSON.COM 2. Head of Innovation at TokenEx 3. Chief Technology Officer at • Protegrity • Atlantic BT • Compliance Engineering 4. Architect & Developer at IBM Research and Development 5. Inventor of more than 70 awarded US Patents 6. Products and Services • Data Encryption, Tokenization, and Data Discovery • Security and Privacy Benchmarking/Gap-analysis for Financial Industry • Managed Security Services, and Security Operation Centers • Cloud Application Security Brokers, and Web Application Firewalls • Robotics and Applications in Manufacturing Ulf Mattsson
  • 6. 6 How smart city tech is being used to control the coronavirus outbreak https://www.techrepublic.com/article/how-smart-city-tech-is-being-used-to-control-the-coronavirus-outbreak/?ftag=COS-05- 10aaa0g&taid=5e8256ee9a7fcd0001c497db&utm_campaign=trueAnthem:+Twitter+Card&utm_medium=trueAnthemCard&utm_source=twitterCard In Singapore, the Government Technology Agency of Singapore launched TraceTogether on March 20 in collaboration with the Ministry of Health. • The TraceTogether app uses short-distance Bluetooth signals to connect one phone using the app with another user who is close by. • It stores detailed records on a user's phone for 21 days but does not include location data. • Authorities have said they will decrypt the data if there is a public health risk related to an individual's movements. China used a similar method to track a person's health status and to control movement in cities with high numbers of coronavirus cases. • Individuals had to use the app and share their status to be able to access public transportation. David Heyman, founder and CEO of Smart City Works said that the keys to addressing privacy concerns about high- tech surveillance by the state is anonymizing the data and giving individuals as much control over their own data as possible. • "Personal details that may reveal your identity such as a user's name should not be collected or should be encrypted with access to be granted for only specific health purposes, and data should be deleted after its specific use is no longer needed," he said.
  • 7. 7https://www.scmagazineuk.com/uk-plans-its-own-covid-contact-tracing-app/article/1680268 The plan operates on the idea that people with suspected Coronavirus symptoms will be able to declare their status in the app through a confirmation key. The central database connected to the app will send a yellow alert to all users who have recently been close to the suspected patient for an extended period of time, said the report. Once a medical test confirms the infection, then a red alert will be sent, suggesting the other users go into self-quarantine. Moore, cyber-security specialist at ESET: “As with any account online, you should always think about submitting the least amount of personal data as possible. It is vital to hold onto your own private information as it is becoming the most valuable currency of current times,” he said. “Cyber-criminals are constantly attempting to poach private information from dormant accounts, so although this may seem like a good idea presently, many people never delete their accounts. making this data easily targeted in future attacks. It is vital to be sure to delete accounts you don’t use anymore.” If the public accepts this intrusive use of personal data for health reasons in an emergency, would they become desensitised to the UK government using data for crime prevention, to monitor large crowds at events or even to replace the national census – due in 2021, asked Toni Vitale, head of data protection at JMW Solicitors. "In some parts of the world – including China and Hong Kong – such tracking is already taking place. However, the European Union and the UK are likely to be more cautious with this approach," he said.
  • 8. 8 https://www.irishtimes.com/news/world/europe/digital-tyranny-french-covid-19-tracing-app-faces-battle-for-acceptance- 1.4232756#.Xp15CMOluxM.twitter European governments are more reluctant than their Asian counterparts to use technology to determine a user’s location French commentators interpret this as greater willingness in Asian societies to sacrifice individual freedoms for the collective good. “No one will have access to a list of contaminated people, and it will be impossible to know who has contaminated whom” Instead of a mobile’s GPS (global positioning system), the French app would rely solely on Bluetooth technology that enables a smartphone to record the numbers of nearby phones. When a person is diagnosed with Covid-19, their phone will transmit anonymised warnings to phones that have been in the same area. Apple and Google are co-operating on technology to make iPhones and Android phones compatible for the Bluetooth app.
  • 9. 9 https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2020/privacy-and-respect-under-covid- 19?cid=sm_2003883&Appeal=sm&utm_campaign=ISACA+Main&utm_content=1586970061&utm_medium=social&utm_source=twitter Personal location data as a means to track COVID-19, and more? This March, US President Donald Trump entered discussions with tech companies about how Americans’ mobile location data could be used to track COVID-19, barely a few months after the New York Times highlighted how US telecommunication companies already share highly detailed individual location data for commercial gain. The government’s desire to track its citizens’ location – ostensibly in the context only of COVID-19 – is not only happening in the US, it is also happening in several other countries. The concern is about the impact of this is on “civil liberties,” especially if the efforts are sustained and even extended beyond the pandemic, and without the knowledge of Americans. Overall, what mechanisms will be available to hold these governments to account for the surveillance, and the supposedly temporary, emergency breach of privacy, once the pandemic is over?
  • 10. 10 http://dataprotection.link/Zn1Uk#https://www.wsj.com/articles/coronavirus-paves-way-for-new-age-of-digital-surveillance-11586963028 American officials are drawing cellphone location data from mobile advertising firms to track the presence of crowds—but not individuals. Apple Inc. and Alphabet Inc.’s Google recently announced plans to launch a voluntary app that health officials can use to reverse-engineer sickened patients’ recent whereabouts—provided they agree to provide such information. European nations monitor citizen movement by tapping telecommunications data that they say conceals individuals’ identities. The extent of tracking hinges on a series of tough choices: Make it voluntary or mandatory? Collect personal or anonymized data? Disclose information publicly or privately? In Western Australia, lawmakers approved a bill last month to install surveillance gadgets in people’s homes to monitor those placed under quarantine. Authorities in Hong Kong and India are using geofencing that draws virtual fences around quarantine zones. They monitor digital signals from smartphone or wristbands to deter rule breakers and nab offenders, who can be sent to jail. Japan’s most popular messaging app beams health-status questions to its users on behalf of the government.
  • 11. 11https://apnews.com/7f420983dfca013baf0914714c95272a Aiming to take the tracing approach to a new scale are tech giants Apple and Google, which are jointly working to build smartphone technology that alerts users if they shared a park bench or grocery store aisle with a stranger later found to be infected with the virus. Unlike the more invasive location-tracking methods attempted by some governments, the Apple- Google approach uses Bluetooth beacons to detect physical proximity and encrypted keys to maintain people’s anonymity. In addition to developing the technology, experts warn that the implications of deploying such devices need to be carefully considered. Who will collect and verify the data? How long will it be held? Will enough people use a voluntary app for it to be helpful? “We know from history that ‘emergency measures’ too often last long beyond their initial expiry date,” said Deborah Brown, a senior researcher at Human Rights Watch. She also noted that systems that monitor cellphone location or GPS data reveal more than just where someone has recently been. “Your contacts and associations can be gleaned, potentially your religious or political beliefs,” she said -- for instance, if you’ve visited a church or mosque. Susan Landau, a cybersecurity professor at Tufts University, said she has doubts about the effectiveness of relying on smartphone-based approaches, even if the apps are carefully designed to protect individual privacy. “My real concern about the whole thing is I think it’s being oversold,” she said. “Does it reduce spread? I don’t doubt that. Does it enable us to eliminate social distancing? No, not as long as there’s a high portion of people who are asymptomatic.”
  • 12. 12 https://www.venafi.com/blog/contact-tracing-will-be-built-your-os-are-you-ready-encryption-digest-38?utm_source=socialmedia&utm_medium=Bora&utm_campaign=Encryption-Digest38- blog Contact tracing; can’t live with it—can’t live without it. Whether or not there’s something “irresistible-ish about it” remains to be seen, as initial adoption will be up to the volunteers. Us. Will we download the CDC-approved app released by a joint Apple-Google effort, or will we wait until it hits the operating systems? Or will we do something different? No longer a debate, the growing reality of encryption (and all its uses) presents itself at the forefront of our national debate, our public health, and our civil liberties.
  • 13. 13https://theintercept.com/2020/04/02/coronavirus-covid-19-surveillance-privacy/ Treat Covid-19 data like U.S. census data, said Albert Fox Cahn, founder and executive director of the Surveillance Technology Oversight Project. Tight restrictions on how census data is used actually encourages people to volunteer it. “You can’t use it to put people in jail,” he said of the census. “You can’t use it for immigration enforcement. You can’t use it for tax collection.” “We have such strong privacy safeguards, not because that information wouldn’t be useful other agencies — it would be hugely useful — but because they know that [otherwise] Americans would never give us an accurate count.” Lindsey Barrett, an attorney with Georgetown Law’s Institute for Public Representation, also emphasized the importance of walling off public health data from those whose mission isn’t public health. “A very clear [guardrail] is that any data collected for disease response measures should not be accessible to law enforcement,” Barrett explained. “The CDC and state and local governments are reportedly using location data from advertisers to track the movements of people they suspect of carrying COVID19. What’s to stop them from passing that data on to ICE, which is reportedly trying to track people by buying location data from aggregators?” Personal data vacuumed up for a stated purpose has the tendency to drift to other users; old mug shots are run through facial recognition systems, user emails are sold from one advertiser to another. The possibility of similar drift with coronavirus data could deter certain marginalized groups — undocumented immigrants or people with criminal records, for example — from participating in opt-in data collection efforts.
  • 14. 14https://techcrunch.com/2020/04/09/mit-develops-privacy-preserving-covid-19-contact-tracing-inspired-by-apples-find-my-feature/ MIT’s system sidesteps entirely many of the thorniest privacy-related issues around contact tracing, which have been discussed in detail by the ACLU and other privacy protection organizations: It doesn’t use any geolocation information at all, nor does it connect any diagnosis or other information to a particular individual. It’s still not entirely left to individual discretion, which would be a risk from the perspective of ensuring compliance, because MIT envisions a health official providing a QR code along with delivering any positive diagnosis that would trigger the upload of a person’s chirp history to the database. If any person tests positive for COVID-19, they can then upload a full list of the chirps that their phone has broadcast over the past 14 days (which at the outside, should represent the full time they’ve been contagious). Those go into a database of chirps associated with confirmed positive cases, which others can scan against to see if their phone has received one of those chirps during that time. A positive match with one of those indicates that an individual could be at risk, since they were at least within 40 feet or so of a person who has the virus, and it’s a good indicator that they should seek a test if available, or at least self-quarantine for the recommended two-week period.
  • 15. 15 How To Protect Privacy Sensitive Data
  • 16. 16 Source: The US FEDERAL TRADE COMMISSION (FTC) , 2019 Credit card fraud tops the list of identity theft reports in 2018 • FTC received nearly three million complaints from consumers in 2018 • The FTC received more than 167,000 reports from people who said their information was misused on an existing account or to open a new credit card account
  • 17. 17 Source: https://www.zdnet.com/article/fbi-says-cybercrime-reports-quadrupled-during- covid-19-pandemic/ "Whereas they might typically receive 1,000 complaints a day through their internet portal, they're now receiving something like 3,000 - 4,000 complaints a day not all of those are COVID-related, but a good number of those are. "There was this brief shining moment when we hoped that, you know, 'gosh cyber criminals are human beings too,' and maybe they would think that targeting or taking advantage of this pandemic for personal profit might be beyond the pale. Sadly that has not been the case," Ugoretz said. "They really run the gamut. Everything from setting up fraudulent internet domains [...], we've seen people set up fraudulent COVID charities, promise delivery of masks and other equipment, and then deliver fraudulent loans, extortion, etc.. So pretty much, sadly, anything you can think of. Cyber-criminals are quite creative," the FBI official said FOREIGN HACKERS HAVE TARGETED US-BASED COVID-19 RESEARCH But in addition to regular cybercrime reports, Ugoretz said the bureau is also aware of attacks carried out by foreign countries, targeting the national healthcare sector and the US' COVID-19 research capabilities.
  • 18. 18 FBI: Cybercrime Gang Mailing 'BadUSB' Devices to Targets Malicious USB Devices Accompanied by Fake Gift Cards to Entice Would-Be Victims https://www.databreachtoday.com/fbi-cybercrime-gang-mailing-badusb-devices-to-targets-a-14029?rf=2020-03- 31_ENEWS_SUB_DBT__Slot1_ART14029&mkt_tok=eyJpIjoiT1RBd1ltRXpaamsxTmpFMCIsInQiOiJQYnh5YWtpVVZqNThvb0RldkszS1F6dFExUXBLS1wva1RmTmhrVkdhckIrSWdYV2dTeFVBNDZcL3FPTFBxM El5NXRGZExmV29KaEJhbGsyMFJDXC8ycDZlR3dOeHdpN1V6WjNEUlRkWmE3Y09NMXd6RXNPNGVaZkhtWDNaNmluVlN2NzlOVEJOQUZYWmFxaXdSMENJVkxcLzNBPT0ifQ%3D%3D
  • 22. 22 Source: The State of Consumer Trust - Q1 2020, https://www.jebbit.com THE CONSUMER DATA TRUST INDEX Jebbit collected over 25,000 responses from 1,000 consumers across the United States. • We analyzed how much they trust some top brands with their personal data, why they do (or don’t), and what brands can do to be more data “trustworthy.” • We asked US adult consumers one very simple question about some of the world’s largest public-facing companies: “On a scale of 1 to 10, how much do you trust [Brand X] with your personal data, in exchange for more relevant offers, goods, and services?”
  • 26. 26 https://tealium.com/blog/digital-marketing/data-privacy-acronyms-marketers-and-analysts-should-know-in-2020/ By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today. More than 60 jurisdictions around the world have enacted or proposed postmodern privacy and data protection laws, following the introduction of the GDPR in 2018. These include Argentina, Australia, Brazil, Egypt, India, Indonesia, Japan, Kenya, Mexico, Nigeria, Panama, the U.S., Singapore and Thailand. “People are actively demanding privacy protection — and legislators are reacting,” says Willemsen. “If your organization operates globally, focus on standardizing operations in accordance with the GDPR, and then adjust as required for local requirements.” He suggests using technology solutions to assist with not only readiness efforts, but also to automate portions of your privacy management program once it’s established. This is particularly important for the handling of subject rights requests and the processes for consent and preference management (CPM). By year-end 2022, more than 1 million organizations will have appointed a privacy officer (or data protection officer). Increased regulation will lead organizations to hire capable, empowered senior-level privacy officers to deliver both compliance and customer satisfaction.
  • 28. 28 Are the EU GDPR, California CCPA, PCI DSS or US HIPAA rules changing?
  • 29. 29 In Times Of Pandemic, GDPR Still Applies, EU Warns https://www.forbes.com/sites/emmawoollacott/2020/03/20/in-times-of-pandemic-gdpr-still-applies-eu- warns/#744505616215 Ensure protection of personal data
  • 30. 30 Source: IBM Encryption and TokenizationDiscover Data Assets Security by Design GDPR Framework core – Discovery, Encryption and Tokenization
  • 32. 32 Data flow mapping under GDPR • If there is not already a documented workflow in place in your organisation, it can be worthwhile for a team to be sent out to identify how the data is being gathered. • This will enable you to see how your data flow is different from reality and what needs to be done to amend this. If an organisation’s theory about how its data is flowing is different from the reality, you have a breach and could be fined. The organisation needs to look at how the data was captured, who is accountable for it, where it is located and who has access.
  • 33. 33https://www.searchblox.com/blog/how-to-secure-your-pii-data-within-elasticsearch PII is any* information about an individual (1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information. *: What is considered PII? PII is divided into two categories: linked data and linkable data. Linked data that can lead us to identify a person personally. 1. Full name 2. Home address 3. Email address 4. Social security number 5. Passport number 6. Driver’s license number 7. Credit card numbers 8. Date of birth 9. Telephone number 10. Log in details Linkable data is a piece of data that can be used to connect with other data to locate a person individually. 1. First or Last name 2. Country, State, City, Zip 3. Gender 4. Race 5. Non-specific age (e.g. 30-40, 60-70) 6. Job position 7. Workplace Field-level data encryption is required within Elasticsearch to store and search all PII fields. SearchBlox is a provider of enterprise search, sentiment analysis and text analytics solutions.
  • 34. 34
  • 35. 35 CCPA Redefines Personal Data • According to “PI Vs PII: How CCPA Redefines What Is Personal Data” the CCPA definition “creates the potential for extremely broad legal interpretation around what constitutes personal information, holding that personal information is any data that could be linked with a California individual or household.” • CCPA states that ”Personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.“ • This goes well beyond data that is obviously associated with an identity, such as name, birth date, or social security number, which is traditionally regarded as PII. • It’s ultimately this “indirect” information–such as product preference or geolocation data that is material since it is much more difficult to identify it and connect it with a person than well-structured personally identifiable information
  • 37. 37https://www.jdsupra.com/legalnews/just-like-that-ccpa-sets-a-new-standard-15934/ The CCPA has spawned a new kind of class action with consumers asserting CCPA violations against businesses ranging from clothing sellers, to most ironically, home security retailers. Undoubtedly, these lawsuits will be closely monitored by companies and lawyers alike to see how far the courts will go, and the legal standard required, to award significant relief to consumers nationwide. 1. First, the CCPA is a meaningful weapon that will be used against companies that fail to overhaul security compliance to comport with its standards. 2. Second, the CCPA is broad in scope in terms of the types of businesses it covers, the range of potential plaintiffs who may bring a class action and the plethora of legal claims that may be asserted for violations under the CCPA. 3. Third, class actions under the CCPA are not going away and while some of the causes of action asserted in these cases may be dismissed, companies will shoulder the burden of the costs associated with defending against these claims. Finally, the best way to protect your business is to conduct your own audit of privacy protocols to ensure compliance with best practices.
  • 39. 39Source: SecuPi CCPA Technical Privacy Requirements CCPA Requirements Solution
  • 40. 40https://iapp.org/resources/article/ccpa-genius-overview/ The Westin Research Center released a new interactive tool to help IAPP members navigate the California Consumer Privacy Act. The “CCPA Genius” maps requirements in the law to specific CCPA provisions, the proposed regulations, expert analysis and guidance regarding compliance, the California Privacy Rights Act ballot initiative, and other resources. As privacy professionals get ready for CCPA enforcement to begin, the "CCPA Genius" is a useful reference tool for compliance with the current law and awareness of what may be next. Although the CCPA has only been in effect since January, there is a tremendous amount of information available regarding its interpretation and how to operationalize its requirements. By collecting and organizing these resources by topic, the "CCPA Genius" will make it easier for privacy professionals to address compliance issues and analyze specific questions that arise.
  • 41. 41 HHS Issues Limited Waiver of HIPAA Sanctions Due to Coronavirus https://healthitsecurity.com/news/hhs-issues-limited-waiver-of-hipaa-sanctions-due-to-coronavirus Information sharing Information sharing
  • 42. 42 Compliancy Group LLC 55 Broadway, Unit 684 Greenlawn, New York, ow.ly/NJ4K50zh3gy HIPAA Journal - The guidance on working from home during the #COVID-19 pandemic
  • 43. 43 PCI SSC is aware of the unprecedented situation caused by the spread of COVID-19 https://www.pcisecuritystandards.org/covid19?utm_content=123288427&utm_medium=social&utm_source=twitter&hss_channel=tw-20256309
  • 45. 45
  • 46. 46 Field Privacy Action (PA) PA Config Variant Twin Output Gender Pseudonymise AD-lks75HF9aLKSa PseudonymizationGeneralization Field Privacy Action (PA) PA Config Variant Twin Output Age Integer Range Bin Step 10 + Pseud. Age_KXYC Age Integer Range Bin Custom Steps 18-25 Aggregation/Binning Field Privacy Action (PA) PA Config Variant Twin Output Balance Nearest Unit Value Thousand 94000 Rounding Generalization Source data: Output data: Last name Balance Age Gender Folds 93791 23 m … … … … Generalization Source data: Output data: Patient Age Gender Region Disease 173965429 57 Female Hamburg Gastric ulcer Patient Age Gender Region Disease 173965429 >50 Female Germany Gastric ulcer Generalization Examples data de-identification Examples from Anonos and Privitar
  • 47. 47 Data sources Data Warehouse In Italy Complete policy- enforced de- identification of sensitive data across all bank entities Example of Cross Border Data-centric Security using Tokenization • Protecting Personally Identifiable Information (PII), including names, addresses, phone, email, policy and account numbers • Compliance with EU Cross Border Data Protection Laws • Utilizing Data Tokenization, and centralized policy, key management, auditing, and reporting
  • 48. 48 How obscuring the purchases can protect against reidentification Purchases by User ID “7abc1a23” Source: Science Magazine, https://www.mosaiceffect.com/?__hstc=122413332.bfe8d3fbba256fe2314e6761da6378be.1587984573037.1587984573037.1587984573037.1&__hssc=122413332.1.1587984573038&__hsfp=1888786575
  • 49. 49Source: MICRO FOCUS Identify sensitive data elements and map to the security policy
  • 50. 50 • Privacy enhancing data de-identification terminology and classification of techniques Source: INTERNATIONAL STANDARD ISO/IEC 20889 Encrypted data has the same format Server model Local model Differential Privacy (DP) Formal privacy measurement models (PMM) De-identification techniques (DT) Cryptographic tools (CT) Format Preserving Encryption (FPE) Homomorphic Encryption (HE) Two values encrypted can be combined* K-anonymity model Responses to queries are only able to be obtained through a software component or “middleware”, known as the “curator** The entity receiving the data is looking to reduce risk Ensures that for each identifier there is a corresponding equivalence class containing at least K records *: Multi Party Computation (MPC) **: Example Apple and Google ISO Standard for Encryption and Privacy Models
  • 51. 51 Positioning of some Encryption and Privacy Models Source: INTERNATIONAL STANDARD ISO/IEC 20889 Clear 123 897 Differential Privacy (DP)Format Preserving Encryption (FPE) Homomorphic Encryption (HE) FPE Enc **: Example Apple Clear_D1 Protected Curator** Filter Clear Cleanser Filter Clear __ __ __ *: Multi Party Computation (MPC) Op (Enc_D1, Enc_D2) HE Dec HE Enc HE Enc Clear12 FPE Dec Clear 123 Protec ted DB Protected Keys Protected Key Clear_D2 Enc_D1 Enc_D2 “Untrusted Party*” k-Anonymity Model __ __ __ Clear Cleanser Filter DB
  • 52. 52 Data Warehouse Centralized Distributed On- premises Public Cloud Private Cloud Vault-based tokenization y y Vault-less tokenization y y y y y y Format preserving encryption y y y y y Homomorphic encryption y y Masking y y y y y y Hashing y y y y y y Server model y y y y y y Local model y y y y y y L-diversity y y y y y y T-closeness y y y y y y Formal privacy measurement models Differential Privacy K-anonymity model Privacy enhancing data de-identification terminology and classification of techniques De- identification techniques Tokenization Cryptographic tools Suppression techniques Example of mapping of data security and privacy techniques (ISO) to different deployment models
  • 53. 53 Use cases of some de-identification techniques and models Source: INTERNA TIONAL STANDA RD ISO/IEC 20889 Transit Use Storage Singling out Pseudonymization Tokenization Protects the data flow from attacks Yes Yes Yes Yes Direct identifiers No Deterministic encryption Protects the data when not used in processing operations Yes No Yes Yes All attributes No Order-preserving encryption Protects the data from attacks Partially Partially Partially Yes All attributes No Homomorphic encryption Protects the data also when used in processing operations Yes Yes Yes Yes All attributes No Masking Protects the data in dev/test and analytical applications Yes Yes Yes Yes Local identifiers Yes Local suppression Protects the data in analytical applications Yes Yes Yes Yes Identifying attributes Partially Record suppression Removes the data from the data set Yes Yes Yes Yes Yes Yes Sampling Exposes only a subset of the data for analytical applications Partially Partially Partially Yes Yes Partially Generalization Protects the data in dev/test and analytical applications Yes Yes Yes Yes Identifying attributes Partially Rounding Protects the data in dev/test and analytical applications Yes Yes Yes Yes Identifying attributes No Top/bottom coding Protects the data in dev/test and analytical applications Yes Yes Yes Yes Identifying attributes No Noise addition Noise addition Protects the data in dev/test and analytical applications Yes Yes Yes No Identifying attributes Partially Generalization Technique name Data truthfulness at record level Use Case / User Story Data protected in Applicable to types of attributes Reduce Cryptographic tools Suppression
  • 54. 54 Applicability of some de-identification techniques and models Source: INTERNA TIONAL STANDA RD ISO/IEC 20889 Transit Use Storage Singling out Linking In Pseudonymization Tokenization Protects the data flow from attacks Yes Yes Yes Yes Direct identifiers No Partially Deterministic encryption Protects the data when not used in processing operations Yes No Yes Yes All attributes No Partially Order-preserving encryption Protects the data from attacks Partially Partially Partially Yes All attributes No Partially Homomorphic encryption Protects the data also when used in processing operations Yes Yes Yes Yes All attributes No No Masking Protects the data in dev/test and analytical applications Yes Yes Yes Yes Local identifiers Yes Partially Local suppression Protects the data in analytical applications Yes Yes Yes Yes Identifying attributes Partially Partially P Record suppression Removes the data from the data set Yes Yes Yes Yes Yes Yes Yes Sampling Exposes only a subset of the data for analytical applications Partially Partially Partially Yes Yes Partially Partially P Generalization Protects the data in dev/test and analytical applications Yes Yes Yes Yes Identifying attributes Partially Partially P Rounding Protects the data in dev/test and analytical applications Yes Yes Yes Yes Identifying attributes No Partially P Top/bottom coding Protects the data in dev/test and analytical applications Yes Yes Yes Yes Identifying attributes No Partially P Noise addition Noise addition Protects the data in dev/test and analytical applications Yes Yes Yes No Identifying attributes Partially Partially P Generalization Technique name Data truthfulness at record level Use Case / User Story Data protected in Applicable to types of attributes Reduces the risk o Cryptographic tools Suppression
  • 55. 55 Risk reduction and truthfulness of some de-identification techniques and models Source: INTERNA TIONAL STANDA RD ISO/IEC 20889 Transit Use Storage Singling out Linking Inference Pseudonymization Tokenization Protects the data flow from attacks Yes Yes Yes Yes Direct identifiers No Partially No Deterministic encryption Protects the data when not used in processing operations Yes No Yes Yes All attributes No Partially No Order-preserving encryption Protects the data from attacks Partially Partially Partially Yes All attributes No Partially No Homomorphic encryption Protects the data also when used in processing operations Yes Yes Yes Yes All attributes No No No Masking Protects the data in dev/test and analytical applications Yes Yes Yes Yes Local identifiers Yes Partially No Local suppression Protects the data in analytical applications Yes Yes Yes Yes Identifying attributes Partially Partially Partially Record suppression Removes the data from the data set Yes Yes Yes Yes Yes Yes Yes Yes Sampling Exposes only a subset of the data for analytical applications Partially Partially Partially Yes Yes Partially Partially Partially Generalization Protects the data in dev/test and analytical applications Yes Yes Yes Yes Identifying attributes Partially Partially Partially Rounding Protects the data in dev/test and analytical applications Yes Yes Yes Yes Identifying attributes No Partially Partially Top/bottom coding Protects the data in dev/test and analytical applications Yes Yes Yes Yes Identifying attributes No Partially Partially Noise addition Noise addition Protects the data in dev/test and analytical applications Yes Yes Yes No Identifying attributes Partially Partially Partially Generalization Technique name Data truthfulness at record level Use Case / User Story Data protected in Applicable to types of attributes Reduces the risk of Cryptographic tools Suppression
  • 58. 58 30 Vendors Source: USPTO, Forrester, Owler # Employees Vendor Revenue (MUSD) Data in-use protection De-identification App level encryption Data at rest encryption Data masking Format Preserving Encryption # Patent Applications Statice 1 0 Caristix 1 0 Aircloak 3 2 Anonos 1 10 Inpher 1 0 Enveil 1 14 TokenEx 5 2 Zettaset 15 16 Sharemind 2 2 Duality Technologies 1 1 Baffle 3 0 Privacy Analytics 20 12 Privitar 4 0 IRI 25 0 TrustCommerce 15 0 NextLabs 3 15 Paymetric 37 5 Dataguise 6 5 WinMagic 23 1 Shift4 20 6 Wave Systems 12 0 Cryptzone 12 1 Protegrity 45 32 Sophos 695 13 Delphix 130 12 Thales eSecurity / Vormetric 10 3 OpenText Liaison / nuBridges 115 0 CyberSource 311 2 Imperva 350 22 3633 Informatica 1100 35 3 to 25 104 to 180 30 to 95 212 to 440 500 to 990
  • 59. 59https://iapp.org/media/pdf/resource_center/2020TechVendorReport.pdf Vendors: Deidentification/Pseudonymity (17 + 19 + 18 = 54 Vendors) 1. Aircloak 2. Anonos 3. Arcad 4. AvePoint 5. CompLions 6. ContextSpace Solutions Ltd 7. CRM Partners 8. CryptoNumerics 9. Cybernetica 10. Data Solver 11. DataFleets 12. Datex Inc. 13. DE-ID Data Corp 14. Ethyca 15. Exate Technology 16. Hazy 17. HexaTier 1. Iconfirm AS 2. Immuta 3. Informatica LLC 4. Information First 5. integrate.ai 6. Integris Software 7. Lenos Software 8. Madana 9. MENTIS 10. Micro Focus / Voltage 11. Mostly AI 12. Odaseva 13. Osano 14. PHEMI Systems 15. Privacy Analytics 16. Privacy Dynamics 17. Privatar 18. Privsee 19. Protegrity 1. Qixium 2. Replica Analytics Ltd. 3. SAS Global Data Management 4. SecuPi 5. Semele 6. Sensorpro 7. Smartpipe Solutions 8. Statice 9. StratoKey 10. Structure Systems 11. Systnaps 12. Tata Consultancy Services Limited 13. TokenEx, inc. 14. Tonic 15. Truata 16. Viacryp 17. Wizuda 18. Zartech
  • 60. 60 References: 1. California Consumer Privacy Act, OCT 4, 2019, https://www.csoonline.com/article/3182578/california-consumer-privacy-act-what- you-need-to-know-to-be-compliant.html 2. CIS Controls V7.1 Mapping to NIST CSF, https://dataprivacylab.org/projects/identifiability/paper1.pdf 3. GDPR and Tokenizing Data, https://tdwi.org/articles/2018/06/06/biz-all-gdpr-and-tokenizing-data-3.aspx 4. GDPR VS CCPA, https://wirewheel.io/wp-content/uploads/2018/10/GDPR-vs-CCPA-Cheatsheet.pdf 5. General Data Protection Regulation, https://en.wikipedia.org/wiki/General_Data_Protection_Regulation 6. IBM Framework Helps Clients Prepare for the EU's General Data Protection Regulation, https://ibmsystemsmag.com/IBM- Z/03/2018/ibm-framework-gdpr 7. INTERNATIONAL STANDARD ISO/IEC 20889, https://webstore.ansi.org/Standards/ISO/ISOIEC208892018?gclid=EAIaIQobChMIvI- k3sXd5gIVw56zCh0Y0QeeEAAYASAAEgLVKfD_BwE 8. INTERNATIONAL STANDARD ISO/IEC 27018, https://webstore.ansi.org/Standards/ISO/ ISOIEC270182019?gclid=EAIaIQobChMIleWM6MLd5gIVFKSzCh3k2AxKEAAYASAAEgKbHvD_BwE 9. New Enterprise Application and Data Security Challenges and Solutions https://www.brighttalk.com/webinar/new-enterprise- application-and-data-security-challenges-and-solutions/ 10. Machine Learning and AI in a Brave New Cloud World https://www.brighttalk.com/webcast/14723/357660/machine-learning-and-ai- in-a-brave-new-cloud-world 11. Emerging Data Privacy and Security for Cloud https://www.brighttalk.com/webinar/emerging-data-privacy-and-security-for-cloud/ 12. New Application and Data Protection Strategies https://www.brighttalk.com/webinar/new-application-and-data-protection- strategies-2/ 13. The Day When 3rd Party Security Providers Disappear into Cloud https://www.brighttalk.com/webinar/the-day-when-3rd-party- security-providers-disappear-into-cloud/ 14. Advanced PII/PI Data Discovery https://www.brighttalk.com/webinar/advanced-pii-pi-data-discovery/ 15. Emerging Application and Data Protection for Cloud https://www.brighttalk.com/webinar/emerging-application-and-data-protection- for-cloud/ 16. Data Security: On Premise or in the Cloud, ISSA Journal, December 2019 60
  • 61. 61 THANK YOU! Business Insider ULFMATTSSON.COM Ulf Mattsson| Founder ulf@ulfmattsson.com