gdpr foss
play

GDPR & FOSS Marc Jones CIPP/US, CISSP Compliance Engineer - PowerPoint PPT Presentation

Feb 23, 2024 •237 likes •707 views

GDPR & FOSS Marc Jones CIPP/US, CISSP Compliance Engineer & In-House Counsel marc.jones@civicactions.com Overview | IANYL | TINLA Obligatory IANYL* TINLA** Currently Compliance Engineer & In-House Counsel at CivicActions

  1. GDPR & FOSS Marc Jones CIPP/US, CISSP Compliance Engineer & In-House Counsel marc.jones@civicactions.com

  2. Overview | IANYL | TINLA ➔ Obligatory IANYL* TINLA** ➔ Currently Compliance Engineer & In-House Counsel at CivicActions ➔ But these are my own views * I am not your lawyer ** This is not legal advice FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  3. Overview ➔ GDPR is the new EU privacy law ➔ Generally no specific requirements for software developers ➔ Presents an oppertunity for FOSS FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  4. Why listen to this presentation?

  5. Why Listen to this presentation 1. Why is free software important to you? a. Concerned with control i. of their own computer ii. with other people having control of their computers iii. It’s not really about the computer, it is about the data 2. Obsessed with encrypting things i. Generally strong supporters of “privacy” FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  6. Why listen to this presentation | FOSS developers as civil libertarians Key documents of FOSS ➔ The Free Software Definition ➔ Debian Social Contract ➔ Open Source Definition FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  7. Why listen to this presentation | FOSS developers as civil libertarians ‘To understand the concept, you should think of “free” as in “free speech,” not as in “free beer”.’ “The Free Software Definition,” Free Software Foundation http://www.gnu.org/philosophy/free-sw.html FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  8. Why listen to this presentation | FOSS developers as civil libertarians 0. The freedom to run the program as you wish, for any purpose (freedom 0). 1. The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this. 2. The freedom to redistribute copies so you can help your neighbor (freedom 2). 3. The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this. “The Free Software Definition,” Free Software Foundation http://www.gnu.org/philosophy/free-sw.html FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  9. Why listen to this presentation | FOSS developers as civil libertarians 0. The freedom to run the program as you wish, for any purpose (freedom 0). 1. The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this. 2. The freedom to redistribute copies so you can help your neighbor (freedom 2). 3. The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this. “The Free Software Definition,” Free Software Foundation http://www.gnu.org/philosophy/free-sw.html FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  10. Why listen to this presentation | FOSS developers as civil libertarians Privacy is more than encryption ➔ Privacy isn’t just “[some ]thing To Hide ” argument ➔ It’s “ the right to be let alone ” FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  11. Why listen to this presentation | FOSS developers as civil libertarians Privacy is often viewed just as about ● hiding wrongs Violations of privacy are not just ● “Orwellien but Kafkaesque.” “Violations of privacy affect the power ● relationships between people and the institutions of the modern state” FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  12. Why listen to this presentation | FOSS developers as civil libertarians Privacy is more than encryption ➔ Privacy isn’t just “[some ]thing To Hide ” argument ➔ It’s “ the right to be let alone ” FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  13. Overview of the General Data Protection Regulation (GDPR)?

  14. Overview of the GDPR 1. What is it? 2. What does it protect? 3. Who has to follow the rules? 4. Basic rules FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  15. Overview of the GDPR | What is it? ➔ General Data Protection Regulation ➔ Replaces Data Protection Directive (95/46/EC) ➔ Effective May 2018 ➔ Technology Neutral, Risk based approach FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  16. Overview of the GDPR | What is it? ➔ “lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.” Art. 1 § 1 ➔ “protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.” Art. 1 § 2 FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  17. Overview of the GDPR 1. What is it? 2. What does it protect? 3. Who has to follow the rules? 4. Basic rules FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  18. Overview of the GDPR | What does it protect? ➔ “applies to the processing of personal data wholly or partly by automated means, and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system” Art.2 § 1 FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  19. Overview of the GDPR | What does it protect? Exceptions ➔ “by natural persons in the course of a purely personal or household activity” Art 2(2)(c) ➔ National security ➔ Many parts of law enforcement ➔ Matters outside the scope of EU law FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  20. Overview of the GDPR | Who does it apply to? Who does it apply to? ➔ Any controller/processor established in the EU ➔ Any controller offering goods or services in the EU ➔ Anyone that EU law applies too FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  21. Overview of the GDPR | Who does it apply to? Summary: ➔ GDPR Basically everyone who is processing data on a EU citizen ➔ Unless it is for personal reasons FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  22. Overview of the GDPR | Who does it apply to? Definitions “Controller” - the guy who wanted the data ➔ “Processor” - the guy actually holding or manipulating the data ➔ “Processing” - doing anything to the data ➔ “Data subject” - you (or any other natural person) ➔ “Personal data” - any information about a identifiable data subject ➔ FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  23. Overview of the GDPR | Who does it apply to? TLDR/Definitions For Lawyers “'processing' means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;” “'personal data' means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;” FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  24. Overview of the GDPR 1. What is it? 2. What does it protect? 3. Who does it apply to? 4. Basic rules FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

  25. Overview of the GDPR | Basics Purposes of the GDPR “Transparency” - processed in a “transparent manner” ➔ “Purpose limitation” - collected for a specified legitimate purpose ➔ “Data minimization” - adequate, relevant and limited to what is necessary ➔ “Accuracy” - keep data up to date; delete or update inaccurate information ➔ “Storage limitation”* - retain data only as long as it is necessary to fulfill the original ➔ purpose “Integrity and confidentiality” - use “appropriate technical or organizational measures” to ➔ protect data GDPR Art. 5(1) * Some exceptions for research FOSDEM ‘17 | GDPR & FOSS | MARC JONES | @marcturnerjones | @CIVICACTIONS

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

FOSS In FOSS In Animation Industry Animation Industry About me Hello, my name is Frank

FOSS In FOSS In Animation Industry Animation Industry About me Hello, my name is Frank

FOSS In FOSS In Animation Industry Animation Industry About me Hello, my name is Frank Rousseau FOSS Entrepreneur (CEO at CGWire, Ex-CTO at Cozy) FOSS Side-projects (Newebe, request-json) FOSS Contributor (Open Food Facts, Diaspora) 15

379 views • 24 slides
GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data Protection Regulation Came into force on May 25 th Replaces the current 1995 Data Protection Directive and Data Protection Act (1998). What is GDPR?

570 views • 18 slides
Choosing a License foss-north pod foss-north foss-north Choosing a License Things to consider

Choosing a License foss-north pod foss-north foss-north Choosing a License Things to consider

Choosing a License foss-north pod foss-north foss-north Choosing a License Things to consider Is this code? Permissive or Copyleft Patents or not Legal aspects foss-north Choosing a License Is this code? We only talk

185 views • 7 slides
Andy Carr, FOSS UK & Ireland 1 The top 100 companies More than 40,000 in food and

Andy Carr, FOSS UK & Ireland 1 The top 100 companies More than 40,000 in food and

Andy Carr, FOSS UK & Ireland 1 The top 100 companies More than 40,000 in food and agriculture use customers world-wide FOSS solutions 80% of grain traded on the world market is analysed with a FOSS solution More than 30,000

896 views • 23 slides
Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

garjoh_canuck Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett Johnson (Boston U) Scott Shriver (U Colorado Boulder) GDPR Impact GDPR General Data Protection Regulation EU EEA Brexit GDPR

833 views • 27 slides
Innovation Hacking FOSS FOSS is the philosophy and suite of technologies that make innovation

Innovation Hacking FOSS FOSS is the philosophy and suite of technologies that make innovation

Innovation Hacking FOSS FOSS is the philosophy and suite of technologies that make innovation and liberty possible. WHAT! WHY ? Events in Blue Wing BUILD YOUR OWN PC ARDUINO BASICS RASPBERRY PI W/BLUETOOTH Visual Touch w/Arduino PLAYING

1.59k views • 113 slides
KDE Kerala The story of FOSS & KDE in Kerala Subin Siby 2020-01-18 subinsb.com/s/cki2020 1

KDE Kerala The story of FOSS & KDE in Kerala Subin Siby 2020-01-18 subinsb.com/s/cki2020 1

KDE Kerala The story of FOSS & KDE in Kerala Subin Siby 2020-01-18 subinsb.com/s/cki2020 1 Outline History of FOSS In Kerala FOSS In Education Localization 2 History of FOSS In Kerala Kerala Made by Filpro, CC-BY-SA 4.0 Language:

741 views • 30 slides
Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Presentation by Michalis Mantzaris, PhD Introduction to General Data Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does it apply? Consisting elements and Guideline provision Key changes and

605 views • 23 slides
Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do to be compliant? Data Breaches How does the GDPR affect you? Steps to Compliance Summary What is the GDPR? q The EU's General Data

355 views • 17 slides
PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

GENERAL DATA PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles of of GDPR How does it effect school How are school preparing How does it effect individual staff How can

475 views • 12 slides
Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require? How does an Australian business comply? Action Plan Section 1: GDPR is here Privacy in the digital age Historically, privacy was almost

513 views • 40 slides
Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Almost one year after the GDPR, where are we now? Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The first year of the GDPR can best be described as "quiet test run. What are the most striking

405 views • 8 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
FOSS MADE US DO IT! How switching to open source tools enabled video innovation Gustav Grusell

FOSS MADE US DO IT! How switching to open source tools enabled video innovation Gustav Grusell

FOSS MADE US DO IT! How switching to open source tools enabled video innovation Gustav Grusell Olof Lindman AGENDA ANNOUNCEMENT OF GREAT SUCCESS WITH FOSS! FOSS AT SVT INTRODUCTION TO VIDEO STREAMING MOVING OUR VOD PIPELINE FROM

1.17k views • 64 slides
GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont be scared 60% of people welcome the rights under GDPR 48% of UK adults plan to activate their rights 56% welcome the right to object to marketing

1.32k views • 37 slides
GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0 Advising, Monitoring, Enforcing European Data Protection Board Art. 68 - 73 (replacing the Art. 29 Working Party) advise Supervisory

626 views • 8 slides
Volterra operators on Banach spaces of analytic functions om, Mikael Lindstr Abo Akademi

Volterra operators on Banach spaces of analytic functions om, Mikael Lindstr Abo Akademi

Volterra operators on Banach spaces of analytic functions om, Mikael Lindstr Abo Akademi University mikael.lindstrom@abo.fi Poznan, July 2018 Mikael Lindstr om () Volterra operators Poznan, July 2018 1 / 35 Mikael Lindstr om ()

543 views • 37 slides
Decomposing compositions and three theorems of Frostman Pamela Gorkin Bucknell University

Decomposing compositions and three theorems of Frostman Pamela Gorkin Bucknell University

Decomposing compositions and three theorems of Frostman Pamela Gorkin Bucknell University August 2013 Joint work with Finite Blaschke products: Ueli Daepp, Ben Sokolowsky, Andrew Shaffer, Karl Voss (Bucknell University) Three theorems of

1.13k views • 79 slides
mwetoolkit: A tool for automated extraction of multi-word expressions Vtor De Arajo Carlos

mwetoolkit: A tool for automated extraction of multi-word expressions Vtor De Arajo Carlos

mwetoolkit: A tool for automated extraction of multi-word expressions Vtor De Arajo Carlos Ramisch Multi-word expressions Combinations of words that present linguistical or statistical idiosyncrasies Phrasal verbs: carry up, consist

403 views • 16 slides
Closed range composition operators on BMOA Maria Tjani University of Arkansas Joint work with

Closed range composition operators on BMOA Maria Tjani University of Arkansas Joint work with

Closed range composition operators on BMOA Maria Tjani University of Arkansas Joint work with Kevser Erdem University of Arkansas CAFT 2018 University of Crete July 2-6, 2018 Maria Tjani C : BMOA BMOA Notation D = { z C : | z |

696 views • 51 slides
English Peter Spiers CIRCUS! Tuesday 2 nd June Task: Imagine you are peeping through the

English Peter Spiers CIRCUS! Tuesday 2 nd June Task: Imagine you are peeping through the

English Peter Spiers CIRCUS! Tuesday 2 nd June Task: Imagine you are peeping through the fence watching the set up of the circus. What can you hear, see, smell, taste and feel? Write a descriptive piece of writing using your senses to

579 views • 28 slides
Welcome! Schedule Green: Favorite part of your work?

Welcome! Schedule Green: Favorite part of your work?

Welcome! Schedule Green: Favorite part of your work? Red: Most challenging part of your work? Brown: Tell me about an adult that had a significant impact on your life. Yellow: Tell me about where

1.07k views • 50 slides
COSIC COSIC Korea University K.U. Leuven FSE 2007

COSIC COSIC Korea University K.U. Leuven FSE 2007

FSE 2007 in Luxembourg, 2007/Mar./26~28 Related-Key Rectangle Attacks on Reduced AES-192 and AES-256 Jointly worked with Seokhie Hong and Bart Preneel, Speaker: Jongsung Kim COSIC COSIC Korea University K.U. Leuven FSE 2007

874 views • 25 slides
Advanced FORK-256 Presented by Seokhie Seokhie Hong Hong Presented by hsh@cist.korea.ac.kr

Advanced FORK-256 Presented by Seokhie Seokhie Hong Hong Presented by hsh@cist.korea.ac.kr

Advanced FORK-256 Presented by Seokhie Seokhie Hong Hong Presented by hsh@cist.korea.ac.kr hsh@cist.korea.ac.kr Advanced FORK-256 FORK-256 Introduction to FORK-256 The security of hash functions has recently become one of the The

451 views • 6 slides

More recommend