today we re going to talk about
play

Today were going to talk about The different ways we view online - PowerPoint PPT Presentation

Jan 16, 2024 •24 likes •674 views

Today were going to talk about The different ways we view online privacy Why this matters for us in open source How to bridge these divides in our work Who am I? (possibly a bad question for 9 AM on a Saturday morning) Glasgow, Scotland

  2. Today we’re going to talk about The different ways we view online privacy Why this matters for us in open source How to bridge these divides in our work

  3. Who am I? (possibly a bad question for 9 AM on a Saturday morning)  Glasgow, Scotland  Designed my first web site in 1997  Professional web designer from 2007-2015  Now work exclusively in digital law and tech policy  Exhaustive/exhausting work on GDPR in the two year leadup  Not a lawyer!

  4. Privacy is changing, and so are we.

  5. Europe’s privacy overhaul GDPR: 25 May 2018 • Replaced the Data Protection Directive of 1995 • Maintains original principles, expands and modernises • Data at rest: collection, usage, retention ePrivacy Directive: TBD (autumn/winter?) • Replaces the ePrivacy Directive of 2002 • Data in transit: cookies, telemetry, advertising beacons, marketing

  6. America is waking up Balancing the Rights Of Web Surfers Equally and Responsibly (BROWSER) Act of 2017 Social Media Privacy and Consumer Rights Act of 2018 Secure and Protect Americans’ Data Act (SPADA) of 2017 Customer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act of 2018 Internet Bill of Rights of 2018

  7. Why does that matter?

  8. Because we have very different cultural approaches to privacy.

  9.  Privacy is a fundamental human right  Data belongs to the subject European  Opt-in culture cultural  Culture of constructive approach to work through regulators, privacy with fines or court action a rare last resort  People trust governments and fear businesses

  10.  Free speech is a fundamental human right  Data belongs to the American owner cultural  Opt-out culture approach to  Culture of adversarial privacy courtroom litigation  People fear governments and trust businesses

  11. We also have very different legal approaches to privacy.

  12.  Privacy is regulated through hard law  One overarching law for all member states and sectors European  Data protection legal approach regulators to privacy  Not tied to citizenship or nationality  Privacy is its own law  Litigation is the last resort

  13.  Privacy is governed through soft law  No overarching DP law; piecemeal approach across sectors and states  No data protection American regulator legal approach  Tied to citizenship and to privacy nationality  Privacy is a subcategory of contract, tort, or property law  Litigation is the first resort

  14. And when it comes to privacy, we don’t agree to disagree.

  15. Things Europeans say about the American approach to privacy… “Their tone is still far from “Even before GDPR acknowledging the “Wild West” starts, they are violating serious concerns people the rules” have” “A lack of progress may challenge the “We thank you for effectiveness of self- appearing to testify regulation in this area before our committee and may increase the today” pressure to legislate.”

  16. …and things Americans say about the European approach to privacy “It could significantly “The European interrupt transatlantic approach runs the risk “Jack-booted thugs” commerce and create of being insensitive to unnecessary barriers context” to trade” “I don't understand how we've reached a point “There should be no where we, in the United government States, are reliant on a involvement” foreign regulation to protect our data”

  17. We all have a different understanding of “privacy”.

  18. …and who are we?

  19. We make the software that runs the open web. We are people of enormous power and influence over privacy on the internet.

  20. And we’ve never acknowledged our differences.

  21. What happens when our differences meet? We structure our projects with different cultural approaches to privacy We write our code with different legal approaches to privacy We assume everyone we code with works and thinks like we do We create the open web with no common standard for privacy We fail to do enough protect the people in the data We don’t learn from our mistakes.

  22. That changes today.

  23. Today we start the journey to an open source best practice standard for privacy.

  24. But how do we do that?

  25. What you need to have Definitions and principles Documentation and resources Leadership Community

  26. Definitions and principles What is “privacy” about, as a principle and not as a law?

  27. Two kinds of privacy rules Hard law and regulation Soft law and regulation  GDPR  Industry codes of conduct  the ePrivacy Directive  ISO standards  COPPA / HIPPA  International conventions  Autoriteit Persoonsgegevens  Frameworks (PbD) Hard laws build their foundations on the standards defined in soft laws. This is certainly the case for online privacy.

  28. Definitions and principles Let’s use soft law to identify common privacy values.

  29. International privacy frameworks 1. OECD Privacy Principles (1980) 2. Council of Europe Convention for the Protection of Individuals with Regard to the Processing of Personal Data (1980/two weeks ago 2018) 3. ISO/IEC 2001 International Standard on Information Technology / Security Techniques / Privacy Framework (2011) 4. APEC Privacy Framework (2005) 5. FTC Fair Information Practice Principles (2000)

  30. OECD COE ISO APEC FIPP Collection Limitation Legitimacy of data Consent and choice Preventing harm Notice/Awareness Principle processing and quality of data Data Quality Principle Special categories of data Purpose legitimacy and Notice Choice/Consent specification Purpose Specification Data security Collection limitation Collection limitation Problems with Principle Choice/Consent Use Limitation Principle Transparency of Data minimization Uses of personal Access/Participation processing information Security Safeguards Rights of the data subject Use, retention and disclosure Choice Integrity/Security Principle limitation Openness Principle Accuracy and quality Integrity of personal Enforcement/Redress information Individual Participation Openness, transparency and Security safeguards Principle notice Accountability Individual participation and Access and correction Principle access Accountability Accountability Information security Privacy compliance

  31. OECD COE ISO APEC FIPP Collection Limitation Legitimacy of data Consent and choice Preventing harm Notice/Awareness Principle processing and quality of data Data Quality Principle Special categories of data Purpose legitimacy and Notice Choice/Consent specification Purpose Specification Data security Collection limitation Collection limitation Problems with Principle Choice/Consent Use Limitation Principle Transparency of Data minimization Uses of personal Access/Participation processing information Security Safeguards Rights of the data subject Use, retention and disclosure Choice Integrity/Security Principle limitation Openness Principle Accuracy and quality Integrity of personal Enforcement/Redress information Individual Participation Openness, transparency and Security safeguards Principle notice Accountability Individual participation and Access and correction Principle access Accountability Accountability Information security Privacy compliance

  32. Standards and definitions Common privacy values

  33. Data Collect only the data you minimisation need and no more

  34. Ensure that the data is true, Data integrity authentic, and up to date

  35. Use the data only for the Purpose purpose you collected it for minimisation and nothing else

  36. Do not use the data for other purposes, keep it Lifecycle longer than you need, or limitation share it with others without reason

  37. Take adequate technical Human and and human measures to technical protect the data from misuse and its subjects from security harm

  38. Make public what data you Transparency hold, why you hold it, and and notice what you do with it

  39. Give people rights to access User their data, correct mistakes, participation and the ability to ask you to and rights stop using their data

  40. Fix problems when things Accountability, go wrong, make it right enforcement, when people are hurt, and face the consequences for and redress misuse.

  41. Give people choices, Choice, control, options, and rights over how and consent you use their data at any time

  42. Take care with sensitive Special data which could result in categories of the people it is about being data hurt

  43. Work cooperatively and Legal productively with compliance regulations, laws, and supervisory bodies

  44. 11 universal privacy principles Data Purpose Lifecycle Data integrity minimisation minimisation limitation Human and User Accountability, Transparency technical participation enforcement, and notice security and rights and redress Special Choice, control, Legal categories of and consent compliance data

  45. Creating and following “soft regulation” principles for user privacy lessens the chances of “hard regulation” being imposed onto your project.

  46. Documentation and resources Map your privacy principles to your development workflows

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 And here you can also see our funding sources. 2 Today I'm going to talk about some

1 And here you can also see our funding sources. 2 Today I'm going to talk about some

First, I'd like to acknowledge my colleagues, Dr. Sue Bakken is my mentor and is the PI of one of the major projects I'll be talking about today. 1 And here you can also see our funding sources. 2 Today I'm going to talk about some

640 views • 29 slides
- The talk today will be about the SAT between convex polyhedra 1 - Why shall we use the SAT?

- The talk today will be about the SAT between convex polyhedra 1 - Why shall we use the SAT?

- Welcome! My name is Dirk Gregorius and I am software engineer at Valve working on collision detection and rigid body simulation. - The talk today will be about the SAT between convex polyhedra 1 - Why shall we use the SAT? - The SAT is

790 views • 51 slides
My talk today is about engaging patients with low health literacy. 1 Health literacy is a

My talk today is about engaging patients with low health literacy. 1 Health literacy is a

My talk today is about engaging patients with low health literacy. 1 Health literacy is a key factor in securing access to healthcare services. So in my talk today, Ill talk a little bit about health literacy and what it is, how we

276 views • 27 slides
hi I am Ali and I am Hannah- we'd like you all to know that this brief talk today is done in honor

hi I am Ali and I am Hannah- we'd like you all to know that this brief talk today is done in honor

hi I am Ali and I am Hannah- we'd like you all to know that this brief talk today is done in honor of the children you see here- each of whom is no longer alive because of their food allergies including the ones in red who were each a twin like

451 views • 9 slides
CSE 527 Lecture 7 Relative entropy Convergence of EM Weight matrix motif models Talk Today

CSE 527 Lecture 7 Relative entropy Convergence of EM Weight matrix motif models Talk Today

CSE 527 Lecture 7 Relative entropy Convergence of EM Weight matrix motif models Talk Today COMBI Seminar Today: Dr. David Baker Progress in High-Resolution Modeling of Protein Structure and Interactions Today, October 19, 2005

452 views • 15 slides
I had planned a different talk than I will give today because Yasunari san reminded me in a

I had planned a different talk than I will give today because Yasunari san reminded me in a

I had planned a different talk than I will give today because Yasunari san reminded me in a recent email that in this conference I must talk about the non governmental organization I work for, especially our work on research driven

451 views • 16 slides
CSSE 220 Objects Check out SuperSimpleObjects and TeamGradebook from SVN Plan for today Talk

CSSE 220 Objects Check out SuperSimpleObjects and TeamGradebook from SVN Plan for today Talk

CSSE 220 Objects Check out SuperSimpleObjects and TeamGradebook from SVN Plan for today Talk about object references and box and pointer diagrams Talk about static methods Continue working on writing your own classes Get started

556 views • 16 slides
Agenda 1. Observations 2. Projects 3. Trends Today my talk is grouped into 3 areas. Consider

Agenda 1. Observations 2. Projects 3. Trends Today my talk is grouped into 3 areas. Consider

Agenda 1. Observations 2. Projects 3. Trends Today my talk is grouped into 3 areas. Consider looking for the papers, articles and books below that I referenced today. The Sciences of the Artificial by Herbert Simon Wicked Ideas in Design

685 views • 50 slides
Hello Everybody! Today I am pleased to talk about Analytical Approach toward Thematic

Hello Everybody! Today I am pleased to talk about Analytical Approach toward Thematic

Hello Everybody! Today I am pleased to talk about Analytical Approach toward Thematic Philately 1 Todays agenda will be first I will touch upon my own exhibit on Beethoven, and then, talk about analytical approach on three important

968 views • 48 slides
Design VS Data Today Id like to talk about Design and Data. I want to acknowledge that the

Design VS Data Today Id like to talk about Design and Data. I want to acknowledge that the

Design VS Data Today Id like to talk about Design and Data. I want to acknowledge that the whole data vs design argument has been playing out and philosophized over for decades. I am not here to talk about this today, but I do have a strong

379 views • 34 slides
Purpose Introduce Canadian Mental Health Associations (CMHA) Talk Today Program Show

Purpose Introduce Canadian Mental Health Associations (CMHA) Talk Today Program Show

Purpose Introduce Canadian Mental Health Associations (CMHA) Talk Today Program Show how Talk Today is being implemented on two campuses Lessons Learned Qs and As about implementation Program inception Collaboration

568 views • 32 slides
Thanks for introducing me, and thank you all for coming to my talk. Today I would like to introduce

Thanks for introducing me, and thank you all for coming to my talk. Today I would like to introduce

Thanks for introducing me, and thank you all for coming to my talk. Today I would like to introduce And here I would also like to thank all my collaborators great help. Introduction: 3 Sampling: 4 Basis: 2 Laplace: 4 Results: 3 1 Our work is

787 views • 56 slides
I want to thank Mary and all my friends at the Kansas Rural Center for the invitation to talk

I want to thank Mary and all my friends at the Kansas Rural Center for the invitation to talk

I want to thank Mary and all my friends at the Kansas Rural Center for the invitation to talk with you today. I feel truly blessed to be with you all. My topic today is sustainable agriculture yesterday, today, and tomorrow, with a particular

154 views • 12 slides
PRESENTATI ON PHRASES MAKI NG A START Title/ Subject Id like to talk (to you) today about

PRESENTATI ON PHRASES MAKI NG A START Title/ Subject Id like to talk (to you) today about

PRESENTATI ON PHRASES MAKI NG A START Title/ Subject Id like to talk (to you) today about Im going to present the recent explain our position on brief you on inform you about describe The subject of my talk focus

341 views • 3 slides
CS 105 SUMMER WEDNESDAY 6 What to talk about today? The with statement in more detail

CS 105 SUMMER WEDNESDAY 6 What to talk about today? The with statement in more detail

CS 105 SUMMER WEDNESDAY 6 What to talk about today? The with statement in more detail Splitting and joining strings csv files and the csv module More slicing Nested Loop Example Questions youd want me to touch on

712 views • 37 slides
Dear Shareholders, It is a great pleasure to see so many of you here today. I will talk about last

Dear Shareholders, It is a great pleasure to see so many of you here today. I will talk about last

Managing Director Karl- Johan Perssons p resentation at the AGM 2012 Dear Shareholders, It is a great pleasure to see so many of you here today. I will talk about last year, but also tell you a little bit about our plans ahead. At H&M we

347 views • 6 slides
Jack Simons Ltd Digital Archive, Heritage Preservation and Personal Data Protection Advisors Who

Jack Simons Ltd Digital Archive, Heritage Preservation and Personal Data Protection Advisors Who

Jack Simons Ltd Digital Archive, Heritage Preservation and Personal Data Protection Advisors Who are we? Founded as File Flatners Ltd 2004 John Munton bought other partners out Oct 2010 Mark Povey joined Sept 2013 and began increasing

400 views • 17 slides
Protection Regulation LawWorks Roundtable Ceri Chave & Robert Maddox - Debevoise &

Protection Regulation LawWorks Roundtable Ceri Chave & Robert Maddox - Debevoise &

The EU General Data Protection Regulation LawWorks Roundtable Ceri Chave & Robert Maddox - Debevoise & Plimpton LLP Lesley Tadgell-Foster - National Council for Voluntary Organisations 2 March 2018 Aims & Outcome Gain

792 views • 32 slides
IMPLICATIONS OF THE GDPR IN THE US Francisco Garca Martnez Illinois Institute of Technology

IMPLICATIONS OF THE GDPR IN THE US Francisco Garca Martnez Illinois Institute of Technology

ANALYSIS OF THE US PRIVACY MODEL - IMPLICATIONS OF THE GDPR IN THE US Francisco Garca Martnez Illinois Institute of Technology Contact: Francisco Garca Martnez fgarciamartinez@hawk.iit.edu linkedin.com/in/francisco-g-martinez

330 views • 12 slides
PDPA THAILANDS PERSONAL DATA PROTECTION ACT LEGAL UPDATE & IMPLEMENTATION GUIDE

PDPA THAILANDS PERSONAL DATA PROTECTION ACT LEGAL UPDATE & IMPLEMENTATION GUIDE

PDPA THAILANDS PERSONAL DATA PROTECTION ACT LEGAL UPDATE & IMPLEMENTATION GUIDE THAILANDS MR. FLORIAN MAIER, LL.M. GLOWFISHTHAILANDS MANAGING DIRECTOR, ANTARES ADVISORY LTD. AUSTCHAM BREAKFAST BRIEFING 19 FEBRUARY 2020 GLOWFISH

424 views • 24 slides
Data Protection Mark Gleeson Todays focus Briefing on the new law Identify the

Data Protection Mark Gleeson Todays focus Briefing on the new law Identify the

Data Protection Mark Gleeson Todays focus Briefing on the new law Identify the practical impact on you Design your GDPR compliance programme #GenerationGDPR GDPR background What is it? Why is it coming in? What

515 views • 29 slides
COVID 19: THE PRIVACY LINE BY AKINKUNMI AKINWUNMI (LEAD PARTNER, PARAGON ADVISORS; AUTHOR THE

COVID 19: THE PRIVACY LINE BY AKINKUNMI AKINWUNMI (LEAD PARTNER, PARAGON ADVISORS; AUTHOR THE

COVID 19: THE PRIVACY LINE BY AKINKUNMI AKINWUNMI (LEAD PARTNER, PARAGON ADVISORS; AUTHOR THE NIGERIAN INTERNET LAW) SPEAKER Akinkunmi Akinwunmi Lead Partner, Paragon Advisors LLM, UC Berkeley Author - The Nigerian Internet Law

522 views • 19 slides
Sav aviour CACHIA IA - Commissione ner Office of the Information and Data Protection

Sav aviour CACHIA IA - Commissione ner Office of the Information and Data Protection

General Data Protection Regulation (GDPR) Sav aviour CACHIA IA - Commissione ner Office of the Information and Data Protection Commissioner Regulation (EU) 2016/679 ... on the protection of natural persons with regard to the processing of

504 views • 13 slides
General Data Protection Regulation (GDPR) 19 th February 2018 At a glance Effective 25 th May

General Data Protection Regulation (GDPR) 19 th February 2018 At a glance Effective 25 th May

General Data Protection Regulation (GDPR) 19 th February 2018 At a glance Effective 25 th May 2018. Extra-territorial. Single legislation for all EU member states, almost! Imposes stricter regulations on any organisation with

564 views • 19 slides

More recommend