Privacy by design
2 likes888 views
The document reflects on the first six months of the GDPR's implementation in the EU, highlighting ongoing issues such as insufficient staff at data protection authorities and continued corporate non-compliance. It notes significant data breaches affecting major companies, raising concerns about the effectiveness of GDPR protections. The author emphasizes the importance of 'privacy by design' and the shared responsibility of developers to ensure data security.
Privacy by design
- 1. GDPR PRIVACY BY DESIGN A reflection of 6 months GDPR in EU
- 2. MICHELANGELO VAN DAM I'm a senior #php architect, co-founder and #ceo of @in2itvof, #community leader at @phpbenelux, coach at @CoderDojoBelgium, #MVP, #digitalnomad, likes #coffee.
- 3. GDPR WHAT WAS GDPR AGAIN?
- 4. GDPR WHAT WAS GDPR AGAIN? Regulate the privacy of EU data subjects
- 5. GDPR WHAT WAS GDPR AGAIN? Regulate the privacy of EU data subjects Sanction corporations in violation of GDPR
- 6. GDPR WHAT WAS GDPR AGAIN? Regulate the privacy of EU data subjects Sanction corporations in violation of GDPR Offer a privacy framework for businesses
- 8. GDPR 6 MONTHS LATER… Lots of consent e-mailsX
- 9. GDPR 6 MONTHS LATER… Lots of consent e-mailsX Insufficient staff at DPA’sX
- 10. GDPR 6 MONTHS LATER… Lots of consent e-mailsX Insufficient staff at DPA’sX Businesses still neglect regulationX
- 11. IS GDPR A FUD?
- 12. IS GDPR A FUD? Promise to increase staff?
- 13. IS GDPR A FUD? Promise to increase staff? More compliance control?
- 14. IS GDPR A FUD? Promise to increase staff? More compliance control? Other GDPR-like regulations outside of EU?
- 16. DATA BREACH PROTECTION? Cases against Facebook, Google & Microsoft
- 17. DATA BREACH PROTECTION? Cases against Facebook, Google & Microsoft Warnings given for EU violations
- 18. DATA BREACH PROTECTION? Cases against Facebook, Google & Microsoft International violations not consideredX Warnings given for EU violations
- 19. STATISTICS Breaches reported between May 25 2018 and January 28 2019 0 4000 8000 12000 16000 Austria Belgium Bulgaria Croatia Cyprus Czechia Denmark Estonia Finland France Germany Greece Hungary Ireland Italy Latvia Lithuania Luxembourg Malta Netherlands Poland Portugal Romania Slovakia Slovenia Spain Sweden UK Source: BleepingComputer
- 21. ๏ Sales Intelligence business ๏ Breached on July 23, 2018 ๏ 200+ Million records ๏ Data aggregator PERSONAL BREACHES
- 24. “Action from Europe not possible”
- 25. “Action from Europe not possible” “Change your password”
- 27. THIS GDPR ISSUE WAS FEATURED ON TROYHUNT.COM
- 28. ๏ Global hotel chain ๏ November 19, 2018 ๏ 500+ Million records breached ๏ Data includes passport numbers PERSONAL BREACHES
- 31. “GBA does not have any information”
- 32. “GBA does not have any information” “Contact Starwood on their data breach website”
- 34. WHY CARE? It seems nothing changed and things are what they were before GDPR
- 40. #ProTip: Register with haveibeenpwned.com to be notified when your data was found in a breach
- 41. WE NEED PROTECTION! Our identity is at stake!
- 43. Require minimal personal information PRIVACY BY DESIGN
- 44. Require minimal personal information PRIVACY BY DESIGN Encryption on data, storage and networks
- 45. Require minimal personal information PRIVACY BY DESIGN Encryption on data, storage and networks Remove data when no longer needed
- 47. INTERNATIONAL ADOPTION Australia India US (California) Canada Argentina Uruguay New Zealand South Africa
- 49. INTERNATIONAL ADOPTION More countries are taking actions
- 50. IT’S UP TO THE DEVELOPERS!
- 51. IT’S UP TO THE DEVELOPERS! Learn about (web application) security
- 52. IT’S UP TO THE DEVELOPERS! Learn about (web application) security Learn about encryption types & techniques
- 53. IT’S UP TO THE DEVELOPERS! Learn about (web application) security Learn about encryption types & techniques Add more telemetry in your applications
- 57. GREENFIELD PROJECT User information Location data Advertisements
- 60. BROWNFIELD PROJECT Customer data Financial records
- 61. BROWNFIELD PROJECT Customer data Financial records Employee info
- 62. SUMMARY
- 63. SUMMARY GDPR is here to stay
- 64. SUMMARY GDPR is here to stay Personal information protection goes global
- 65. SUMMARY GDPR is here to stay Personal information protection goes global We all have a responsibility to protect data
- 66. REFERENCES Article 25 GDPR ENISA Privacy By Design ICO Data protection
- 67. QUESTIONS?