SlideShare ist ein Scribd-Unternehmen logo

Ipen 2019 roma status of privacy engineering standardisation v2

Als PPTX, PDF herunterladen
Privacy Data Protection for Engineering
Privacy Data Protection for Engineering

Presentation about the standards related and applied to Privacy engineering.

Technologie
1 von 23
Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Status of Privacy Engineering Standardisation Antonio Kung Trialog, 25 rue du Général Foy 75008 Paris antonio.kung@trialog.com 12 June 2019 Status of privacy engineering standardisation Slide 1
Outline Speaker Ecosystem viewpoint: big change in standardisation Privacy engineering: new standards in the pipe IPEN in the loop: recommendation for best practice sharing on privacy engineering 12 June 2019 Status of privacy engineering standardisation Slide 2
Speaker Engineering background Coordinator PRIPARE (pripareproject.eu) 2013-2015  Liaison with ISO/IEC JTC1/SC27/WG5  Member of OASIS (Privacy Management Reference Model - PMRM) Active participation in privacy standards Privacy by design principles  Privacy by design for consumer goods and services (ISO 31700) Privacy engineering  Privacy engineering (ISO/IEC 27550 – to be published)  Big data – Security and privacy fabric (ISO/IEC 20547-4)  Smart cities - Privacy guidelines for smart cities (ISO/IEC 27570)  IoT - Security and privacy guidelines for IoT (ISO/IEC 27030 )  Privacy preference management (ISO/IEC 27556)  Privacy engineering models - study 12 June 2019 Status of privacy engineering standardisation Slide 3
Administrator of IPEN wiki 12 June 2019 Status of privacy engineering standardisation Slide 4
Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering The ecosystem viewpoint 12 June 2019 Status of privacy engineering standardisation Slide 5
The Ecosystem Viewpoint Security Privacy Trust SafetySmart grid Transport Health Smart Cities Big data IoT Ecosystems Domains ConcernsStakeholders Citizens Business Policy makers Block chain Auto- nomous systems AI Technologies 12 June 2019 Status of privacy engineering standardisation Slide 6
An Integration Issue of Transversal Concern: Example of Security and Privacy 27550 Privacy engineering 20889 Privacy enhancing data de-identification techniques 27001 Information security management systems — Requirements 27005 Information security risk management 27009 Sector-specific application of 27001 – Requirements 27552 Extension to 27001/27002 for privacy management – Requirements and guidelines 29151 Code of practice for personally identifiable information protection 29100 Privacy framework 29134 Privacy impact assessment - Guidelines 27002 Code of practice for information security controls Lifecycle engineering Control design Risk analysis Requirement Privacy Security Privacy Security Privacy Security Privacy Security 27101 Guidelines for cybersecurity framework 12 June 2019 Status of privacy engineering standardisation Slide 7 31700 Privacy-by-design for consumer goods and services
Trends in Standards: Ecosystem Guidance 12 June 2019 Status of privacy engineering standardisation Slide 8 ISO/IEC 30141 IoT Reference Architecture ISO/IEC 20547-3 Big data Reference Architecture ISO/IEC 17789 Cloud computing Reference Architecture ISO/IEC 23751 Data sharing agreement Cloud service customer Ecosystem guidance Cloud service partner Cloud service provider ISO/IEC 27030 Security and privacy guidelines for IoT Iot user Ecosystem guidance IoT service developer IoT service provider ISO/IEC 20547-4 Big data security and privacy Big data service partner Ecosystem guidance Big data application provider Big data provider Big data consumer Big data framework provider
ISO/IEC 27570 Privacy guidelines for smart cities Five processes Governance Risk management Data exchange Engineering Citizen engagement Ecosystem Governance body Organisation 1 Organisation NOrganisation N 12 June 2019 Status of privacy engineering standardisation Slide 9
Example of 27556 Privacy Preference management 12 June 2019 Status of privacy engineering standardisation Slide 10 Privacy preference manager De- identification PII handling Data transfer control Data source collection Consent Information administration Privacy preference administration Control Rule generation Transparency administration Privacy Preference Manager
What is next? ISO/IEC JTC1 SG6 « Meta Reference Architecture » Workshop Montreal 20-22 August Will gather standard editors on important standards Architecture (system, cloud, big data, IoT, smart city) Cross cutting concern (security, privacy, safety, trust…) Governance and continuous improvement Objective Reach common understanding Define shape of convergent standards Define roadmap 12 June 2019 Status of privacy engineering standardisation Slide 11
Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Privacy engineering standards 12 June 2019 Status of privacy engineering standardisation Slide 12
Current work 12 June 2019 Status of privacy engineering standardisation Slide 13 Principles ISO 37100 Privacy-by-design for consumer goods and services Pending ISO/IEC 29100 Privacy framework Published (free) Mechanism ISO/IEC 20889 Data de-identification terminology and classification of techniques Published ISO/IEC 29184 Online privacy notices and consent Pending Organisation practice ISO/IEC 27550 Privacy engineering for system life cycle processes 2019 ISO/IEC 27552 Privacy information management -- requirements and guidelines 2019 ISO/IEC 27555 Establishing a PII deletion concept in organisations Pending ISO/IEC 27556 User-centric framework for privacy preference management Pending ISO/IEC 29134 Privacy impact assessment guidelines Published ISO/IEC 29151 Code of practice for PII protection Published ISO/IEC 29190 Privacy capability assessment model Published Ecosystem practice ISO/IEC 20547-4 Big data security and privacy Pending ISO/IEC 27030 Security and privacy guidelines for IoT Pending ISO/IEC 27570 Privacy guidelines for smart cities Pending ISO/IEC 23751 Data sharing agreements Pending
Privacy Engineering: Integrating privacy concerns Privacy Privacy Privacy Privacy Privacy Privacy Privacy! 12 June 2019 Status of privacy engineering standardisation Slide 14
Beyond CIA Confidentiality Integrity Availability Unlinkability Intervenability Transparency 12 June 2019 Status of privacy engineering standardisation Slide 15 From ULD: ieee-security.org/TC/SPW2015/IWPE/2.pdf
Privacy threats analysis: LINDDUN https://distrinet.cs.kuleuven.be/software/linddun/catalog.php 12 June 2019 Property Threat Hard privacy Unlinkability Linkability Anonymity Identifiability Plausible deniability Non-repudiation Undetectability and unobservability Detectability Security Confidentiality Disclosure of information Soft Privacy Content awareness Unawareness Policy and consent compliance Non compliance Status of privacy engineering standardisation Slide 16
Design Strategy (J.H.Hoepman) https://www.enisa.europa.eu/publications/privacy-and-data-protection-by-design/at_download/fullReport Design strategy Description Data oriented strategies Minimize Limit as much as possible the processing of PII Separate Distribute or isolate personal data as much as possible, to prevent correlation Abstract Limit as much as possible the detail in which personal data is processed, while still being useful Hide Prevent PII to become public or known. Process oriented strategies Inform Inform PII principals about the processing of PII Control Provide PII principals control about the processing of their PII. Enforce Commit to PII processing in a privacy friendly way, and enforce this Demonstrate Demonstrate that PII is processed in a privacy friendly way. 12 June 2019 Status of privacy engineering standardisation Slide 17
What is next? New standards in the pipe A possible scenario 12 June 2019 Status of privacy engineering standardisation Slide 18 ISO 31700 Privacy by design for consumer goods and services principles 2019 2020 2021 2022 SC27/WG5 study Privacy engineering models Privacy engineering (IS) 27550 Edition 2 (from TR to IS)
Participation to Standardisation Liaison category C with ISO/IEC JTC1/SC27/WG5 12 June 2019 Status of privacy engineering standardisation Slide 19
Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering IPEN in the Loop: Recommendation for best practice sharing on privacy engineering 12 June 2019 Status of privacy engineering standardisation Slide 20
Creating a Virtuous Cycle Best practice sharing on privacy engineering will drive new standards Conditions Community participation  e.g. H2020 cluster of GDPR projects Repository operation Content  Textual information (use case like)  Models Management  Editorial and acceptance process 12 June 2019 Status of privacy engineering standardisation Slide 21 Privacy engineering standards Sharing Privacy engineering Practice Proposal for new standards
PDP4E Contribution to Best Practice Sharing Models for privacy engineering IPR free Guidelines for use Possible contributions Use case for smart grid big data Use case connected vehicles (C-ITS) 12 June 2019 Status of privacy engineering standardisation PDP4E– Slide 22 Repository of models for privacy engineering Models for Lifecycle processes? IPEN community Managed by Models for Risk analysis? Models for Requirements Engineering? Models for Privacy Assurance?
Question? antonio.kung@trialog.com www.trialog.com 12 June 2019 Status of privacy engineering standardisation Slide 23

Empfohlen

Pdp4 e privacy engineering toolkit ipen 2019
Pdp4 e privacy engineering toolkit ipen 2019Pdp4 e privacy engineering toolkit ipen 2019
Pdp4 e privacy engineering toolkit ipen 2019Privacy Data Protection for Engineering
 
Ipen2018
Ipen2018Ipen2018
Ipen2018Privacy Data Protection for Engineering
 
Antonio kung impact of ai on privacy sept 10
Antonio kung impact of ai on privacy sept 10Antonio kung impact of ai on privacy sept 10
Antonio kung impact of ai on privacy sept 10Privacy Data Protection for Engineering
 
Granular or holistic approaches - Antonio Kung
Granular or holistic approaches - Antonio KungGranular or holistic approaches - Antonio Kung
Granular or holistic approaches - Antonio KungPrivacy Data Protection for Engineering
 
Antonio kung - pdp4e privacy engineering oxford sept 9 - v2
Antonio kung - pdp4e privacy engineering oxford sept 9 - v2Antonio kung - pdp4e privacy engineering oxford sept 9 - v2
Antonio kung - pdp4e privacy engineering oxford sept 9 - v2Privacy Data Protection for Engineering
 
Granular or holistic approaches 210126 Alejandra Ruiz
Granular or holistic approaches 210126 Alejandra RuizGranular or holistic approaches 210126 Alejandra Ruiz
Granular or holistic approaches 210126 Alejandra RuizPrivacy Data Protection for Engineering
 
Long term security evolution of ai and data protection antonio kung trialog...
Long term security evolution of ai and data protection antonio kung trialog...Long term security evolution of ai and data protection antonio kung trialog...
Long term security evolution of ai and data protection antonio kung trialog...Privacy Data Protection for Engineering
 
Privacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4EPrivacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4EPrivacy Data Protection for Engineering
 

Empfohlen

Pdp4 e privacy engineering toolkit ipen 2019
Pdp4 e privacy engineering toolkit ipen 2019Pdp4 e privacy engineering toolkit ipen 2019
Pdp4 e privacy engineering toolkit ipen 2019Privacy Data Protection for Engineering
 
Ipen2018
Ipen2018Ipen2018
Ipen2018Privacy Data Protection for Engineering
 
Antonio kung impact of ai on privacy sept 10
Antonio kung impact of ai on privacy sept 10Antonio kung impact of ai on privacy sept 10
Antonio kung impact of ai on privacy sept 10Privacy Data Protection for Engineering
 
Granular or holistic approaches - Antonio Kung
Granular or holistic approaches - Antonio KungGranular or holistic approaches - Antonio Kung
Granular or holistic approaches - Antonio KungPrivacy Data Protection for Engineering
 
Antonio kung - pdp4e privacy engineering oxford sept 9 - v2
Antonio kung - pdp4e privacy engineering oxford sept 9 - v2Antonio kung - pdp4e privacy engineering oxford sept 9 - v2
Antonio kung - pdp4e privacy engineering oxford sept 9 - v2Privacy Data Protection for Engineering
 
Granular or holistic approaches 210126 Alejandra Ruiz
Granular or holistic approaches 210126 Alejandra RuizGranular or holistic approaches 210126 Alejandra Ruiz
Granular or holistic approaches 210126 Alejandra RuizPrivacy Data Protection for Engineering
 
Long term security evolution of ai and data protection antonio kung trialog...
Long term security evolution of ai and data protection antonio kung trialog...Long term security evolution of ai and data protection antonio kung trialog...
Long term security evolution of ai and data protection antonio kung trialog...Privacy Data Protection for Engineering
 
Privacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4EPrivacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4EPrivacy Data Protection for Engineering
 
Wp6 public
Wp6 publicWp6 public
Wp6 publicPrivacy Data Protection for Engineering
 
Dpm presentation
Dpm presentationDpm presentation
Dpm presentationPrivacy Data Protection for Engineering
 
Data Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous VehiclesData Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous Vehiclessulaiman_karim
 
MECATECH, building the Future
MECATECH, building the FutureMECATECH, building the Future
MECATECH, building the FutureAgence du Numérique (AdN)
 
Lightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edgeLightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edgeAgence du Numérique (AdN)
 
Paris wp5 pd-pb_d
Paris wp5 pd-pb_dParis wp5 pd-pb_d
Paris wp5 pd-pb_dPrivacy Data Protection for Engineering
 
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation SystemsTowards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation SystemsAgence du Numérique (AdN)
 
Wp4 tool demonstration_v1
Wp4 tool demonstration_v1Wp4 tool demonstration_v1
Wp4 tool demonstration_v1Privacy Data Protection for Engineering
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)ijwscjournal
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)ijwscjournal
 
Multitel Cybersecurity Projects
Multitel Cybersecurity ProjectsMultitel Cybersecurity Projects
Multitel Cybersecurity ProjectsAgence du Numérique (AdN)
 
Who will buy IOT products and why.
Who will buy IOT products and why.Who will buy IOT products and why.
Who will buy IOT products and why.Atanu Roy Chowdhury
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)ijwscjournal
 
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...Agence du Numérique (AdN)
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)ijwscjournal
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)ijdms
 
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationWeb Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationEryk Budi Pratama
 
e-SIDES workshop at ICT 2018, Vienna 5/12/2018
e-SIDES workshop at ICT 2018, Vienna 5/12/2018e-SIDES workshop at ICT 2018, Vienna 5/12/2018
e-SIDES workshop at ICT 2018, Vienna 5/12/2018e-SIDES.eu
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)albert ca
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)ijdms
 
Privacy Management for Smart Cities
Privacy Management for Smart CitiesPrivacy Management for Smart Cities
Privacy Management for Smart CitiesOpen & Agile Smart Cities
 
UNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiUNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiBL4CKSWAN Srl
 

Weitere ähnliche Inhalte

Was ist angesagt?

Data Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous VehiclesData Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous Vehiclessulaiman_karim
 
Lightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edgeLightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edgeAgence du Numérique (AdN)
 
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation SystemsTowards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation SystemsAgence du Numérique (AdN)
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)ijwscjournal
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)ijwscjournal
 
Who will buy IOT products and why.
Who will buy IOT products and why.Who will buy IOT products and why.
Who will buy IOT products and why.Atanu Roy Chowdhury
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)ijwscjournal
 
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...Agence du Numérique (AdN)
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)ijwscjournal
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)ijdms
 
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationWeb Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationEryk Budi Pratama
 
e-SIDES workshop at ICT 2018, Vienna 5/12/2018
e-SIDES workshop at ICT 2018, Vienna 5/12/2018e-SIDES workshop at ICT 2018, Vienna 5/12/2018
e-SIDES workshop at ICT 2018, Vienna 5/12/2018e-SIDES.eu
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)albert ca
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)ijdms
 

Was ist angesagt? (20)

Wp6 public
Wp6 publicWp6 public
Wp6 public
 
Dpm presentation
Dpm presentationDpm presentation
Dpm presentation
 
Data Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous VehiclesData Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous Vehicles
 
MECATECH, building the Future
MECATECH, building the FutureMECATECH, building the Future
MECATECH, building the Future
 
Lightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edgeLightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edge
 
Paris wp5 pd-pb_d
Paris wp5 pd-pb_dParis wp5 pd-pb_d
Paris wp5 pd-pb_d
 
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation SystemsTowards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
 
Wp4 tool demonstration_v1
Wp4 tool demonstration_v1Wp4 tool demonstration_v1
Wp4 tool demonstration_v1
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
 
Multitel Cybersecurity Projects
Multitel Cybersecurity ProjectsMultitel Cybersecurity Projects
Multitel Cybersecurity Projects
 
Who will buy IOT products and why.
Who will buy IOT products and why.Who will buy IOT products and why.
Who will buy IOT products and why.
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
 
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationWeb Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
 
e-SIDES workshop at ICT 2018, Vienna 5/12/2018
e-SIDES workshop at ICT 2018, Vienna 5/12/2018e-SIDES workshop at ICT 2018, Vienna 5/12/2018
e-SIDES workshop at ICT 2018, Vienna 5/12/2018
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 

Ähnlich wie Ipen 2019 roma status of privacy engineering standardisation v2

UNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiUNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiBL4CKSWAN Srl
 
List of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdfList of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdfDavidMorris296217
 
Tư vấn và đào tạo ISO 27001:2022 phiên bản mới bởi HQC Consulting
Tư vấn và đào tạo ISO 27001:2022 phiên bản mới bởi HQC ConsultingTư vấn và đào tạo ISO 27001:2022 phiên bản mới bởi HQC Consulting
Tư vấn và đào tạo ISO 27001:2022 phiên bản mới bởi HQC ConsultingNguyễn Đăng Quang
 
BSI British Standards Information Governance Workshop Presentation
BSI British Standards Information Governance Workshop Presentation BSI British Standards Information Governance Workshop Presentation
BSI British Standards Information Governance Workshop Presentation BSI British Standards Institution
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...PECB
 
Cyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdfCyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdftoncik
 
SC27 Privacy related projects update
SC27 Privacy related projects update SC27 Privacy related projects update
SC27 Privacy related projects update Yoshihiro Satoh
 
ISO 27701 en GDPR - De perfecte combinatie
ISO 27701 en GDPR - De perfecte combinatie ISO 27701 en GDPR - De perfecte combinatie
ISO 27701 en GDPR - De perfecte combinatie StefanMathuvis
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?PECB
 
Coordination of Threat Analysis in ICT Ecosystems
Coordination of Threat Analysis in ICT EcosystemsCoordination of Threat Analysis in ICT Ecosystems
Coordination of Threat Analysis in ICT EcosystemsITU
 
20200206 privatum privacy after work - notes 3p
20200206 privatum privacy after work - notes 3p20200206 privatum privacy after work - notes 3p
20200206 privatum privacy after work - notes 3pPeter GEELEN ✔
 
Legal and ethical issues (the LLM project)
Legal and ethical issues (the LLM project)Legal and ethical issues (the LLM project)
Legal and ethical issues (the LLM project)long lasting memories
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Sylvain Martinez
 
Policy InformationPolicy Name __________________________ ID _.docx
Policy InformationPolicy Name __________________________ ID _.docxPolicy InformationPolicy Name __________________________ ID _.docx
Policy InformationPolicy Name __________________________ ID _.docxstilliegeorgiana
 
Any Standard is Better Than None: GDPR and the ISO Standards
Any Standard is Better Than None: GDPR and the ISO StandardsAny Standard is Better Than None: GDPR and the ISO Standards
Any Standard is Better Than None: GDPR and the ISO StandardsPECB
 
ISO 27701:2022 Data Privacy New Version Presentation
ISO 27701:2022 Data Privacy New Version PresentationISO 27701:2022 Data Privacy New Version Presentation
ISO 27701:2022 Data Privacy New Version Presentationyogaallworks
 

Ähnlich wie Ipen 2019 roma status of privacy engineering standardisation v2 (20)

Privacy Management for Smart Cities
Privacy Management for Smart CitiesPrivacy Management for Smart Cities
Privacy Management for Smart Cities
 
UNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiUNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - Guasconi
 
List of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdfList of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdf
 
Tư vấn và đào tạo ISO 27001:2022 phiên bản mới bởi HQC Consulting
Tư vấn và đào tạo ISO 27001:2022 phiên bản mới bởi HQC ConsultingTư vấn và đào tạo ISO 27001:2022 phiên bản mới bởi HQC Consulting
Tư vấn và đào tạo ISO 27001:2022 phiên bản mới bởi HQC Consulting
 
BSI British Standards Information Governance Workshop Presentation
BSI British Standards Information Governance Workshop Presentation BSI British Standards Information Governance Workshop Presentation
BSI British Standards Information Governance Workshop Presentation
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
 
Cyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdfCyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdf
 
SC27 Privacy related projects update
SC27 Privacy related projects update SC27 Privacy related projects update
SC27 Privacy related projects update
 
Paris wp5 pd-pb_d_case_study
Paris wp5 pd-pb_d_case_studyParis wp5 pd-pb_d_case_study
Paris wp5 pd-pb_d_case_study
 
ISO 27701 en GDPR - De perfecte combinatie
ISO 27701 en GDPR - De perfecte combinatie ISO 27701 en GDPR - De perfecte combinatie
ISO 27701 en GDPR - De perfecte combinatie
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
 
Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017
 
Coordination of Threat Analysis in ICT Ecosystems
Coordination of Threat Analysis in ICT EcosystemsCoordination of Threat Analysis in ICT Ecosystems
Coordination of Threat Analysis in ICT Ecosystems
 
20200206 privatum privacy after work - notes 3p
20200206 privatum privacy after work - notes 3p20200206 privatum privacy after work - notes 3p
20200206 privatum privacy after work - notes 3p
 
Legal and ethical issues (the LLM project)
Legal and ethical issues (the LLM project)Legal and ethical issues (the LLM project)
Legal and ethical issues (the LLM project)
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
 
Policy InformationPolicy Name __________________________ ID _.docx
Policy InformationPolicy Name __________________________ ID _.docxPolicy InformationPolicy Name __________________________ ID _.docx
Policy InformationPolicy Name __________________________ ID _.docx
 
2019 04-08 hopu-aj
2019 04-08 hopu-aj2019 04-08 hopu-aj
2019 04-08 hopu-aj
 
Any Standard is Better Than None: GDPR and the ISO Standards
Any Standard is Better Than None: GDPR and the ISO StandardsAny Standard is Better Than None: GDPR and the ISO Standards
Any Standard is Better Than None: GDPR and the ISO Standards
 
ISO 27701:2022 Data Privacy New Version Presentation
ISO 27701:2022 Data Privacy New Version PresentationISO 27701:2022 Data Privacy New Version Presentation
ISO 27701:2022 Data Privacy New Version Presentation
 

Mehr von Privacy Data Protection for Engineering

Mehr von Privacy Data Protection for Engineering (7)

Wp4 overall approach_v1
Wp4 overall approach_v1Wp4 overall approach_v1
Wp4 overall approach_v1
 
Wp5 overall approach_3-pd_pbdmodules_v4
Wp5 overall approach_3-pd_pbdmodules_v4Wp5 overall approach_3-pd_pbdmodules_v4
Wp5 overall approach_3-pd_pbdmodules_v4
 
Wp6 workshop 10_march2020
Wp6 workshop 10_march2020Wp6 workshop 10_march2020
Wp6 workshop 10_march2020
 
Pdp4 e forum
Pdp4 e forumPdp4 e forum
Pdp4 e forum
 
Wp4 ws cea2020
Wp4 ws cea2020Wp4 ws cea2020
Wp4 ws cea2020
 
Beawre pitch
Beawre pitchBeawre pitch
Beawre pitch
 
Pdp4e IPEN-2019
Pdp4e IPEN-2019Pdp4e IPEN-2019
Pdp4e IPEN-2019
 

Kürzlich hochgeladen

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 

Kürzlich hochgeladen (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 

Ipen 2019 roma status of privacy engineering standardisation v2

  • 1. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Status of Privacy Engineering Standardisation Antonio Kung Trialog, 25 rue du Général Foy 75008 Paris antonio.kung@trialog.com 12 June 2019 Status of privacy engineering standardisation Slide 1
  • 2. Outline Speaker Ecosystem viewpoint: big change in standardisation Privacy engineering: new standards in the pipe IPEN in the loop: recommendation for best practice sharing on privacy engineering 12 June 2019 Status of privacy engineering standardisation Slide 2
  • 3. Speaker Engineering background Coordinator PRIPARE (pripareproject.eu) 2013-2015  Liaison with ISO/IEC JTC1/SC27/WG5  Member of OASIS (Privacy Management Reference Model - PMRM) Active participation in privacy standards Privacy by design principles  Privacy by design for consumer goods and services (ISO 31700) Privacy engineering  Privacy engineering (ISO/IEC 27550 – to be published)  Big data – Security and privacy fabric (ISO/IEC 20547-4)  Smart cities - Privacy guidelines for smart cities (ISO/IEC 27570)  IoT - Security and privacy guidelines for IoT (ISO/IEC 27030 )  Privacy preference management (ISO/IEC 27556)  Privacy engineering models - study 12 June 2019 Status of privacy engineering standardisation Slide 3
  • 4. Administrator of IPEN wiki 12 June 2019 Status of privacy engineering standardisation Slide 4
  • 5. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering The ecosystem viewpoint 12 June 2019 Status of privacy engineering standardisation Slide 5
  • 6. The Ecosystem Viewpoint Security Privacy Trust SafetySmart grid Transport Health Smart Cities Big data IoT Ecosystems Domains ConcernsStakeholders Citizens Business Policy makers Block chain Auto- nomous systems AI Technologies 12 June 2019 Status of privacy engineering standardisation Slide 6
  • 7. An Integration Issue of Transversal Concern: Example of Security and Privacy 27550 Privacy engineering 20889 Privacy enhancing data de-identification techniques 27001 Information security management systems — Requirements 27005 Information security risk management 27009 Sector-specific application of 27001 – Requirements 27552 Extension to 27001/27002 for privacy management – Requirements and guidelines 29151 Code of practice for personally identifiable information protection 29100 Privacy framework 29134 Privacy impact assessment - Guidelines 27002 Code of practice for information security controls Lifecycle engineering Control design Risk analysis Requirement Privacy Security Privacy Security Privacy Security Privacy Security 27101 Guidelines for cybersecurity framework 12 June 2019 Status of privacy engineering standardisation Slide 7 31700 Privacy-by-design for consumer goods and services
  • 8. Trends in Standards: Ecosystem Guidance 12 June 2019 Status of privacy engineering standardisation Slide 8 ISO/IEC 30141 IoT Reference Architecture ISO/IEC 20547-3 Big data Reference Architecture ISO/IEC 17789 Cloud computing Reference Architecture ISO/IEC 23751 Data sharing agreement Cloud service customer Ecosystem guidance Cloud service partner Cloud service provider ISO/IEC 27030 Security and privacy guidelines for IoT Iot user Ecosystem guidance IoT service developer IoT service provider ISO/IEC 20547-4 Big data security and privacy Big data service partner Ecosystem guidance Big data application provider Big data provider Big data consumer Big data framework provider
  • 9. ISO/IEC 27570 Privacy guidelines for smart cities Five processes Governance Risk management Data exchange Engineering Citizen engagement Ecosystem Governance body Organisation 1 Organisation NOrganisation N 12 June 2019 Status of privacy engineering standardisation Slide 9
  • 10. Example of 27556 Privacy Preference management 12 June 2019 Status of privacy engineering standardisation Slide 10 Privacy preference manager De- identification PII handling Data transfer control Data source collection Consent Information administration Privacy preference administration Control Rule generation Transparency administration Privacy Preference Manager
  • 11. What is next? ISO/IEC JTC1 SG6 « Meta Reference Architecture » Workshop Montreal 20-22 August Will gather standard editors on important standards Architecture (system, cloud, big data, IoT, smart city) Cross cutting concern (security, privacy, safety, trust…) Governance and continuous improvement Objective Reach common understanding Define shape of convergent standards Define roadmap 12 June 2019 Status of privacy engineering standardisation Slide 11
  • 12. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Privacy engineering standards 12 June 2019 Status of privacy engineering standardisation Slide 12
  • 13. Current work 12 June 2019 Status of privacy engineering standardisation Slide 13 Principles ISO 37100 Privacy-by-design for consumer goods and services Pending ISO/IEC 29100 Privacy framework Published (free) Mechanism ISO/IEC 20889 Data de-identification terminology and classification of techniques Published ISO/IEC 29184 Online privacy notices and consent Pending Organisation practice ISO/IEC 27550 Privacy engineering for system life cycle processes 2019 ISO/IEC 27552 Privacy information management -- requirements and guidelines 2019 ISO/IEC 27555 Establishing a PII deletion concept in organisations Pending ISO/IEC 27556 User-centric framework for privacy preference management Pending ISO/IEC 29134 Privacy impact assessment guidelines Published ISO/IEC 29151 Code of practice for PII protection Published ISO/IEC 29190 Privacy capability assessment model Published Ecosystem practice ISO/IEC 20547-4 Big data security and privacy Pending ISO/IEC 27030 Security and privacy guidelines for IoT Pending ISO/IEC 27570 Privacy guidelines for smart cities Pending ISO/IEC 23751 Data sharing agreements Pending
  • 14. Privacy Engineering: Integrating privacy concerns Privacy Privacy Privacy Privacy Privacy Privacy Privacy! 12 June 2019 Status of privacy engineering standardisation Slide 14
  • 15. Beyond CIA Confidentiality Integrity Availability Unlinkability Intervenability Transparency 12 June 2019 Status of privacy engineering standardisation Slide 15 From ULD: ieee-security.org/TC/SPW2015/IWPE/2.pdf
  • 16. Privacy threats analysis: LINDDUN https://distrinet.cs.kuleuven.be/software/linddun/catalog.php 12 June 2019 Property Threat Hard privacy Unlinkability Linkability Anonymity Identifiability Plausible deniability Non-repudiation Undetectability and unobservability Detectability Security Confidentiality Disclosure of information Soft Privacy Content awareness Unawareness Policy and consent compliance Non compliance Status of privacy engineering standardisation Slide 16
  • 17. Design Strategy (J.H.Hoepman) https://www.enisa.europa.eu/publications/privacy-and-data-protection-by-design/at_download/fullReport Design strategy Description Data oriented strategies Minimize Limit as much as possible the processing of PII Separate Distribute or isolate personal data as much as possible, to prevent correlation Abstract Limit as much as possible the detail in which personal data is processed, while still being useful Hide Prevent PII to become public or known. Process oriented strategies Inform Inform PII principals about the processing of PII Control Provide PII principals control about the processing of their PII. Enforce Commit to PII processing in a privacy friendly way, and enforce this Demonstrate Demonstrate that PII is processed in a privacy friendly way. 12 June 2019 Status of privacy engineering standardisation Slide 17
  • 18. What is next? New standards in the pipe A possible scenario 12 June 2019 Status of privacy engineering standardisation Slide 18 ISO 31700 Privacy by design for consumer goods and services principles 2019 2020 2021 2022 SC27/WG5 study Privacy engineering models Privacy engineering (IS) 27550 Edition 2 (from TR to IS)
  • 19. Participation to Standardisation Liaison category C with ISO/IEC JTC1/SC27/WG5 12 June 2019 Status of privacy engineering standardisation Slide 19
  • 20. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering IPEN in the Loop: Recommendation for best practice sharing on privacy engineering 12 June 2019 Status of privacy engineering standardisation Slide 20
  • 21. Creating a Virtuous Cycle Best practice sharing on privacy engineering will drive new standards Conditions Community participation  e.g. H2020 cluster of GDPR projects Repository operation Content  Textual information (use case like)  Models Management  Editorial and acceptance process 12 June 2019 Status of privacy engineering standardisation Slide 21 Privacy engineering standards Sharing Privacy engineering Practice Proposal for new standards
  • 22. PDP4E Contribution to Best Practice Sharing Models for privacy engineering IPR free Guidelines for use Possible contributions Use case for smart grid big data Use case connected vehicles (C-ITS) 12 June 2019 Status of privacy engineering standardisation PDP4E– Slide 22 Repository of models for privacy engineering Models for Lifecycle processes? IPEN community Managed by Models for Risk analysis? Models for Requirements Engineering? Models for Privacy Assurance?
  • 23. Question? antonio.kung@trialog.com www.trialog.com 12 June 2019 Status of privacy engineering standardisation Slide 23

Hinweis der Redaktion

  1. 0.03 – 2.00 My name is Antonio Kung I am the CTO of Trialog a French software house which focuses on IoT – involved in energy, mobility, health and care My background is engineering so I am not afraid to go in the details of technology and engineering I am very much involved on standardisation of privacy I am the editor of privacy engineering, contributor to big data, rapporteur for privacy in smart cities and privacy guidelnies in the IoT I am the member of an informal community launched by EDPS (European Data Protection Supervisor). And I manage a web site on existing work on privacy standards. The URL is ipen.trialog.com I am the lead the support action PRIPARE which has published a methodology for privacy engineering
  2. 2.00 – 2.03 I will take a policy maker viewpoin
  3. 2.03 – 3.00 Smart cities deal with a complex ecosystem We talk today about Smart cities, Big Data, The Internet of things. They can all be considered as complex ecosystems They integrate business domains such as smart grid, health, transport They integrate concerns such as privacy, security or others, for instance safety
  4. 2.00 – 2.03 I will take a policy maker viewpoin
  5. 13.00 From an engineering viewpoint, the main objective is to integrate privacy concerns along the lifecycle process. This picture is taken from the PRIPARE handbook It shows First the various phases from the analysis, design, implementation, verification, release, maintenance et decommissioning And secondly a central item called environment and infrastructure which consists of company knowledge, best practice, assets, … Note that the institutionalisation of privacy management is reflected in this central item.
  6. 2.00 – 2.03 I will take a policy maker viewpoin