O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

GDPR is no longer about compliance

198 visualizações

Publicada em

GDPR is no longer about compliance. Tackle risk and meeting the future, lawyers and engineers together.

Publicada em: Tecnologia
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

GDPR is no longer about compliance

  1. 1. 1 © Nokia 2016 GDPR is no longer about compliance: Tackle risk and meeting the future, lawyers and engineers together. Public Dr. Ian Oliver Bell Labs, Finland Stockholm, Sweden, 27 May 2017 Cognizant Snapshot Breakfast - How can GDPR Generate New Business Opportunities?
  2. 2. 2 © Nokia 2016 Public What is compliance anyway?
  3. 3. 3 © Nokia 2016 Public What is compliance anyway? A set of rules that must be followed…?
  4. 4. 4 © Nokia 2016 Public What is compliance anyway? A set of rules that must be followed…?
  5. 5. 5 © Nokia 2016 Compliance is fragile Public char collectDataFlag = 'Y'; // Future proofed boolean // Y for yes, N for no void collectDataFunction(){ //collect IMEI, IMSI, MSISDN, TimeStamp and location //and send to the hardcoded IP address ... } void checkDataCollection(){ switch(collectDataFlag){ case 'N' : // don't do anything case 'Y' : // ok to collect everything collectDataFunction(); } }
  6. 6. 6 © Nokia 2016 Public The GDPR talks about risk
  7. 7. 7 © Nokia 2016 Public Which can solved by more processes and better compliance
  8. 8. 8 © Nokia 2016 Public Which can solved by more processes and better compliance?
  9. 9. 9 © Nokia 2016 Public Process Method (Technique, Skills): Requirements Ontology Modelling Metrics Risk Management and Comprehension Culture
  10. 10. 10 © Nokia 2016 Public Some industries have already understood this...
  11. 11. 11 © Nokia 2016 Public Privacy is a safety-critical concept.
  12. 12. 12 © Nokia 2016 Public Privacy is a safety-critical concept. Privacy lawyers vs Software engineers
  13. 13. 13 © Nokia 2016 Public Privacy is a safety-critical concept: Privacy lawyers & Software engineers: Integration of terminology Problem solving (never say ‘no’) Risk management not rules Comprehend risk, don’t avoid it Compliance = Rules & Hiding => Bad Tools Culture

×