SlideShare uma empresa Scribd logo

Privacy Regulations and Your Digital Setup

Piwik PRO
Piwik PRO

How Will the New Privacy Regulations Affect Your Digital Set-up? In less than 2 years from now, Europe’s new data privacy law will come into effect, changing the way organizations handle information of their users. General Data Protection Regulation will heavily impact usage of digital tools for customer insights and analytics. This presentation was created by the Piwik PRO Team for a webinar session with Aurelie Pols. Webinar recording is available on: https://youtu.be/dPOvbbZ3vdo

Tecnologia
1 de 26
Baixar para ler offline
How Will the New Privacy Regulations Affect Your Digital Setup? Thursday, 11th of February 3pm CET ・ 2pm GMT ・ 9am EST Aurélie Pols Mind Your Privacy
Ewa Balazinska Content Manager piwik.pro/blog @piwikPRO /PiwikPro /piwik-pro
Aurélie Pols How Will the New Privacy Regulations Affect Your Digital Setup? Data privacy expert, entrepreneur, lecturer, and leader of Mind Your Privacy consultancy. Recognized as The Most Influential Industry Contributor of 2015 by the Digital Analytics Association, Aurélie sits on the data ethics Advisory Board of the European Data Protection Supervisor (EDPS) and is a Training Advisory Board member of the the International Association of Privacy Professionals (IAPP). About the speakers How Will the New Privacy Regulations Affect Your Digital Setup? Matthias Bettag Introduction: Continuing the Safe Harbor Debate Country Manager of the Digital Analytics Association (DAA) Germany since 2010, DAA Certified Web Analyst™ and Consultant based in Berlin. Lecturer at the University of British Columbia (UBC), Organizer of the Digital Analytics Hub Conference (DA Hub).
Continuing the Safe Harbor discussion How Will the New Privacy Regulations Affect Your Digital Setup? • Webinar held in October 2015 by DAA Germany • Also featured Aurélie Pols speaking • on the meaning of the Safe Harbor renouncement. • Since October 2015 new developments in the field: • GDPR • Privacy Shield
About DAA Germany How Will the New Privacy Regulations Affect Your Digital Setup? • Established as the first non-American regional DAA branch in April 2014 • Official status: non-profit organization (e.V) • Close links with the Global DAA • Education, building the digital analytics community publications, knowledge transfer and advice • Organizing Events, such as : • Digital Analytics Day • DAALAs - DAA Late Afternooons - in various German cities • Collaborating with industry leaders, co- organizing conferences and conferences • Membership plans and opportunities Jim Sterne, Founder of DAA, at the inauguration of DAA Germany http://daa-germany.org
Aurélie Pols How Will the New Privacy Regulations Affect Your Digital Setup?
Where did it come from? • DIRECTIVE 2009/136/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 25 November 2009, amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector, and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws. • What you need to remember here: Telecoms package + ePrivacy Directive. How Will the New Privacy Regulations Affect Your Digital Setup?
Directive, but Not a Regulation 1. Transposition varies per country 2. Enforcement? Not really
 Maximum fine: €3500 Source: Technology Law Dispatch How Will the New Privacy Regulations Affect Your Digital Setup?
Conclusion for Digital Analytics 1. Tick box projects 2. Cookie notices everywhere 3. EU decides in 2012 to go one step further… EU Commission Vice-President, Viviane Reding Citizens do not always feel in full control of their personal data Source: WFA Marketers How Will the New Privacy Regulations Affect Your Digital Setup?
International Data Transfers Obliterating the internal data processing framework known as SafeHarbor: The European Court of Justice in Luxembourg declares SafeHarbor illegal in October 2015. Data of EU citizens can’t be processed by US entities on the basis of SF, more guarantees are needed. February 2016: Announcement of PrivacyShield, new framework for transatlantic data flows between US and UE. Source: European Commission Edward Snowden 2013 Max Schrems 2015 How Will the New Privacy Regulations Affect Your Digital Setup?
SafeHarbor Renounced, What Happens Now? • SalesForce amends it contracts to replace SH clauses the very next day - details • Data Protection Agencies declare a moratorium until end of January to give the politicians time to find a solution: the clock is ticking!!! • Be careful with using non-European tools How Will the New Privacy Regulations Affect Your Digital Setup?
Why should digital analytics care today? Coordinated Fines Regarding Consent Move Up to 4% of Global Turnover, Capped at €20M ➞ Increase of Direct Privacy Risk 
 Other risks: • Increased coordination of EU Data Protection Agencies • for investigations (GPEN) & fines; • for consumer complaints • Responsibility for all companies addressing EU citizens • Increased responsibility for intermediaries: processors, joint controllers • Increased hedging by citizens (AdBlocking) How Will the New Privacy Regulations Affect Your Digital Setup?
What Does Digital Analytics Need? 1. Minimum viable privacy features in tools for compliance. 2. Flexibility of those features to adapt to audience and customer segments.
 Issue for consideration: How can digital analytics be compliant, or even ethical, if minimum viable compliance features do not exist? How Will the New Privacy Regulations Affect Your Digital Setup?
Consumer Attitudes Towards Privacy How Will the New Privacy Regulations Affect Your Digital Setup? • Privacy as a differentiator and a growing business priority • Certainly context driven as Pew Research showed
Consumer Attitudes Towards Privacy How Will the New Privacy Regulations Affect Your Digital Setup? • Privacy as a differentiator and a growing business priority • Certainly context driven as Pew Research showed
What Should the Digital Industry Be Aiming For? How Will the New Privacy Regulations Affect Your Digital Setup?
What Should the Digital Industry Be Aiming For? How Will the New Privacy Regulations Affect Your Digital Setup?
Data Trust Through the Entire Digital Ecosystem • As taught by social media! • For full introduction to data ecosystem please see the FREE whitepaper on Web Analytics for Data-Sensitive Industries. If your customers trust you, they love you and they will be passionate about your love… …but if you breach their trust, you will not just create Dislike You will create hate. People don’t go from Love to Dislike TRUSTPRIVACY $+$- LikeDislike How Will the New Privacy Regulations Affect Your Digital Setup? Inspired by IAPP
Data Trust Through the Entire Digital Ecosystem GAPP OECD Guidelines FTC FIPPS EU Directive ISO 27002 APEC Management Operations Management Preventing Harm Collection Collection Limitation Proportionality Information Acquisition Collection Limitations Quality Data Quality Integrity of Personal Info Notice Specification of Purpose Notice/ Awereness Transparency Notice Use, Retention, Disposal Use Limitation Legitimate Purpose Asset Management Uses of Personal Info Security for Privacy Security Safeguards Integrity/Security Security Security Safeguards Access Openness Access/ Participation Access Control Access and Correction Choice/Consent Individual Participation Choice/Consent Asset Management Choice Monitoring and Enforcement Accountability Enforcement/ Redress Supervisory authority Compliance Accountability Disclousure to Third Parties Persona Data Transfer to 3rd Parties GAPP: Generally Accepted Privacy Principles by American Institute of Certified Public Accountants (AICPA) OECD: Organization for Economic Cooperation and Development FIPPS: Fair Information Practice Principles by the Federal Trade Commission ISO Certification appeared for Google Analytics in April 2015 APEC: Asia-Pacific Economic Cooperation Source: Privacy Engineer’s Manifesto by Michelle Finneran Dennedy, Jonathan Fox and Thomas R Finneran How Will the New Privacy Regulations Affect Your Digital Setup?
Basic Principles 1. Collection Limitation 2. Data Quality 3. Individual Participation 4. Purpose Specification 5. Use Limitation 6. Openness 7. Security Safeguards 8. Accountability How Will the New Privacy Regulations Affect Your Digital Setup?
• Risk: Fines up to 4% of global turnover • Timing for all EU Countries and addressing all EU citizens: 2018 • Obligations: • Cyber-security and breach notification • Cross-border data transfers => SafeHarbor • Mandatory Data Protection Officer (DPO) • Written documentation • Data Processors • Consent How Will the New Privacy Regulations Affect Your Digital Setup? About the General Data Protection Regulation
From Directive to Regulation: • From implicit and opt-out to “a statement or a clear affirmative action” • Recognizing “special categories of data”: Revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of genetic data, biometric data in order to uniquely identify a person, or data concerning health or sex life and sexual orientation • Children: Consent required up to 16 years of age! • Right to be Forgotten: Data erasure when consent is withdrawn How Will the New Privacy Regulations Affect Your Digital Setup? Focusing on Consent
The Open-Source Opportunity • Flexibility • Openness of code • Continuous improvement • Customizable and extensible • No data limits • Not limited to one vendor How Will the New Privacy Regulations Affect Your Digital Setup?
Tuning in on Consumers’ Rights: DNT • Universal Web Tracking Opt Out • Does your software respect the DNT setting? How Will the New Privacy Regulations Affect Your Digital Setup? Source: DoNotTrack
Q&A
Thank You

Recomendados

Web Analytics and Privacy
Web Analytics and Privacy Web Analytics and Privacy
Web Analytics and Privacy
Piwik PRO
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy
Piwik PRO
 
A Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
A Comparison of Analytics and Tag Management Suites by Piwik PRO and GoogleA Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
A Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
Piwik PRO
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
CIO Edge
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify Guide
Zymplify
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR Compliance
DATAVERSITY
 
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc
 
Beginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyBeginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) Journey
Microsoft Österreich
 

Recomendados

Web Analytics and Privacy
Web Analytics and Privacy Web Analytics and Privacy
Web Analytics and Privacy
Piwik PRO
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy
Piwik PRO
 
A Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
A Comparison of Analytics and Tag Management Suites by Piwik PRO and GoogleA Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
A Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
Piwik PRO
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
CIO Edge
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify Guide
Zymplify
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR Compliance
DATAVERSITY
 
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc
 
Beginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyBeginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) Journey
Microsoft Österreich
 
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
Mailjet
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
Cobweb
 
GDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to KnowGDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to Know
Piwik PRO
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
Ulf Mattsson
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Shawn Tuma
 
Finding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA ComplianceFinding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA Compliance
Precisely
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
Dimitri Sirota
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethics
AT Internet
 
Data Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRData Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPR
John M Walsh
 
Scotland legal update 25 sept
Scotland legal update 25 septScotland legal update 25 sept
Scotland legal update 25 sept
Rachel Aldighieri
 
Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection framework
Leigh Hill
 
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
TrustArc
 
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdprSharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
Matt Stubbs
 
Understanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsUnderstanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics tools
RominaMariaBaltariu
 
20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision 20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision
Bart Van Den Brande
 
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Jean-Michel Franco
 
DMA Data Protection 2014
DMA Data Protection 2014DMA Data Protection 2014
DMA Data Protection 2014
Rachel Aldighieri
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Amazon Web Services
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
Exponential_e
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
FLUZO
 
The dma legal update summer 2014
The dma legal update summer 2014 The dma legal update summer 2014
The dma legal update summer 2014
Rachel Aldighieri
 

Mais conteúdo relacionado

Mais procurados

Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Shawn Tuma
 
Finding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA ComplianceFinding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA Compliance
Precisely
 
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
TrustArc
 

Mais procurados (20)

"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
 
GDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to KnowGDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to Know
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
 
Finding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA ComplianceFinding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA Compliance
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethics
 
Data Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRData Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPR
 
Scotland legal update 25 sept
Scotland legal update 25 septScotland legal update 25 sept
Scotland legal update 25 sept
 
Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection framework
 
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
 
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdprSharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
 
Understanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsUnderstanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics tools
 
20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision 20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision
 
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
Enacting the Data Subjects Access Rights for GDPR with Data Services and Data...
 
DMA Data Protection 2014
DMA Data Protection 2014DMA Data Protection 2014
DMA Data Protection 2014
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
 

Semelhante a Privacy Regulations and Your Digital Setup

The dma legal update summer 2014
The dma legal update summer 2014 The dma legal update summer 2014
The dma legal update summer 2014
Rachel Aldighieri
 
Legal update Leeds - 7 October 2014
Legal update Leeds - 7 October 2014Legal update Leeds - 7 October 2014
Legal update Leeds - 7 October 2014
Rachel Aldighieri
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
Lumension
 
Everything you need to know about the GDPR
Everything you need to know about the GDPREverything you need to know about the GDPR
Everything you need to know about the GDPR
Spoon London
 
Data Economy_FINTECHBELGIUM_15062023_DV_for publishing_ok.pptx
Data Economy_FINTECHBELGIUM_15062023_DV_for publishing_ok.pptxData Economy_FINTECHBELGIUM_15062023_DV_for publishing_ok.pptx
Data Economy_FINTECHBELGIUM_15062023_DV_for publishing_ok.pptx
FinTech Belgium
 

Semelhante a Privacy Regulations and Your Digital Setup (20)

A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
 
The dma legal update summer 2014
The dma legal update summer 2014 The dma legal update summer 2014
The dma legal update summer 2014
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
 
Legal update Leeds - 7 October 2014
Legal update Leeds - 7 October 2014Legal update Leeds - 7 October 2014
Legal update Leeds - 7 October 2014
 
GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
 
A Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.CoinA Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.Coin
 
Scot Cloud 2016
Scot Cloud 2016Scot Cloud 2016
Scot Cloud 2016
 
Tim Willoughby - Presentation to Innovation Masters 2016
Tim Willoughby - Presentation to Innovation Masters 2016Tim Willoughby - Presentation to Innovation Masters 2016
Tim Willoughby - Presentation to Innovation Masters 2016
 
GDPR training
GDPR training GDPR training
GDPR training
 
IT law : the middle kingdom between east and West
IT law : the middle kingdom between east and WestIT law : the middle kingdom between east and West
IT law : the middle kingdom between east and West
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
 
Everything you need to know about the GDPR
Everything you need to know about the GDPREverything you need to know about the GDPR
Everything you need to know about the GDPR
 
Data Accountability & Consumer Trust
Data Accountability & Consumer TrustData Accountability & Consumer Trust
Data Accountability & Consumer Trust
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
 
What's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesWhat's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) Changes
 
Jowanna Conboye - Stephens Scown
Jowanna Conboye - Stephens ScownJowanna Conboye - Stephens Scown
Jowanna Conboye - Stephens Scown
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
 
Quick Guide: EU General Data Protection Regulation and Smart Metering
Quick Guide: EU General Data Protection Regulation and Smart MeteringQuick Guide: EU General Data Protection Regulation and Smart Metering
Quick Guide: EU General Data Protection Regulation and Smart Metering
 
Data Economy_FINTECHBELGIUM_15062023_DV_for publishing_ok.pptx
Data Economy_FINTECHBELGIUM_15062023_DV_for publishing_ok.pptxData Economy_FINTECHBELGIUM_15062023_DV_for publishing_ok.pptx
Data Economy_FINTECHBELGIUM_15062023_DV_for publishing_ok.pptx
 

Último

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Último (20)

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 

Privacy Regulations and Your Digital Setup

  • 1. How Will the New Privacy Regulations Affect Your Digital Setup? Thursday, 11th of February 3pm CET ・ 2pm GMT ・ 9am EST Aurélie Pols Mind Your Privacy
  • 3. Aurélie Pols How Will the New Privacy Regulations Affect Your Digital Setup? Data privacy expert, entrepreneur, lecturer, and leader of Mind Your Privacy consultancy. Recognized as The Most Influential Industry Contributor of 2015 by the Digital Analytics Association, Aurélie sits on the data ethics Advisory Board of the European Data Protection Supervisor (EDPS) and is a Training Advisory Board member of the the International Association of Privacy Professionals (IAPP). About the speakers How Will the New Privacy Regulations Affect Your Digital Setup? Matthias Bettag Introduction: Continuing the Safe Harbor Debate Country Manager of the Digital Analytics Association (DAA) Germany since 2010, DAA Certified Web Analyst™ and Consultant based in Berlin. Lecturer at the University of British Columbia (UBC), Organizer of the Digital Analytics Hub Conference (DA Hub).
  • 4. Continuing the Safe Harbor discussion How Will the New Privacy Regulations Affect Your Digital Setup? • Webinar held in October 2015 by DAA Germany • Also featured Aurélie Pols speaking • on the meaning of the Safe Harbor renouncement. • Since October 2015 new developments in the field: • GDPR • Privacy Shield
  • 5. About DAA Germany How Will the New Privacy Regulations Affect Your Digital Setup? • Established as the first non-American regional DAA branch in April 2014 • Official status: non-profit organization (e.V) • Close links with the Global DAA • Education, building the digital analytics community publications, knowledge transfer and advice • Organizing Events, such as : • Digital Analytics Day • DAALAs - DAA Late Afternooons - in various German cities • Collaborating with industry leaders, co- organizing conferences and conferences • Membership plans and opportunities Jim Sterne, Founder of DAA, at the inauguration of DAA Germany http://daa-germany.org
  • 6. Aurélie Pols How Will the New Privacy Regulations Affect Your Digital Setup?
  • 7. Where did it come from? • DIRECTIVE 2009/136/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 25 November 2009, amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector, and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws. • What you need to remember here: Telecoms package + ePrivacy Directive. How Will the New Privacy Regulations Affect Your Digital Setup?
  • 8. Directive, but Not a Regulation 1. Transposition varies per country 2. Enforcement? Not really
 Maximum fine: €3500 Source: Technology Law Dispatch How Will the New Privacy Regulations Affect Your Digital Setup?
  • 9. Conclusion for Digital Analytics 1. Tick box projects 2. Cookie notices everywhere 3. EU decides in 2012 to go one step further… EU Commission Vice-President, Viviane Reding Citizens do not always feel in full control of their personal data Source: WFA Marketers How Will the New Privacy Regulations Affect Your Digital Setup?
  • 10. International Data Transfers Obliterating the internal data processing framework known as SafeHarbor: The European Court of Justice in Luxembourg declares SafeHarbor illegal in October 2015. Data of EU citizens can’t be processed by US entities on the basis of SF, more guarantees are needed. February 2016: Announcement of PrivacyShield, new framework for transatlantic data flows between US and UE. Source: European Commission Edward Snowden 2013 Max Schrems 2015 How Will the New Privacy Regulations Affect Your Digital Setup?
  • 11. SafeHarbor Renounced, What Happens Now? • SalesForce amends it contracts to replace SH clauses the very next day - details • Data Protection Agencies declare a moratorium until end of January to give the politicians time to find a solution: the clock is ticking!!! • Be careful with using non-European tools How Will the New Privacy Regulations Affect Your Digital Setup?
  • 12. Why should digital analytics care today? Coordinated Fines Regarding Consent Move Up to 4% of Global Turnover, Capped at €20M ➞ Increase of Direct Privacy Risk 
 Other risks: • Increased coordination of EU Data Protection Agencies • for investigations (GPEN) & fines; • for consumer complaints • Responsibility for all companies addressing EU citizens • Increased responsibility for intermediaries: processors, joint controllers • Increased hedging by citizens (AdBlocking) How Will the New Privacy Regulations Affect Your Digital Setup?
  • 13. What Does Digital Analytics Need? 1. Minimum viable privacy features in tools for compliance. 2. Flexibility of those features to adapt to audience and customer segments.
 Issue for consideration: How can digital analytics be compliant, or even ethical, if minimum viable compliance features do not exist? How Will the New Privacy Regulations Affect Your Digital Setup?
  • 14. Consumer Attitudes Towards Privacy How Will the New Privacy Regulations Affect Your Digital Setup? • Privacy as a differentiator and a growing business priority • Certainly context driven as Pew Research showed
  • 15. Consumer Attitudes Towards Privacy How Will the New Privacy Regulations Affect Your Digital Setup? • Privacy as a differentiator and a growing business priority • Certainly context driven as Pew Research showed
  • 16. What Should the Digital Industry Be Aiming For? How Will the New Privacy Regulations Affect Your Digital Setup?
  • 17. What Should the Digital Industry Be Aiming For? How Will the New Privacy Regulations Affect Your Digital Setup?
  • 18. Data Trust Through the Entire Digital Ecosystem • As taught by social media! • For full introduction to data ecosystem please see the FREE whitepaper on Web Analytics for Data-Sensitive Industries. If your customers trust you, they love you and they will be passionate about your love… …but if you breach their trust, you will not just create Dislike You will create hate. People don’t go from Love to Dislike TRUSTPRIVACY $+$- LikeDislike How Will the New Privacy Regulations Affect Your Digital Setup? Inspired by IAPP
  • 19. Data Trust Through the Entire Digital Ecosystem GAPP OECD Guidelines FTC FIPPS EU Directive ISO 27002 APEC Management Operations Management Preventing Harm Collection Collection Limitation Proportionality Information Acquisition Collection Limitations Quality Data Quality Integrity of Personal Info Notice Specification of Purpose Notice/ Awereness Transparency Notice Use, Retention, Disposal Use Limitation Legitimate Purpose Asset Management Uses of Personal Info Security for Privacy Security Safeguards Integrity/Security Security Security Safeguards Access Openness Access/ Participation Access Control Access and Correction Choice/Consent Individual Participation Choice/Consent Asset Management Choice Monitoring and Enforcement Accountability Enforcement/ Redress Supervisory authority Compliance Accountability Disclousure to Third Parties Persona Data Transfer to 3rd Parties GAPP: Generally Accepted Privacy Principles by American Institute of Certified Public Accountants (AICPA) OECD: Organization for Economic Cooperation and Development FIPPS: Fair Information Practice Principles by the Federal Trade Commission ISO Certification appeared for Google Analytics in April 2015 APEC: Asia-Pacific Economic Cooperation Source: Privacy Engineer’s Manifesto by Michelle Finneran Dennedy, Jonathan Fox and Thomas R Finneran How Will the New Privacy Regulations Affect Your Digital Setup?
  • 20. Basic Principles 1. Collection Limitation 2. Data Quality 3. Individual Participation 4. Purpose Specification 5. Use Limitation 6. Openness 7. Security Safeguards 8. Accountability How Will the New Privacy Regulations Affect Your Digital Setup?
  • 21. • Risk: Fines up to 4% of global turnover • Timing for all EU Countries and addressing all EU citizens: 2018 • Obligations: • Cyber-security and breach notification • Cross-border data transfers => SafeHarbor • Mandatory Data Protection Officer (DPO) • Written documentation • Data Processors • Consent How Will the New Privacy Regulations Affect Your Digital Setup? About the General Data Protection Regulation
  • 22. From Directive to Regulation: • From implicit and opt-out to “a statement or a clear affirmative action” • Recognizing “special categories of data”: Revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of genetic data, biometric data in order to uniquely identify a person, or data concerning health or sex life and sexual orientation • Children: Consent required up to 16 years of age! • Right to be Forgotten: Data erasure when consent is withdrawn How Will the New Privacy Regulations Affect Your Digital Setup? Focusing on Consent
  • 23. The Open-Source Opportunity • Flexibility • Openness of code • Continuous improvement • Customizable and extensible • No data limits • Not limited to one vendor How Will the New Privacy Regulations Affect Your Digital Setup?
  • 24. Tuning in on Consumers’ Rights: DNT • Universal Web Tracking Opt Out • Does your software respect the DNT setting? How Will the New Privacy Regulations Affect Your Digital Setup? Source: DoNotTrack
  • 25. Q&A