SlideShare ist ein Scribd-Unternehmen logo

Privacy experience in Plone and other open source CMS

Als PPTX, PDF herunterladen
Interaktiv
Interaktiv

We are the good guys - aren't we?

Internet
1 von 38
Jörg Zell Interaktiv GmbH www.interaktiv.de We are the good guys – aren`t we? Privacy Experience in Plone and other Open Source CMS
Why does privacy matter? © Interaktiv GmbH 2 |
© Interaktiv GmbH 3 | PRIVACY IS ONE PART OF USER EXPERIENCE User Experience User Design Usability Privacy Many more..Security Accessability Performance
© Interaktiv GmbH 4 | Source: https://www.statista.com/statistics/290525/cyber-crime-biggest-online-data-breaches- worldwide/
Examples of recent privacy issues  Facebook Security Breach in September 2018 50 Millon accounts compromised  Facebook-Cambridge Analytica scandal $134b loss in market value  Yahoo: 250.000 pound fine in June 2018 over breach „ Yahoo failed to take appropriate technical and organizational measures“  Credit-monitoring company Equifax 2017 data More than half of Americans affected © Interaktiv GmbH 5 | WHY PRIVACY MATTERS Equifax data breach in numbers
Privacy experience is a global trend © Interaktiv GmbH 6 |
© Interaktiv GmbH 7 | GDP R Source: https://www.dlapiperdataprotection.com/index.html APP I DPA PIPEDA Privacy Shield State legislation mix of Federal and State legislation
© Interaktiv GmbH 8 |
© Interaktiv GmbH 9 |
© Interaktiv GmbH 10 |
© Interaktiv GmbH 11 |
© Interaktiv GmbH 12 | DIFFERENT APPROACHES TO PRIVACY Opt-in Opt-out Personal Data Ownership Data belongs to the service provider Hard law Soft law Centralized Privacy as as part of other law subjects Privacy as a matter of law Decentralized Trust in government Trust in business
29.01.2018 © Interaktiv GmbH 13 | Source: https://www.nytimes.com/2018/09/28/technology/facebook- hack-data-breach.html Source: http://time.com/5421850/facebook-google-internet-bill-of-rights/
29.01.2018 © Interaktiv GmbH 14 | Internet Bill of Rights transparency, privacy, control, notification, N net neutrality, competition, accountability
What follows from those different approaches for a global open source community? © Interaktiv GmbH 15 |
© Interaktiv GmbH 16 | Source: https://trends.builtwith.com/ cms/open-source
How can we ensure that we are the good guys?  Awareness  Privacy as an opportunity  Privacy as a differentiator Universal privacy standards? © Interaktiv GmbH 17 | COMMUNITY RESPONSIBILITY
Privacy experience in open source CMS communities © Interaktiv GmbH 18 |
Data minimisation Data integrity Purpose minimisation Lifecycle limitation Human and technical security measures Transparency and notice User participation and rights Accountability, enforcement, and redress Choice, control, and consent Special categories of data Legal compliance “A collaborative best-practice approach to privacy in open source development outside specific regulations and laws. “ © Interaktiv GmbH 19 | PRIVACY IN OTHER OPEN SOURCE COMMUNITIES Source: https://github.com/webdevlaw/open-source-privacy-standards
1. Data minimisation Restrict the collection and processing of data to the minimum amount necessary; restrict access to data to the minimum amount of people and systems necessary; do not duplicate or aggregate data by default. 2. Data integrity Ensure that the data collected and processed is correct, relevant, and up-to-date, especially if inaccurate or poor data could adversely impact the user; 3. Purpose minimisation Only collect and process personal data for the purpose it was intended for, and for which the user was clearly informed of in advance; 4. Lifecycle limitation Do not use personal data for other purposes, either active or potential. Delete data which is no longer needed, both in active use and in archives, by both the recipient and any third parties. Delete unnecessary data on a regular basis. Do not share data with others at any point its lifecycle without a justified reason and user consent. 5. Human and technical security measures Take adequate information security measures to protect the data from misuse and its subjects from harm. These measures must be technical (systems, software, code) as well as human (staff training, guidelines, and supervision). 6. Transparency and notice Inform users how their data is being collected, processed, and shared; inform users what rights and choices they have over those uses; make your privacy standards public and accountable. 7. User participation and rights Give users rights to access their data, download data, correct errors, and to control your collection and processing of it; give users the ability to ask you to stop using their data and to delete their accounts. 8. Accountability, enforcement, and redress Document your collection and processing of data; protect it in transit to and from third parties; prevent misuse and breaches as much as is possible. Fix problems when things go wrong, provide redress when data is misused, leaked, or breached; be morally and legally accountable to regulatory systems. 9. Choice, control, and consent Give users and visitors choices and options over your uses of their data; require clear, specific, and informed opt-in; inform users of changes in uses and processing; give people access to their options and rights at any time through settings and control panels. 10. Special categories of data Take extra technical and human security measures to safeguard sensitive data which could result in the people it is about being hurt. This may include information about a person's race, religion, health, sexuality, location, genetic/biometric information, etc. 11. Legal compliance Ensure that the work meets the privacy regulations of the location where it will be used to collect and process people’s data. Work cooperatively and productively with regulations, laws, and supervisory bodies. © Interaktiv GmbH 20 | UNIVERSAL PRIVACY PRINCIPALS Source: https://github.com/webdevlaw/open-source-privacy-standards
Privacy Impact Assessments (PIAs) are the first step in a Privacy by Design (PbD) approach to development. A PIA is the process by which questions about data collection, processing, sharing, storage, and access are asked before the work has begun. Data collection and retention What personal data is processed? How is that data collected and retained? Is the data stored locally, on our servers, or both? For how long is data stored, and when is the data deleted? Is the data collection and processing specified, explicit, and legitimate? What is the process for granting consent for the data processing, and is consent explicit and verifiable? What is the basis of the consent for the data processing? If not based on consent, what is the legal basis for the data processing? Is the data minimized to what is explicitly required? Is the data accurate and kept up to date? How are users informed about the data processing? What controls do users have over the data collection and retention? Technical and security measures Is the data encrypted? Is the data anonymized or pseudonymized? Is the data backed up? What are the technical and security measures at the host location? Personnel Who has access to the data? What data protection training have those individuals received? What security measures do those individuals work with? What data breach notification and alert procedures are in place? What procedures are in place for government requests? Subject access rights How does the data subject exercise their access rights? How does the data subject exercise their right to data portability? How does the data subject exercise their rights to erasure and the right to be forgotten? How does the data subject exercise their right to restrict and object? Legal Are the obligations of all data processors, including subcontractors, covered by a contract? If the data is transferred outside the European Union, what are the protective measures and safeguards? Risks What are the risks to the data subjects if the data is misused, mis-accessed, or breached? What are the risks to the data subjects if the data is modified? What are the risks to the data subjects if the data is lost? What are the main sources of risk? What steps have been taken to mitigate those risks? © Interaktiv GmbH 21 | PRIVACY IMPACT ASSESSMENTS Source: https://github.com/webdevlaw/open-source-privacy-standards
 GDPR Compliance Team  Privacy roadmap: https://make.wordpress.org/core/roadmap/privacy  Wordpress core is GDPR compliant: privacy notice, data export, data  Privacy by Design approach  Documentation and resources for developers: guidelines on how to  Resources for site administrators why privacy matters and what to do  Resources for plugin developers: https://developer.wordpress.org/plugins/privacy/ © Interaktiv GmbH 22 | PRIVACY IN OTHER OPEN SOURCE COMMUNITIES
29.01.2018 © Interaktiv GmbH 23 |
29.01.2018 © Interaktiv GmbH 24 |
 Drupal GDPR Compliance Team  Documentation about (more than 20) Drupal software tools for GDPR compliance  6 talks about privacy at Drupal Europe conference this year © Interaktiv GmbH 25 | PRIVACY IN OTHER OPEN SOURCE COMMUNITIES
 Privacy tool suite: https://docs.joomla.org/J3.x:Privacy  Privacy Dashboard, Health Check, Plugins for Privacy Consent, Terms and Conditions  Documentation for developers  Github: „Collaboration space to work on a privacy framework for Joomla” - 580 contributors - https://github.com/joomla-projects/privacy-framework  Marketing! © Interaktiv GmbH 26 | PRIVACY IN OTHER OPEN SOURCE COMMUNITIES
© Interaktiv GmbH 27 |
Privacy experience in Plone © Interaktiv GmbH 28 |
© Interaktiv GmbH 29 |
© Interaktiv GmbH 30 |
© Interaktiv GmbH 31 |
© Interaktiv GmbH 32 | Thursday, 15:20 Matthew Wilkes Privacy best practice and Plon
Done  https://github.com/collective/collective.privacy  … probably many individual code snippets for cookie consent notices… © Interaktiv GmbH 33 | PRIVACY IN PLONE DEVELOPMENT Some suggestions for discussion  Assessment: What is the status of privacy in Plone core?  Guidance: Should development documentation include privacy?  Adhere to privacy best practices and follow Privacy by Design principals  Features: Develop more privacy features: data export, data erasure, privacy notice, …  Products: What about plugins/products and themes?  Roadmap?
Proactive not reactive; preventive not remedial Privacy as the default Privacy embedded into design Full functionality —postive-sum, not zero-sum End-to-end security—lifecycle protection Visibility and transparency Respect for user privacy © Interaktiv GmbH 34 | PRINCIPLES OF PRIVACY BY DESIGN Privacy by Design Read on: https://medium.com/searchencrypt/7-principles-of-privacy-by-design- 8a0f16d1f9ce
© Interaktiv GmbH 35 | PRIVACY IN PLONE COMMUNICATION AND MARKETING Done Some suggestions for discussion  Talk about Privacy on plone.com, plone.org, Community.plone.org  Documentation  Privacy statement like Accessiblity statement in vanilla Plone  Conference talks  Promote privacy as a positive cultural value instead of a legal constraint  Use transparency and privacy as a differentiator – we are the good guys!
© Interaktiv GmbH 36 | PRIVACY IN PLONE COMMUNITY WORK Some suggestions for discussion  People!  Interested in an Open Space?  Sprint work?  Can we join forces with other communities? Done ?
We are the good guys – let’s show it to the world. © Interaktiv GmbH 37 | PRIVACY PRIORITIES
You‘ll find this presentation on Slideshare. © Interaktiv GmbH 38 | THANK YOU zell@interaktiv.de #InteraktivKoeln https://www.linkedin.com/in/joergzell/ https://www.linkedin.com/company/interaktiv-gmbh https://www.xing.com/profile/Joerg_Zell/ https://www.xing.com/companies/interaktivgmbh By e-mail: On Twitter: At LinkedIn: At XING: Contact me

Empfohlen

GDPR practical info session for development
GDPR practical info session for developmentGDPR practical info session for development
GDPR practical info session for developmentTomppa Järvinen
 
Information security and research data
Information security and research dataInformation security and research data
Information security and research dataTomppa Järvinen
 
How to implement gdpr in your document repository
How to implement gdpr in your document repository How to implement gdpr in your document repository
How to implement gdpr in your document repository XeniT Solutions nv
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetupIshay Tentser
 
Data Privacy
Data PrivacyData Privacy
Data Privacycliff_rudolph
 
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Ted Myerson
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacyrajab ssemwogerere
 
Privacy by design for startups: legal and technology
Privacy by design for startups: legal and technologyPrivacy by design for startups: legal and technology
Privacy by design for startups: legal and technologyIshay Tentser
 

Empfohlen

GDPR practical info session for development
GDPR practical info session for developmentGDPR practical info session for development
GDPR practical info session for developmentTomppa Järvinen
 
Information security and research data
Information security and research dataInformation security and research data
Information security and research dataTomppa Järvinen
 
How to implement gdpr in your document repository
How to implement gdpr in your document repository How to implement gdpr in your document repository
How to implement gdpr in your document repository XeniT Solutions nv
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetupIshay Tentser
 
Data Privacy
Data PrivacyData Privacy
Data Privacycliff_rudolph
 
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Ted Myerson
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacyrajab ssemwogerere
 
Privacy by design for startups: legal and technology
Privacy by design for startups: legal and technologyPrivacy by design for startups: legal and technology
Privacy by design for startups: legal and technologyIshay Tentser
 
Data Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRData Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRJohn M Walsh
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPRPaul O'Carroll
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for TechiesLilian Edwards
 
GDPR and Irish SMEs May 2017
GDPR and Irish SMEs May 2017GDPR and Irish SMEs May 2017
GDPR and Irish SMEs May 2017Amarach Research
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM TyszkaJean-Michel Tyszka
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR ComplianceDATAVERSITY
 
#HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance #HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance Dovetail Software
 
Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Peter Procházka
 
Jisc GDPR conference
Jisc GDPR conferenceJisc GDPR conference
Jisc GDPR conferenceJisc
 
S719a
S719aS719a
S719aecommerce
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Praveenkumar Hosangadi
 
Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Acquia
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationIBM Security
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?Frederick Penaud
 
3GRC approach to GDPR V 0.1 www.3grc.co.uk
3GRC approach to GDPR V 0.1 www.3grc.co.uk3GRC approach to GDPR V 0.1 www.3grc.co.uk
3GRC approach to GDPR V 0.1 www.3grc.co.uk►David Clarke FBCS CITP
 
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Constantine Karbaliotis
 
Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Trish McGinity, CCSK
 
Setting the right GDPR priorities
Setting the right GDPR prioritiesSetting the right GDPR priorities
Setting the right GDPR prioritiesAlberto Canadè
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessSirius
 

Weitere ähnliche Inhalte

Was ist angesagt?

Data Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRData Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRJohn M Walsh
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPRPaul O'Carroll
 
GDPR and Irish SMEs May 2017
GDPR and Irish SMEs May 2017GDPR and Irish SMEs May 2017
GDPR and Irish SMEs May 2017Amarach Research
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR ComplianceDATAVERSITY
 
#HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance #HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance Dovetail Software
 
Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Peter Procházka
 
Jisc GDPR conference
Jisc GDPR conferenceJisc GDPR conference
Jisc GDPR conferenceJisc
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Praveenkumar Hosangadi
 
Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Acquia
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationIBM Security
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?Frederick Penaud
 
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Constantine Karbaliotis
 
Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Trish McGinity, CCSK
 

Was ist angesagt? (20)

Data Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRData Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPR
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
 
GDPR and Irish SMEs May 2017
GDPR and Irish SMEs May 2017GDPR and Irish SMEs May 2017
GDPR and Irish SMEs May 2017
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM Tyszka
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR Compliance
 
#HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance #HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance
 
Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...
 
Jisc GDPR conference
Jisc GDPR conferenceJisc GDPR conference
Jisc GDPR conference
 
S719a
S719aS719a
S719a
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
 
Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!
 
Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity Legislation
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
 
GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?
 
3GRC approach to GDPR V 0.1 www.3grc.co.uk
3GRC approach to GDPR V 0.1 www.3grc.co.uk3GRC approach to GDPR V 0.1 www.3grc.co.uk
3GRC approach to GDPR V 0.1 www.3grc.co.uk
 
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
Getting to Accountability Karbaliotis and Patrikios-Oct 22 2015
 
Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17
 

Ähnlich wie Privacy experience in Plone and other open source CMS

Setting the right GDPR priorities
Setting the right GDPR prioritiesSetting the right GDPR priorities
Setting the right GDPR prioritiesAlberto Canadè
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessSirius
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR ComplianceGabor Farkas
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessSirius
 
GDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewGDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewErnest Staats
 
DATA PROTECTION IMPACT ASSESSMENT TEMPLATE (ODPC).docx
DATA PROTECTION IMPACT ASSESSMENT TEMPLATE (ODPC).docxDATA PROTECTION IMPACT ASSESSMENT TEMPLATE (ODPC).docx
DATA PROTECTION IMPACT ASSESSMENT TEMPLATE (ODPC).docxSteveNgigi2
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
Privacy and Data Security | Data Collection | Social Media
Privacy and Data Security | Data Collection | Social MediaPrivacy and Data Security | Data Collection | Social Media
Privacy and Data Security | Data Collection | Social Mediadevbhargav1
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalDr. Donald Macfarlane
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalDr. Donald Macfarlane
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Privacy by design Austin Chambers 11-9-17
Privacy by design Austin Chambers 11-9-17Privacy by design Austin Chambers 11-9-17
Privacy by design Austin Chambers 11-9-17Janelle RW Hsia
 
Gain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldQualys
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationcaniceconsulting
 
Automatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy StandardsAutomatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy Standardsautomatskicorporation
 
Bring your own device guidance
Bring your own device guidanceBring your own device guidance
Bring your own device guidanceGary Chambers
 
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...e-SIDES.eu
 
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...IDC4EU
 

Ähnlich wie Privacy experience in Plone and other open source CMS (20)

Setting the right GDPR priorities
Setting the right GDPR prioritiesSetting the right GDPR priorities
Setting the right GDPR priorities
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
 
Data privacy & social media
Data privacy & social mediaData privacy & social media
Data privacy & social media
 
GDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewGDPR Benefits and a Technical Overview
GDPR Benefits and a Technical Overview
 
DATA PROTECTION IMPACT ASSESSMENT TEMPLATE (ODPC).docx
DATA PROTECTION IMPACT ASSESSMENT TEMPLATE (ODPC).docxDATA PROTECTION IMPACT ASSESSMENT TEMPLATE (ODPC).docx
DATA PROTECTION IMPACT ASSESSMENT TEMPLATE (ODPC).docx
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
 
Privacy and Data Security | Data Collection | Social Media
Privacy and Data Security | Data Collection | Social MediaPrivacy and Data Security | Data Collection | Social Media
Privacy and Data Security | Data Collection | Social Media
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-final
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
Privacy by design Austin Chambers 11-9-17
Privacy by design Austin Chambers 11-9-17Privacy by design Austin Chambers 11-9-17
Privacy by design Austin Chambers 11-9-17
 
Gain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless World
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
 
Automatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy StandardsAutomatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy Standards
 
Bring your own device guidance
Bring your own device guidanceBring your own device guidance
Bring your own device guidance
 
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
 
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
 

Mehr von Interaktiv

Making new work work
Making new work workMaking new work work
Making new work workInteraktiv
 
The state of Plone performance
The state of Plone performanceThe state of Plone performance
The state of Plone performanceInteraktiv
 
Game of Plones
Game of PlonesGame of Plones
Game of PlonesInteraktiv
 
The Future of Plone: Thoughts from a Marketing Perspective
The Future of Plone: Thoughts from a Marketing PerspectiveThe Future of Plone: Thoughts from a Marketing Perspective
The Future of Plone: Thoughts from a Marketing PerspectiveInteraktiv
 
Personalized content delivery with plone
Personalized content delivery with plonePersonalized content delivery with plone
Personalized content delivery with ploneInteraktiv
 
Lost in migration
Lost in migrationLost in migration
Lost in migrationInteraktiv
 

Mehr von Interaktiv (6)

Making new work work
Making new work workMaking new work work
Making new work work
 
The state of Plone performance
The state of Plone performanceThe state of Plone performance
The state of Plone performance
 
Game of Plones
Game of PlonesGame of Plones
Game of Plones
 
The Future of Plone: Thoughts from a Marketing Perspective
The Future of Plone: Thoughts from a Marketing PerspectiveThe Future of Plone: Thoughts from a Marketing Perspective
The Future of Plone: Thoughts from a Marketing Perspective
 
Personalized content delivery with plone
Personalized content delivery with plonePersonalized content delivery with plone
Personalized content delivery with plone
 
Lost in migration
Lost in migrationLost in migration
Lost in migration
 

Kürzlich hochgeladen

VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Standkumarajju5765
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$kojalkojal131
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 

Kürzlich hochgeladen (20)

VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 

Privacy experience in Plone and other open source CMS

  • 1. Jörg Zell Interaktiv GmbH www.interaktiv.de We are the good guys – aren`t we? Privacy Experience in Plone and other Open Source CMS
  • 2. Why does privacy matter? © Interaktiv GmbH 2 |
  • 3. © Interaktiv GmbH 3 | PRIVACY IS ONE PART OF USER EXPERIENCE User Experience User Design Usability Privacy Many more..Security Accessability Performance
  • 4. © Interaktiv GmbH 4 | Source: https://www.statista.com/statistics/290525/cyber-crime-biggest-online-data-breaches- worldwide/
  • 5. Examples of recent privacy issues  Facebook Security Breach in September 2018 50 Millon accounts compromised  Facebook-Cambridge Analytica scandal $134b loss in market value  Yahoo: 250.000 pound fine in June 2018 over breach „ Yahoo failed to take appropriate technical and organizational measures“  Credit-monitoring company Equifax 2017 data More than half of Americans affected © Interaktiv GmbH 5 | WHY PRIVACY MATTERS Equifax data breach in numbers
  • 6. Privacy experience is a global trend © Interaktiv GmbH 6 |
  • 7. © Interaktiv GmbH 7 | GDP R Source: https://www.dlapiperdataprotection.com/index.html APP I DPA PIPEDA Privacy Shield State legislation mix of Federal and State legislation
  • 12. © Interaktiv GmbH 12 | DIFFERENT APPROACHES TO PRIVACY Opt-in Opt-out Personal Data Ownership Data belongs to the service provider Hard law Soft law Centralized Privacy as as part of other law subjects Privacy as a matter of law Decentralized Trust in government Trust in business
  • 13. 29.01.2018 © Interaktiv GmbH 13 | Source: https://www.nytimes.com/2018/09/28/technology/facebook- hack-data-breach.html Source: http://time.com/5421850/facebook-google-internet-bill-of-rights/
  • 14. 29.01.2018 © Interaktiv GmbH 14 | Internet Bill of Rights transparency, privacy, control, notification, N net neutrality, competition, accountability
  • 15. What follows from those different approaches for a global open source community? © Interaktiv GmbH 15 |
  • 16. © Interaktiv GmbH 16 | Source: https://trends.builtwith.com/ cms/open-source
  • 17. How can we ensure that we are the good guys?  Awareness  Privacy as an opportunity  Privacy as a differentiator Universal privacy standards? © Interaktiv GmbH 17 | COMMUNITY RESPONSIBILITY
  • 18. Privacy experience in open source CMS communities © Interaktiv GmbH 18 |
  • 19. Data minimisation Data integrity Purpose minimisation Lifecycle limitation Human and technical security measures Transparency and notice User participation and rights Accountability, enforcement, and redress Choice, control, and consent Special categories of data Legal compliance “A collaborative best-practice approach to privacy in open source development outside specific regulations and laws. “ © Interaktiv GmbH 19 | PRIVACY IN OTHER OPEN SOURCE COMMUNITIES Source: https://github.com/webdevlaw/open-source-privacy-standards
  • 20. 1. Data minimisation Restrict the collection and processing of data to the minimum amount necessary; restrict access to data to the minimum amount of people and systems necessary; do not duplicate or aggregate data by default. 2. Data integrity Ensure that the data collected and processed is correct, relevant, and up-to-date, especially if inaccurate or poor data could adversely impact the user; 3. Purpose minimisation Only collect and process personal data for the purpose it was intended for, and for which the user was clearly informed of in advance; 4. Lifecycle limitation Do not use personal data for other purposes, either active or potential. Delete data which is no longer needed, both in active use and in archives, by both the recipient and any third parties. Delete unnecessary data on a regular basis. Do not share data with others at any point its lifecycle without a justified reason and user consent. 5. Human and technical security measures Take adequate information security measures to protect the data from misuse and its subjects from harm. These measures must be technical (systems, software, code) as well as human (staff training, guidelines, and supervision). 6. Transparency and notice Inform users how their data is being collected, processed, and shared; inform users what rights and choices they have over those uses; make your privacy standards public and accountable. 7. User participation and rights Give users rights to access their data, download data, correct errors, and to control your collection and processing of it; give users the ability to ask you to stop using their data and to delete their accounts. 8. Accountability, enforcement, and redress Document your collection and processing of data; protect it in transit to and from third parties; prevent misuse and breaches as much as is possible. Fix problems when things go wrong, provide redress when data is misused, leaked, or breached; be morally and legally accountable to regulatory systems. 9. Choice, control, and consent Give users and visitors choices and options over your uses of their data; require clear, specific, and informed opt-in; inform users of changes in uses and processing; give people access to their options and rights at any time through settings and control panels. 10. Special categories of data Take extra technical and human security measures to safeguard sensitive data which could result in the people it is about being hurt. This may include information about a person's race, religion, health, sexuality, location, genetic/biometric information, etc. 11. Legal compliance Ensure that the work meets the privacy regulations of the location where it will be used to collect and process people’s data. Work cooperatively and productively with regulations, laws, and supervisory bodies. © Interaktiv GmbH 20 | UNIVERSAL PRIVACY PRINCIPALS Source: https://github.com/webdevlaw/open-source-privacy-standards
  • 21. Privacy Impact Assessments (PIAs) are the first step in a Privacy by Design (PbD) approach to development. A PIA is the process by which questions about data collection, processing, sharing, storage, and access are asked before the work has begun. Data collection and retention What personal data is processed? How is that data collected and retained? Is the data stored locally, on our servers, or both? For how long is data stored, and when is the data deleted? Is the data collection and processing specified, explicit, and legitimate? What is the process for granting consent for the data processing, and is consent explicit and verifiable? What is the basis of the consent for the data processing? If not based on consent, what is the legal basis for the data processing? Is the data minimized to what is explicitly required? Is the data accurate and kept up to date? How are users informed about the data processing? What controls do users have over the data collection and retention? Technical and security measures Is the data encrypted? Is the data anonymized or pseudonymized? Is the data backed up? What are the technical and security measures at the host location? Personnel Who has access to the data? What data protection training have those individuals received? What security measures do those individuals work with? What data breach notification and alert procedures are in place? What procedures are in place for government requests? Subject access rights How does the data subject exercise their access rights? How does the data subject exercise their right to data portability? How does the data subject exercise their rights to erasure and the right to be forgotten? How does the data subject exercise their right to restrict and object? Legal Are the obligations of all data processors, including subcontractors, covered by a contract? If the data is transferred outside the European Union, what are the protective measures and safeguards? Risks What are the risks to the data subjects if the data is misused, mis-accessed, or breached? What are the risks to the data subjects if the data is modified? What are the risks to the data subjects if the data is lost? What are the main sources of risk? What steps have been taken to mitigate those risks? © Interaktiv GmbH 21 | PRIVACY IMPACT ASSESSMENTS Source: https://github.com/webdevlaw/open-source-privacy-standards
  • 22.  GDPR Compliance Team  Privacy roadmap: https://make.wordpress.org/core/roadmap/privacy  Wordpress core is GDPR compliant: privacy notice, data export, data  Privacy by Design approach  Documentation and resources for developers: guidelines on how to  Resources for site administrators why privacy matters and what to do  Resources for plugin developers: https://developer.wordpress.org/plugins/privacy/ © Interaktiv GmbH 22 | PRIVACY IN OTHER OPEN SOURCE COMMUNITIES
  • 25.  Drupal GDPR Compliance Team  Documentation about (more than 20) Drupal software tools for GDPR compliance  6 talks about privacy at Drupal Europe conference this year © Interaktiv GmbH 25 | PRIVACY IN OTHER OPEN SOURCE COMMUNITIES
  • 26.  Privacy tool suite: https://docs.joomla.org/J3.x:Privacy  Privacy Dashboard, Health Check, Plugins for Privacy Consent, Terms and Conditions  Documentation for developers  Github: „Collaboration space to work on a privacy framework for Joomla” - 580 contributors - https://github.com/joomla-projects/privacy-framework  Marketing! © Interaktiv GmbH 26 | PRIVACY IN OTHER OPEN SOURCE COMMUNITIES
  • 28. Privacy experience in Plone © Interaktiv GmbH 28 |
  • 32. © Interaktiv GmbH 32 | Thursday, 15:20 Matthew Wilkes Privacy best practice and Plon
  • 33. Done  https://github.com/collective/collective.privacy  … probably many individual code snippets for cookie consent notices… © Interaktiv GmbH 33 | PRIVACY IN PLONE DEVELOPMENT Some suggestions for discussion  Assessment: What is the status of privacy in Plone core?  Guidance: Should development documentation include privacy?  Adhere to privacy best practices and follow Privacy by Design principals  Features: Develop more privacy features: data export, data erasure, privacy notice, …  Products: What about plugins/products and themes?  Roadmap?
  • 34. Proactive not reactive; preventive not remedial Privacy as the default Privacy embedded into design Full functionality —postive-sum, not zero-sum End-to-end security—lifecycle protection Visibility and transparency Respect for user privacy © Interaktiv GmbH 34 | PRINCIPLES OF PRIVACY BY DESIGN Privacy by Design Read on: https://medium.com/searchencrypt/7-principles-of-privacy-by-design- 8a0f16d1f9ce
  • 35. © Interaktiv GmbH 35 | PRIVACY IN PLONE COMMUNICATION AND MARKETING Done Some suggestions for discussion  Talk about Privacy on plone.com, plone.org, Community.plone.org  Documentation  Privacy statement like Accessiblity statement in vanilla Plone  Conference talks  Promote privacy as a positive cultural value instead of a legal constraint  Use transparency and privacy as a differentiator – we are the good guys!
  • 36. © Interaktiv GmbH 36 | PRIVACY IN PLONE COMMUNITY WORK Some suggestions for discussion  People!  Interested in an Open Space?  Sprint work?  Can we join forces with other communities? Done ?
  • 37. We are the good guys – let’s show it to the world. © Interaktiv GmbH 37 | PRIVACY PRIORITIES
  • 38. You‘ll find this presentation on Slideshare. © Interaktiv GmbH 38 | THANK YOU zell@interaktiv.de #InteraktivKoeln https://www.linkedin.com/in/joergzell/ https://www.linkedin.com/company/interaktiv-gmbh https://www.xing.com/profile/Joerg_Zell/ https://www.xing.com/companies/interaktivgmbh By e-mail: On Twitter: At LinkedIn: At XING: Contact me

Hinweis der Redaktion

  1. 5
  2. 6
  3. 7
  4. 8
  5. 11
  6. 12
  7. 13
  8. 14
  9. 15
  10. 16
  11. 17
  12. 18
  13. 19
  14. 20
  15. 21
  16. 22
  17. 25
  18. 26
  19. 27
  20. 28
  21. 29
  22. 30
  23. 31
  24. 32
  25. 33
  26. 34
  27. 35
  28. 36
  29. 37
  30. 38