With the latest news of privacy violations on popular social media platforms and the new regulations coming from the European Union (EU) – The General Data Protection Regulations (GDPR), how companies use data and the laws protecting consumers is in the forefront of many person’s minds.
4. What data?
Data about you
• Name
• Nationality/Residency
• Age
• Likes and Dislikes
• Relatives
• Associates
• Medical Information
• Etc.
Data about what you do
• Location/Travel (history and
current)
• Frequent websites/apps
• Entertainment you like
(music, movies,
parties/events, etc.)
• Voice
4
6. What is it?
Digitization • Is the process of moving to a digital
business
• It is the use of digital technologies
to change a business model and
provide new revenue and value-
producing opportunities
*Gartner.com
6
7. Data as an Asset
• Data isn’t just information on customers
anymore
• Assets can be used to make money
• Assets can be used to acquire more
assets
• Data informs decisions
Acquire
Curate
EnhanceAnalyze
Monetize
7
9. What is it?
Privacy • (IT) what data can be shared
with a third party
• Being free from unwanted or
undue intrusion or disturbance
in one’s private life
*TechTarget.com
*Dictionary.com
9
10. Threats and Risks to Privacy
• Web Tracking
• Data Collections
• Lack of Security
• Connected Everything – IoT
• Public/Free Wi-Fi
• Social Networking
• Social Engineering
Threats:
• Discrimination
• Disclosure of Information
• Lack of Anonymity
• Movement of Data
Risks:
10
11. What Laws Are There To Protect Privacy?
• The Jamaican Constitution, The
Charter of Fundamental Rights
and Freedoms – Chapter 3
• The International Covenant on
Civil and Political Rights (ICCPR)
– Article 17
Local Laws
• General Data Protection
Regulation (GDPR) - EU
• The Data Protection Act – UK
• Personal Information Protection
Act – Bermuda
• Data Protection Law - Cayman
Islands
International/Regional Laws
11
13. Can We Really Have Privacy?
Individuals Companies|
13
14. Awareness is Key
14
Understand the laws that protect/guide you
Understand what you are signing/agreeing to |
your obligations to customers
Understand the technology you are using
Ensure your technology is up to date
17. How Does Your Company Use Data?
17
Process
Perform some assessment or
transformation of data
Control
Collect and store
data and may
process data
None
Manual business,
paper based
business
*GDPR
18. Even More Analytics
18
Identify
• Map data on customers
• Create flags
Classify
• Region/Jurisdiction
• Exemption/Do not process
Action
• Update existing analytics
• Educate and enforce
19. What else can we do?
19
Define what a breach is
Develop communication strategy
Update policies
Prepare/Update privacy clauses
Prepare privacy request processes
Very timely topic considering the EU’s General Data Protection Regulation (GDPR) and Cambridge Analytica’s data privacy issues currently in the news.
As Information System Auditors/Data Analysts/Business Analysts here at Symptai – changes like this are important/interesting to us – Governance
Previous examples of breaches…
Data Subject’ s Right to:
Know
Prevent Processing Likely to Cause Damage or Distress
Prevent Processing for Purposes of Direct Marketing
Constrain Automated Decision Taking
Rectification of Inaccuracies
Data Controller
Registration
Appointment of Data Protection Officer
Adherence to Processing Standards
Data Protection Impact Assessment
Prosecution, Penalties, Liabilities
ICCPR - provides that no one shall be subjected to an arbitrary or unlawful interference with his or her privacy
1 know what data you currently have on customers and what jurisdiction they belong to
2 flags can help to easily manage info on the data you do or do not have
3 know which laws apply to who
4 id quickly and easily remove persons from analytics or even from system if requested
5 refine existing analytics using the map and flags and exemptions | do analytics assume too much discrimination
6 educate customers and staff (personal and office data security) | have someone responsible (data protection officer)
https://searchsecurity.techtarget.com/tip/A-look-at-the-key-GDPR-requirements-and-how-to-meet-them?src=5737362&asrc=EM_ERU_94056887&utm_content=eru-rd2-rcpE&utm_medium=EM&utm_source=ERU&utm_campaign=20180426_ERU%20Transmission%20for%2004/26/2018%20(UserUniverse:%202572767)