SlideShare una empresa de Scribd logo

Web Analytics and Privacy

Piwik PRO
Piwik PRO

How to Mitigate Data Risks in the Age of Evolving Privacy Legislation?

Datos y análisis
1 de 32
Descargar para leer sin conexión
Web Analytics and Privacy How to Mitigate Data Risks in the Age of Evolving Privacy Legislation
Web Analytics and Privacy The ubiquity of data is bordering on pervasive, so much that an acute tension is building between technological capabilities and ethical uses of data.
Web Analytics and Privacy If your business is a data processor, you need to follow strict privacy laws in order to avoid fines and protect your stakeholders.
Web Analytics and Privacy Here we will focus specifically on privacy for web analytics: • Evolving Privacy Legislation • Personal Data vs. Personally Identifiable Information (PII) • Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy Evolving Privacy Legislation
Web Analytics and Privacy Download free PDF! You can read full discussion of the issue in our comprehensive whitepaper... ...or get an overview by exploring this brief presentation
Web Analytics and Privacy As data flows are rarely limited to a single country, the objective becomes to build flexible and sustainable analytics setups that cover all regions. Evolving Privacy Legislation
Web Analytics and Privacy Legislative misalignments can expose you to some serious monetary penalties: • Fines are typically capped at 500k € in certain countries of the EU • Upcoming General Data Protection Regulation (GDPR) is expected to allow fines up to as much as 2% to 5% of an organization’s global turnover • US class action suits can lead to exposure to loss of much larger amounts Evolving Privacy Legislation
Web Analytics and Privacy Note that GDPR is the strictest privacy law that has ever been introduced. It will have a significant impact on all businesses dealing with customers within the European Union. Evolving Privacy Legislation
Web Analytics and Privacy GDPR will come into force within two years. What are the core issues regarding Web Analytics? Evolving Privacy Legislation
Web Analytics and Privacy Profiling is defined as any form of automated processing of personal data to predict aspects concerning performance at work, economic situation, reliability, behaviour, movements and others. • GDPR concerns all companies processing personal data about EU residents. • The profiling process must be automated • The purpose of the profiling must be to evaluate personal aspects of a natural person • One cannot use an individual’s PII for profiling purposes unless such profiling is in the public interest • Explicit consent is necessary as a new legal basis for data processing • Data subjects must be informed about any profiling activities Evolving Privacy Legislation
Web Analytics and Privacy Where should you start to make sure your organization is compliant with the new law?
Web Analytics and Privacy Guidelines on the Protection of Privacy and Transborder Flows of Personal Data by the OECD have become an internationally accepted set of rules for processing personal information. They will work just fine as a starting point. Evolving Privacy Legislation
Web Analytics and Privacy OECD privacy principles: 1. Collection Limitation: Data collection should occur only with the knowledge and consent of the concerned individual (data subject). 2. Data Quality: One should only collect information which is accurate and relevant to a particular aim. 3. Individual Participation: The concerned individual should know if their information has been collected and must be able to access it if such data exists. 4. Purpose Specification: The intended use for a particular piece of information must be known at the time of collection. 5. Use Limitation: Collected data must not be used for purposes other than those specified at the time of collection. 6. Security Safeguards: Reasonable measures must be taken to protect data from unauthorized use, destruction, modification, or disclosure of personal information. 7. Openness: Individuals should be able to avail themselves of data collection and be able to contact the entity collecting this information. 8. Accountability: The data collector should be held accountable for failing to abide by any of the above rules. A dedicated person must be appointed Evolving Privacy Legislation
Web Analytics and Privacy Remember that these outlined principles are acceptable as the core of your web-analytics privacy practices, but in many cases they may not be enough. Evolving Privacy Legislation
Web Analytics and Privacy Personal Data vs. Personally Identifiable Information (PII)
Web Analytics and Privacy Personal Data vs. Personally Identifiable Information (PII) Knowing the legal redline related to data types is crucial for minimizing the risk of breaches or violations. PII is a US-based concept, while Europe refers to Personal Data.
Web Analytics and Privacy PII data can be linked to a particular individual, whereas Personal Data can relate to someone without identification. Personal Data vs. Personally Identifiable Information (PII)
Web Analytics and Privacy E-mail address, name or phone number constitute PII, and the use of this data to capture an individual’s behaviour may be considered an abuse under privacy regulations. Personal Data vs. Personally Identifiable Information (PII)
Web Analytics and Privacy Personal Data vs. Personally Identifiable Information (PII) Aurélie Pols Taking into consideration the broad and vague definition of sensitive data, as enshrined in the European regulations, it is more practical to set up processes to detect PII following the US-based legislation. The recommended practice is therefore to use the US PII lists as a starting point to define escalation procedures and supplement such lists with context-related European practices. Mind Your Privacy
Web Analytics and Privacy Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy How can you be sure your company is fulfilling all of its data-related obligations? What methods can help you assign such responsibilities? Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy The scope of obligations for companies will depend upon the type of data they collect, process, and share. Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy Responsible Who is/will be doing this task? Who is assigned to work on this task? Accountable Whose head will roll it this goes wrong? Who has authority to make a decision? Consulted Who con tell me more about this task? Are any stakeholders already identified? Informed Whose work depends on this task? Who has to be kept updated about the progress? Risk Classification of Web-Analytics and Related Processes One popular example of a responsibility-assignment method is the the RACI model, which stands for Responsible, Accountable, Consulted, and Informed.
Web Analytics and Privacy Another method useful in certain contexts, particularly the privacy aspects of data uses, is the Privacy Impact Assessment (PIA). It typically consists of workflow-based questionnaires used by companies to identify and contain risks from the beginning. Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy Fluid privacy regulations, changing terms and conditions, excessive authority of legal counsel, and misunderstanding of legislation may indeed cause some companies to come to an analytical halt. Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy Taking that into account, responsibility could be divided into three main areas associated with the RACI model we mentioned above. When relating this to customer relationship, data-risk classification could be seen as follows... Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy Classification Description Allocation Green Carry-on, no issues here Full responsibility stays within analytics, no further consultations needed Orange Bring in an outside counsel to be on the safe date Analytics remain responsible; consult with provacy Red This is cutting edge, involves personal data and/or sensitive information and/or separate legal entitles Privacy is informed and signs off or suggests risk-mitigation solutions (saying NO is not an answer, as next time they won’t be informed) Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy Or in other words, the above classification looks something like: • Green: An individual comes to a digital property and leaves a data trail. • Orange: A company wants to take a look at which individuals come back and what their technical environment is like; e.g. using cookies. • Red: A company wants to stitch digital touch-points together. Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy Aurélie Pols The trick is to understand when Green, Orange, and Red protocols are best applied to optimize data-privacy management. Remember, context remains of essence to assure privacy rights are respected. Mind Your Privacy Risk Classification of Web-Analytics and Related Processes
Web Analytics and Privacy Download! If you want to learn more about mitigating data risks, read our free whitepaper written by renowned European privacy expert Aurélie Pols:
Thank You @piwikPRO /PiwikPro /piwik-pro

Recomendados

Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPiwik PRO
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO
 
A Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
A Comparison of Analytics and Tag Management Suites by Piwik PRO and GoogleA Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
A Comparison of Analytics and Tag Management Suites by Piwik PRO and GooglePiwik PRO
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...CIO Edge
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideZymplify
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR ComplianceDATAVERSITY
 
Beginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyBeginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
 
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc
 

Recomendados

Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPiwik PRO
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO
 
A Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
A Comparison of Analytics and Tag Management Suites by Piwik PRO and GoogleA Comparison of Analytics and Tag Management Suites by Piwik PRO and Google
A Comparison of Analytics and Tag Management Suites by Piwik PRO and GooglePiwik PRO
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...CIO Edge
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideZymplify
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR ComplianceDATAVERSITY
 
Beginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyBeginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
 
TrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc Webinar-Advertising, Privacy, and Data Management Working Together
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc
 
GDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to KnowGDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to KnowPiwik PRO
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in BerlinMailjet
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Shawn Tuma
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsUlf Mattsson
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Finding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA ComplianceFinding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA CompliancePrecisely
 
Data Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRData Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRJohn M Walsh
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
 
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]TrustArc
 
Understanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsUnderstanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsRominaMariaBaltariu
 
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdprSharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdprSharp Cookie Advisors
 
Scotland legal update 25 sept
Scotland legal update 25 septScotland legal update 25 sept
Scotland legal update 25 septRachel Aldighieri
 
Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkLeigh Hill
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Amazon Web Services
 
20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision 20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision Bart Van Den Brande
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentationSudarsan Reddy
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerCapgemini
 
Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]
Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]
Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]TrustArc
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyFLUZO
 
Ethics in Data Management.pptx
Ethics in Data Management.pptxEthics in Data Management.pptx
Ethics in Data Management.pptxRavindra Babu
 

Más contenido relacionado

La actualidad más candente

GDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to KnowGDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to KnowPiwik PRO
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in BerlinMailjet
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Shawn Tuma
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsUlf Mattsson
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Finding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA ComplianceFinding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA CompliancePrecisely
 
Data Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRData Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRJohn M Walsh
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
 
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]TrustArc
 
Understanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsUnderstanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsRominaMariaBaltariu
 
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdprSharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdprSharp Cookie Advisors
 
Scotland legal update 25 sept
Scotland legal update 25 septScotland legal update 25 sept
Scotland legal update 25 septRachel Aldighieri
 
Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkLeigh Hill
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Amazon Web Services
 
20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision 20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision Bart Van Den Brande
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerCapgemini
 
Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]
Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]
Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]TrustArc
 

La actualidad más candente (20)

GDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to KnowGDPR Data Subject Rights - What You Need to Know
GDPR Data Subject Rights - What You Need to Know
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
 
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
Finding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA ComplianceFinding Data at Risk for CCPA Compliance
Finding Data at Risk for CCPA Compliance
 
Data Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPRData Protection Forum Brussels 230517 - Implementing GDPR
Data Protection Forum Brussels 230517 - Implementing GDPR
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethics
 
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
 
Understanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsUnderstanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics tools
 
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdprSharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
 
Scotland legal update 25 sept
Scotland legal update 25 septScotland legal update 25 sept
Scotland legal update 25 sept
 
Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection framework
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
 
20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision 20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentation
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offer
 
Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]
Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]
Managing Consent and Legitimate Interests Under the GDPR [Webinar Slides]
 

Similar a Web Analytics and Privacy

A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyFLUZO
 
Ethics in Data Management.pptx
Ethics in Data Management.pptxEthics in Data Management.pptx
Ethics in Data Management.pptxRavindra Babu
 
[AIIM18] GDPR: whose job is it now? - Paul Lanois
[AIIM18] GDPR: whose job is it now? - Paul Lanois[AIIM18] GDPR: whose job is it now? - Paul Lanois
[AIIM18] GDPR: whose job is it now? - Paul LanoisAIIM International
 
Information Risk Management Overview
Information Risk Management OverviewInformation Risk Management Overview
Information Risk Management Overviewelvinchan
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessSirius
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Jim Kaplan CIA CFE
 
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Soumodeep Nanee Kundu
 
Ethics In DW & DM
Ethics In DW & DMEthics In DW & DM
Ethics In DW & DMabethan
 
Implementing And Managing A Multinational Privacy Program
Implementing And Managing A Multinational Privacy ProgramImplementing And Managing A Multinational Privacy Program
Implementing And Managing A Multinational Privacy ProgramMSpadea
 
General Data Protection Regulation Webinar 6
General Data Protection Regulation Webinar 6 General Data Protection Regulation Webinar 6
General Data Protection Regulation Webinar 6 Jim Kaplan CIA CFE
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderSymantec
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018Human Capital Department
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare IndustryEMMAIntl
 
An examination of the ethical considerations involved in data analytics
An examination of the ethical considerations involved in data analyticsAn examination of the ethical considerations involved in data analytics
An examination of the ethical considerations involved in data analyticsUncodemy
 
data-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdfdata-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdfkiruthigajawahar6
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspectiveSravan Ankaraju
 
What is a data protection impact assessment?
What is a data protection impact assessment?What is a data protection impact assessment?
What is a data protection impact assessment?Infinity Legal Solutions
 

Similar a Web Analytics and Privacy (20)

A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
 
Ethics in Data Management.pptx
Ethics in Data Management.pptxEthics in Data Management.pptx
Ethics in Data Management.pptx
 
[AIIM18] GDPR: whose job is it now? - Paul Lanois
[AIIM18] GDPR: whose job is it now? - Paul Lanois[AIIM18] GDPR: whose job is it now? - Paul Lanois
[AIIM18] GDPR: whose job is it now? - Paul Lanois
 
Information Risk Management Overview
Information Risk Management OverviewInformation Risk Management Overview
Information Risk Management Overview
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10)
 
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
 
Ethics In DW & DM
Ethics In DW & DMEthics In DW & DM
Ethics In DW & DM
 
Implementing And Managing A Multinational Privacy Program
Implementing And Managing A Multinational Privacy ProgramImplementing And Managing A Multinational Privacy Program
Implementing And Managing A Multinational Privacy Program
 
General Data Protection Regulation Webinar 6
General Data Protection Regulation Webinar 6 General Data Protection Regulation Webinar 6
General Data Protection Regulation Webinar 6
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To Consider
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
 
What is CT- DPO.pdf
What is CT- DPO.pdfWhat is CT- DPO.pdf
What is CT- DPO.pdf
 
An examination of the ethical considerations involved in data analytics
An examination of the ethical considerations involved in data analyticsAn examination of the ethical considerations involved in data analytics
An examination of the ethical considerations involved in data analytics
 
data-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdfdata-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdf
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
 
What is a data protection impact assessment?
What is a data protection impact assessment?What is a data protection impact assessment?
What is a data protection impact assessment?
 

Último

BigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptxBigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptxolyaivanovalion
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxolyaivanovalion
 
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptxBPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptxMohammedJunaid861692
 
Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz1
 
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceBDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceDelhi Call girls
 
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...Valters Lauzums
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Delhi Call girls
 
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecureCall me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecurePooja Nehwal
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptxAnupama Kate
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxolyaivanovalion
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...amitlee9823
 
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfFESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfMarinCaroMartnezBerg
 
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxolyaivanovalion
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfadriantubila
 
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightCheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightDelhi Call girls
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxolyaivanovalion
 
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Delhi Call girls
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAroojKhan71
 
Log Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptxLog Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptxJohnnyPlasten
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxolyaivanovalion
 

Último (20)

BigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptxBigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptx
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
 
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptxBPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
BPAC WITH UFSBI GENERAL PRESENTATION 18_05_2017-1.pptx
 
Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signals
 
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceBDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
 
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
 
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecureCall me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptx
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
 
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfFESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdf
 
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptx
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
 
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightCheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFx
 
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
 
Log Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptxLog Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptx
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptx
 

Web Analytics and Privacy

  • 1. Web Analytics and Privacy How to Mitigate Data Risks in the Age of Evolving Privacy Legislation
  • 2. Web Analytics and Privacy The ubiquity of data is bordering on pervasive, so much that an acute tension is building between technological capabilities and ethical uses of data.
  • 3. Web Analytics and Privacy If your business is a data processor, you need to follow strict privacy laws in order to avoid fines and protect your stakeholders.
  • 4. Web Analytics and Privacy Here we will focus specifically on privacy for web analytics: • Evolving Privacy Legislation • Personal Data vs. Personally Identifiable Information (PII) • Risk Classification of Web-Analytics and Related Processes
  • 5. Web Analytics and Privacy Evolving Privacy Legislation
  • 6. Web Analytics and Privacy Download free PDF! You can read full discussion of the issue in our comprehensive whitepaper... ...or get an overview by exploring this brief presentation
  • 7. Web Analytics and Privacy As data flows are rarely limited to a single country, the objective becomes to build flexible and sustainable analytics setups that cover all regions. Evolving Privacy Legislation
  • 8. Web Analytics and Privacy Legislative misalignments can expose you to some serious monetary penalties: • Fines are typically capped at 500k € in certain countries of the EU • Upcoming General Data Protection Regulation (GDPR) is expected to allow fines up to as much as 2% to 5% of an organization’s global turnover • US class action suits can lead to exposure to loss of much larger amounts Evolving Privacy Legislation
  • 9. Web Analytics and Privacy Note that GDPR is the strictest privacy law that has ever been introduced. It will have a significant impact on all businesses dealing with customers within the European Union. Evolving Privacy Legislation
  • 10. Web Analytics and Privacy GDPR will come into force within two years. What are the core issues regarding Web Analytics? Evolving Privacy Legislation
  • 11. Web Analytics and Privacy Profiling is defined as any form of automated processing of personal data to predict aspects concerning performance at work, economic situation, reliability, behaviour, movements and others. • GDPR concerns all companies processing personal data about EU residents. • The profiling process must be automated • The purpose of the profiling must be to evaluate personal aspects of a natural person • One cannot use an individual’s PII for profiling purposes unless such profiling is in the public interest • Explicit consent is necessary as a new legal basis for data processing • Data subjects must be informed about any profiling activities Evolving Privacy Legislation
  • 12. Web Analytics and Privacy Where should you start to make sure your organization is compliant with the new law?
  • 13. Web Analytics and Privacy Guidelines on the Protection of Privacy and Transborder Flows of Personal Data by the OECD have become an internationally accepted set of rules for processing personal information. They will work just fine as a starting point. Evolving Privacy Legislation
  • 14. Web Analytics and Privacy OECD privacy principles: 1. Collection Limitation: Data collection should occur only with the knowledge and consent of the concerned individual (data subject). 2. Data Quality: One should only collect information which is accurate and relevant to a particular aim. 3. Individual Participation: The concerned individual should know if their information has been collected and must be able to access it if such data exists. 4. Purpose Specification: The intended use for a particular piece of information must be known at the time of collection. 5. Use Limitation: Collected data must not be used for purposes other than those specified at the time of collection. 6. Security Safeguards: Reasonable measures must be taken to protect data from unauthorized use, destruction, modification, or disclosure of personal information. 7. Openness: Individuals should be able to avail themselves of data collection and be able to contact the entity collecting this information. 8. Accountability: The data collector should be held accountable for failing to abide by any of the above rules. A dedicated person must be appointed Evolving Privacy Legislation
  • 15. Web Analytics and Privacy Remember that these outlined principles are acceptable as the core of your web-analytics privacy practices, but in many cases they may not be enough. Evolving Privacy Legislation
  • 16. Web Analytics and Privacy Personal Data vs. Personally Identifiable Information (PII)
  • 17. Web Analytics and Privacy Personal Data vs. Personally Identifiable Information (PII) Knowing the legal redline related to data types is crucial for minimizing the risk of breaches or violations. PII is a US-based concept, while Europe refers to Personal Data.
  • 18. Web Analytics and Privacy PII data can be linked to a particular individual, whereas Personal Data can relate to someone without identification. Personal Data vs. Personally Identifiable Information (PII)
  • 19. Web Analytics and Privacy E-mail address, name or phone number constitute PII, and the use of this data to capture an individual’s behaviour may be considered an abuse under privacy regulations. Personal Data vs. Personally Identifiable Information (PII)
  • 20. Web Analytics and Privacy Personal Data vs. Personally Identifiable Information (PII) Aurélie Pols Taking into consideration the broad and vague definition of sensitive data, as enshrined in the European regulations, it is more practical to set up processes to detect PII following the US-based legislation. The recommended practice is therefore to use the US PII lists as a starting point to define escalation procedures and supplement such lists with context-related European practices. Mind Your Privacy
  • 21. Web Analytics and Privacy Risk Classification of Web-Analytics and Related Processes
  • 22. Web Analytics and Privacy How can you be sure your company is fulfilling all of its data-related obligations? What methods can help you assign such responsibilities? Risk Classification of Web-Analytics and Related Processes
  • 23. Web Analytics and Privacy The scope of obligations for companies will depend upon the type of data they collect, process, and share. Risk Classification of Web-Analytics and Related Processes
  • 24. Web Analytics and Privacy Responsible Who is/will be doing this task? Who is assigned to work on this task? Accountable Whose head will roll it this goes wrong? Who has authority to make a decision? Consulted Who con tell me more about this task? Are any stakeholders already identified? Informed Whose work depends on this task? Who has to be kept updated about the progress? Risk Classification of Web-Analytics and Related Processes One popular example of a responsibility-assignment method is the the RACI model, which stands for Responsible, Accountable, Consulted, and Informed.
  • 25. Web Analytics and Privacy Another method useful in certain contexts, particularly the privacy aspects of data uses, is the Privacy Impact Assessment (PIA). It typically consists of workflow-based questionnaires used by companies to identify and contain risks from the beginning. Risk Classification of Web-Analytics and Related Processes
  • 26. Web Analytics and Privacy Fluid privacy regulations, changing terms and conditions, excessive authority of legal counsel, and misunderstanding of legislation may indeed cause some companies to come to an analytical halt. Risk Classification of Web-Analytics and Related Processes
  • 27. Web Analytics and Privacy Taking that into account, responsibility could be divided into three main areas associated with the RACI model we mentioned above. When relating this to customer relationship, data-risk classification could be seen as follows... Risk Classification of Web-Analytics and Related Processes
  • 28. Web Analytics and Privacy Classification Description Allocation Green Carry-on, no issues here Full responsibility stays within analytics, no further consultations needed Orange Bring in an outside counsel to be on the safe date Analytics remain responsible; consult with provacy Red This is cutting edge, involves personal data and/or sensitive information and/or separate legal entitles Privacy is informed and signs off or suggests risk-mitigation solutions (saying NO is not an answer, as next time they won’t be informed) Risk Classification of Web-Analytics and Related Processes
  • 29. Web Analytics and Privacy Or in other words, the above classification looks something like: • Green: An individual comes to a digital property and leaves a data trail. • Orange: A company wants to take a look at which individuals come back and what their technical environment is like; e.g. using cookies. • Red: A company wants to stitch digital touch-points together. Risk Classification of Web-Analytics and Related Processes
  • 30. Web Analytics and Privacy Aurélie Pols The trick is to understand when Green, Orange, and Red protocols are best applied to optimize data-privacy management. Remember, context remains of essence to assure privacy rights are respected. Mind Your Privacy Risk Classification of Web-Analytics and Related Processes
  • 31. Web Analytics and Privacy Download! If you want to learn more about mitigating data risks, read our free whitepaper written by renowned European privacy expert Aurélie Pols: