SlideShare una empresa de Scribd logo

GDPR, User Data, Privacy, and Your Apps

Carl Brown
Carl Brown

The document discusses the General Data Protection Regulation (GDPR) which takes effect in May 2018 and imposes strict rules and heavy fines on companies regarding the collection and processing of users' personal data. It outlines several principles of GDPR including rights to access, correct and delete personal data. The document also provides strategies for app developers to comply with GDPR such as determining if all collected personal data is necessary, encrypting data, and informing users about data collection and sharing.

Tecnología
1 de 21
Descargar para leer sin conexión
User Data, App Development, GDPR, Ethics and you CocoaCoders April 26th, 2018
Disclaimer • I am not a lawyer • Viewer discretion advised
Interactivity This is not supposed to be me lecturing Stop me and ask questions or interject
Disclaimer
What is GDPR? • European Union regulation on Privacy (more detail later) • Takes effect May 25th 2018 • Penalties: The greater of €10 million or 2% of global annual revenue
Does this matter here? Some people think so
Will (something like) this come to U.S.? What do you think?
What Data is Affected? • Basic identity information such as name, address and ID numbers • Web data such as location, IP address, cookie data and RFID tags • Health and genetic data • Biometric data • Racial or ethnic data • Political opinions • Sexual orientation https://www.csoonline.com/article/3202771/data-protection/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html
GDPR Principles (1/4) • "Easier access to your own data: individuals will have more information on how their data is processed and this information should be available in a clear and understandable way."
GDPR Principles (2/4) • "A right to data portability: it will be easier to transfer your personal data between service providers."
GDPR Principles (3/4) • "A clarified 'right to be forgotten': when you no longer want your data to be processed, and provided that there are no legitimate grounds for retaining it, the data will be delete."
GDPR Principles (4/4) • "The right to know when your data has been hacked: For example, companies and organizations must notify the national supervisory authority of serious data breaches as soon as possible so that users can take appropriate measures.” • (“The 72-hour reporting window that the GDPR requires makes it especially important that vendors know how to properly report a breach.") https://www.csoonline.com/article/3202771/data-protection/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html
New Apple APIs • Providing User Access to CloudKit Data • https://developer.apple.com/documentation/cloudkit/ providing_user_access_to_cloudkit_data/ • Responding to Requests to Delete Data • https://developer.apple.com/documentation/cloudkit/ responding_to_requests_to_delete_data/
GreyKey Cracks a phones passkey Provides complete Keychain contents…
Blue’s Suggestions •I recommend Apple's WWDC privacy sessions for Best Practices on obvious(?) concepts such as transparency, consent, and user control. The videos also cover ways to re-think data collection, trading firehoses for eye-droppers (and/or muddy water). For instance ... •"Privacy and Your Apps" (2017) https://developer.apple.com/videos/play/wwdc2017/702/ •"Engineering Privacy for Your Users" (2016) https://developer.apple.com/videos/play/ wwdc2016/709/ •The first video includes discussion (6:15) of how to back-away from raw data in order to get just the information you need. •The second video has a nice description (14:00) of Differential Privacy: adding noise to collected data.
Strategies • 1. Determine whether the app really needs all the requested personal data • 2. Encrypt all personal data and inform users about it • 3. Think OAUTH for data portability • 4. Enforce secure communications through HTTPS • 5. Inform users about and encrypt personal data from ‘contact us' forms https://techbeacon.com/15-steps-developing-eu-privacy-policy-compliant-apps
Strategies (cont) • 6. Make sure sessions and cookies expire and are destroyed after logout • 7. Do not track user activity for business intelligence  • 8. Tell users about logs that save location or IP addresses  • 9. Store logs in a safe place, preferably encrypted • 10. Security questions should not turn on users' personal data https://techbeacon.com/15-steps-developing-eu-privacy-policy-compliant-apps
Strategies (cont) • 11. Create clear terms and conditions and make sure users read them • 12. Inform users about any data sharing with third parties   • 13. Create clear policies for data breaches • 14. Delete data of users who cancel their service • 15. Patch web/dependency vulnerabilities  https://techbeacon.com/15-steps-developing-eu-privacy-policy-compliant-apps
Get Apple’s data on you • https://www.cnbc.com/2018/04/25/how-to-download-a-copy-of-apple- data-about-me.html
Since We’re on the Subject Big Data is Everywhere…
Further Reading • https://www.prnewswire.com/news-releases/lookout-report-84-of-it- executives-expect-data-accessed-on-mobile-to-cause-gdpr- violations-300555381.html • https://techbeacon.com/15-steps-developing-eu-privacy-policy-compliant- apps • http://europa.eu/rapid/press-release_IP-15-6321_en.htm • https://www.schneier.com/blog/archives/2018/03/greykey_iphone_.html • https://www.wsj.com/articles/how-europes-new-privacy-rules-favor-google- and-facebook-1524536324

Recomendados

Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Peter Procházka
 
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...ProductNation/iSPIRT
 
Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Praveenkumar Hosangadi
 
GDPR FTW, or, How I Learned to Stop Worrying and Love Privacy By Design
GDPR FTW, or, How I Learned to Stop Worrying and Love Privacy By DesignGDPR FTW, or, How I Learned to Stop Worrying and Love Privacy By Design
GDPR FTW, or, How I Learned to Stop Worrying and Love Privacy By DesignJohn Eckman
 
Trustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoTrustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoPeter Bihr
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
The REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyThe REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyClaudiu Popa
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White PapaerKristyn Greenwood
 

Recomendados

Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Privacy by Design and by Default + General Data Protection Regulation with Si...
Privacy by Design and by Default + General Data Protection Regulation with Si...Peter Procházka
 
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...ProductNation/iSPIRT
 
Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Big data contains valuable information - Protect It!
Big data contains valuable information - Protect It!Praveenkumar Hosangadi
 
GDPR FTW, or, How I Learned to Stop Worrying and Love Privacy By Design
GDPR FTW, or, How I Learned to Stop Worrying and Love Privacy By DesignGDPR FTW, or, How I Learned to Stop Worrying and Love Privacy By Design
GDPR FTW, or, How I Learned to Stop Worrying and Love Privacy By DesignJohn Eckman
 
Trustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoTrustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoPeter Bihr
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
The REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyThe REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyClaudiu Popa
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White PapaerKristyn Greenwood
 
Avoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by DesignAvoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by Designbradley_g
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetupIshay Tentser
 
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™Intralinks
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Sagara Gunathunga
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Gridbradley_g
 
Introduction to Ethics of Big Data
Introduction to Ethics of Big DataIntroduction to Ethics of Big Data
Introduction to Ethics of Big Data28 Burnside
 
Privacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artPrivacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artJames Mulhern
 
Data Privacy
Data PrivacyData Privacy
Data Privacycliff_rudolph
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
Ethics of Big Data
Ethics of Big DataEthics of Big Data
Ethics of Big DataMatti Vesala
 
Data Analytics Governance and Ethics
Data Analytics Governance and EthicsData Analytics Governance and Ethics
Data Analytics Governance and EthicsHPCC Systems
 
BigID IAPP webinar on data-driven enterprise privacy management
BigID IAPP webinar on data-driven enterprise privacy managementBigID IAPP webinar on data-driven enterprise privacy management
BigID IAPP webinar on data-driven enterprise privacy managementBigID Inc
 
TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...
TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...
TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...Omo Osagiede
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect stormUlf Mattsson
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...Giulio Coraggio
 
Storgrid-Encryption-White-Paper
Storgrid-Encryption-White-PaperStorgrid-Encryption-White-Paper
Storgrid-Encryption-White-PaperToshio Spoor
 
Privacy by design
Privacy by designPrivacy by design
Privacy by designblogzilla
 
GDPR- The Buck Stops Here
GDPR- The Buck Stops HereGDPR- The Buck Stops Here
GDPR- The Buck Stops HereKellyn Pot'Vin-Gorman
 
Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with PrivacyJason Hong
 

Más contenido relacionado

La actualidad más candente

Avoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by DesignAvoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by Designbradley_g
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetupIshay Tentser
 
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™Intralinks
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Sagara Gunathunga
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Gridbradley_g
 
Introduction to Ethics of Big Data
Introduction to Ethics of Big DataIntroduction to Ethics of Big Data
Introduction to Ethics of Big Data28 Burnside
 
Privacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artPrivacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artJames Mulhern
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
Ethics of Big Data
Ethics of Big DataEthics of Big Data
Ethics of Big DataMatti Vesala
 
Data Analytics Governance and Ethics
Data Analytics Governance and EthicsData Analytics Governance and Ethics
Data Analytics Governance and EthicsHPCC Systems
 
BigID IAPP webinar on data-driven enterprise privacy management
BigID IAPP webinar on data-driven enterprise privacy managementBigID IAPP webinar on data-driven enterprise privacy management
BigID IAPP webinar on data-driven enterprise privacy managementBigID Inc
 
TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...
TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...
TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...Omo Osagiede
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect stormUlf Mattsson
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...Giulio Coraggio
 
Storgrid-Encryption-White-Paper
Storgrid-Encryption-White-PaperStorgrid-Encryption-White-Paper
Storgrid-Encryption-White-PaperToshio Spoor
 
Privacy by design
Privacy by designPrivacy by design
Privacy by designblogzilla
 

La actualidad más candente (20)

Avoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by DesignAvoid Privacy by Disaster by Adopting Privacy by Design
Avoid Privacy by Disaster by Adopting Privacy by Design
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetup
 
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Grid
 
Introduction to Ethics of Big Data
Introduction to Ethics of Big DataIntroduction to Ethics of Big Data
Introduction to Ethics of Big Data
 
Privacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the artPrivacy by Design - taking in account the state of the art
Privacy by Design - taking in account the state of the art
 
Data Privacy
Data PrivacyData Privacy
Data Privacy
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage Presentation
 
Ethics of Big Data
Ethics of Big DataEthics of Big Data
Ethics of Big Data
 
Data Analytics Governance and Ethics
Data Analytics Governance and EthicsData Analytics Governance and Ethics
Data Analytics Governance and Ethics
 
BigID IAPP webinar on data-driven enterprise privacy management
BigID IAPP webinar on data-driven enterprise privacy managementBigID IAPP webinar on data-driven enterprise privacy management
BigID IAPP webinar on data-driven enterprise privacy management
 
TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...
TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...
TBEX 2018 - Digital Security and GDPR Considerations for the Travel and Hospi...
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect storm
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by Design
 
How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...
 
Storgrid-Encryption-White-Paper
Storgrid-Encryption-White-PaperStorgrid-Encryption-White-Paper
Storgrid-Encryption-White-Paper
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 

Similar a GDPR, User Data, Privacy, and Your Apps

Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with PrivacyJason Hong
 
A Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.CoinA Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.CoinFranco Coin
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19TechSoup
 
Cookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCastlebridge Associates
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyFLUZO
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionInfoGoTo
 
Privacy & Data Ethics
Privacy & Data EthicsPrivacy & Data Ethics
Privacy & Data EthicsErik Kokkonen
 
#1NWebinar: GDPR and Privacy Best Practices for Digital Marketers
#1NWebinar: GDPR and Privacy Best Practices for Digital Marketers#1NWebinar: GDPR and Privacy Best Practices for Digital Marketers
#1NWebinar: GDPR and Privacy Best Practices for Digital MarketersOne North
 
Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)Andy Talbot
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data PrivacyFalcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data PrivacyFalcon.io
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Steven Meister
 
Privacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin NeviasPrivacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin NeviasKevin Nevias
 
Big data - What is It?
Big data - What is It?Big data - What is It?
Big data - What is It?Nicole Aidney
 
Web Marketing Wednesday Ottawa Oct 12th 2011
Web Marketing Wednesday Ottawa Oct 12th 2011Web Marketing Wednesday Ottawa Oct 12th 2011
Web Marketing Wednesday Ottawa Oct 12th 2011Antoine Gay
 

Similar a GDPR, User Data, Privacy, and Your Apps (20)

GDPR- The Buck Stops Here
GDPR- The Buck Stops HereGDPR- The Buck Stops Here
GDPR- The Buck Stops Here
 
Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with Privacy
 
A Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.CoinA Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.Coin
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
 
Cookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspective
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and Retention
 
Privacy & Data Ethics
Privacy & Data EthicsPrivacy & Data Ethics
Privacy & Data Ethics
 
Internal social networks
Internal social networksInternal social networks
Internal social networks
 
#1NWebinar: GDPR and Privacy Best Practices for Digital Marketers
#1NWebinar: GDPR and Privacy Best Practices for Digital Marketers#1NWebinar: GDPR and Privacy Best Practices for Digital Marketers
#1NWebinar: GDPR and Privacy Best Practices for Digital Marketers
 
Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
 
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data PrivacyFalcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
 
Internal social media: risks and added value
Internal social media: risks and added valueInternal social media: risks and added value
Internal social media: risks and added value
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
 
Privacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin NeviasPrivacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin Nevias
 
Big data - What is It?
Big data - What is It?Big data - What is It?
Big data - What is It?
 
Web Marketing Wednesday Ottawa Oct 12th 2011
Web Marketing Wednesday Ottawa Oct 12th 2011Web Marketing Wednesday Ottawa Oct 12th 2011
Web Marketing Wednesday Ottawa Oct 12th 2011
 

Más de Carl Brown

New in iOS 11.3b4 and Xcode 9.3b4
New in iOS 11.3b4 and Xcode 9.3b4New in iOS 11.3b4 and Xcode 9.3b4
New in iOS 11.3b4 and Xcode 9.3b4Carl Brown
 
Managing Memory in Swift (Yes, that's a thing)
Managing Memory in Swift (Yes, that's a thing)Managing Memory in Swift (Yes, that's a thing)
Managing Memory in Swift (Yes, that's a thing)Carl Brown
 
Better Swift from the Foundation up #tryswiftnyc17 09-06
Better Swift from the Foundation up #tryswiftnyc17 09-06Better Swift from the Foundation up #tryswiftnyc17 09-06
Better Swift from the Foundation up #tryswiftnyc17 09-06Carl Brown
 
Generics, the Swift ABI and you
Generics, the Swift ABI and youGenerics, the Swift ABI and you
Generics, the Swift ABI and youCarl Brown
 
Swift GUI Development without Xcode
Swift GUI Development without XcodeSwift GUI Development without Xcode
Swift GUI Development without XcodeCarl Brown
 
what's new in iOS10 2016-06-23
what's new in iOS10 2016-06-23what's new in iOS10 2016-06-23
what's new in iOS10 2016-06-23Carl Brown
 
Open Source Swift: Up and Running
Open Source Swift: Up and RunningOpen Source Swift: Up and Running
Open Source Swift: Up and RunningCarl Brown
 
Parse migration CocoaCoders April 28th, 2016
Parse migration CocoaCoders April 28th, 2016Parse migration CocoaCoders April 28th, 2016
Parse migration CocoaCoders April 28th, 2016Carl Brown
 
Swift 2.2 Design Patterns CocoaConf Austin 2016
Swift 2.2 Design Patterns CocoaConf Austin 2016Swift 2.2 Design Patterns CocoaConf Austin 2016
Swift 2.2 Design Patterns CocoaConf Austin 2016Carl Brown
 
Advanced, Composable Collection Views, From CocoaCoders meetup Austin Feb 12,...
Advanced, Composable Collection Views, From CocoaCoders meetup Austin Feb 12,...Advanced, Composable Collection Views, From CocoaCoders meetup Austin Feb 12,...
Advanced, Composable Collection Views, From CocoaCoders meetup Austin Feb 12,...Carl Brown
 
Cocoa coders 141113-watch
Cocoa coders 141113-watchCocoa coders 141113-watch
Cocoa coders 141113-watchCarl Brown
 
iOS8 and the new App Store
iOS8 and the new App Store iOS8 and the new App Store
iOS8 and the new App Store Carl Brown
 
Dark Art of Software Estimation 360iDev2014
Dark Art of Software Estimation 360iDev2014Dark Art of Software Estimation 360iDev2014
Dark Art of Software Estimation 360iDev2014Carl Brown
 
Intro to cloud kit Cocoader.org 24 July 2014
Intro to cloud kit Cocoader.org 24 July 2014Intro to cloud kit Cocoader.org 24 July 2014
Intro to cloud kit Cocoader.org 24 July 2014Carl Brown
 
Welcome to Swift (CocoaCoder 6/12/14)
Welcome to Swift (CocoaCoder 6/12/14)Welcome to Swift (CocoaCoder 6/12/14)
Welcome to Swift (CocoaCoder 6/12/14)Carl Brown
 
Writing Apps that Can See: Getting Data from CoreImage to Computer Vision - ...
Writing Apps that Can See: Getting Data from CoreImage to Computer Vision - ...Writing Apps that Can See: Getting Data from CoreImage to Computer Vision - ...
Writing Apps that Can See: Getting Data from CoreImage to Computer Vision - ...Carl Brown
 
Introduction to Git Commands and Concepts
Introduction to Git Commands and ConceptsIntroduction to Git Commands and Concepts
Introduction to Git Commands and ConceptsCarl Brown
 
REST/JSON/CoreData Example Code - A Tour
REST/JSON/CoreData Example Code - A TourREST/JSON/CoreData Example Code - A Tour
REST/JSON/CoreData Example Code - A TourCarl Brown
 
360iDev iOS AntiPatterns
360iDev iOS AntiPatterns360iDev iOS AntiPatterns
360iDev iOS AntiPatternsCarl Brown
 

Más de Carl Brown (20)

New in iOS 11.3b4 and Xcode 9.3b4
New in iOS 11.3b4 and Xcode 9.3b4New in iOS 11.3b4 and Xcode 9.3b4
New in iOS 11.3b4 and Xcode 9.3b4
 
Managing Memory in Swift (Yes, that's a thing)
Managing Memory in Swift (Yes, that's a thing)Managing Memory in Swift (Yes, that's a thing)
Managing Memory in Swift (Yes, that's a thing)
 
Better Swift from the Foundation up #tryswiftnyc17 09-06
Better Swift from the Foundation up #tryswiftnyc17 09-06Better Swift from the Foundation up #tryswiftnyc17 09-06
Better Swift from the Foundation up #tryswiftnyc17 09-06
 
Generics, the Swift ABI and you
Generics, the Swift ABI and youGenerics, the Swift ABI and you
Generics, the Swift ABI and you
 
Swift GUI Development without Xcode
Swift GUI Development without XcodeSwift GUI Development without Xcode
Swift GUI Development without Xcode
 
what's new in iOS10 2016-06-23
what's new in iOS10 2016-06-23what's new in iOS10 2016-06-23
what's new in iOS10 2016-06-23
 
Open Source Swift: Up and Running
Open Source Swift: Up and RunningOpen Source Swift: Up and Running
Open Source Swift: Up and Running
 
Parse migration CocoaCoders April 28th, 2016
Parse migration CocoaCoders April 28th, 2016Parse migration CocoaCoders April 28th, 2016
Parse migration CocoaCoders April 28th, 2016
 
Swift 2.2 Design Patterns CocoaConf Austin 2016
Swift 2.2 Design Patterns CocoaConf Austin 2016Swift 2.2 Design Patterns CocoaConf Austin 2016
Swift 2.2 Design Patterns CocoaConf Austin 2016
 
Advanced, Composable Collection Views, From CocoaCoders meetup Austin Feb 12,...
Advanced, Composable Collection Views, From CocoaCoders meetup Austin Feb 12,...Advanced, Composable Collection Views, From CocoaCoders meetup Austin Feb 12,...
Advanced, Composable Collection Views, From CocoaCoders meetup Austin Feb 12,...
 
Gcd cc-150205
Gcd cc-150205Gcd cc-150205
Gcd cc-150205
 
Cocoa coders 141113-watch
Cocoa coders 141113-watchCocoa coders 141113-watch
Cocoa coders 141113-watch
 
iOS8 and the new App Store
iOS8 and the new App Store iOS8 and the new App Store
iOS8 and the new App Store
 
Dark Art of Software Estimation 360iDev2014
Dark Art of Software Estimation 360iDev2014Dark Art of Software Estimation 360iDev2014
Dark Art of Software Estimation 360iDev2014
 
Intro to cloud kit Cocoader.org 24 July 2014
Intro to cloud kit Cocoader.org 24 July 2014Intro to cloud kit Cocoader.org 24 July 2014
Intro to cloud kit Cocoader.org 24 July 2014
 
Welcome to Swift (CocoaCoder 6/12/14)
Welcome to Swift (CocoaCoder 6/12/14)Welcome to Swift (CocoaCoder 6/12/14)
Welcome to Swift (CocoaCoder 6/12/14)
 
Writing Apps that Can See: Getting Data from CoreImage to Computer Vision - ...
Writing Apps that Can See: Getting Data from CoreImage to Computer Vision - ...Writing Apps that Can See: Getting Data from CoreImage to Computer Vision - ...
Writing Apps that Can See: Getting Data from CoreImage to Computer Vision - ...
 
Introduction to Git Commands and Concepts
Introduction to Git Commands and ConceptsIntroduction to Git Commands and Concepts
Introduction to Git Commands and Concepts
 
REST/JSON/CoreData Example Code - A Tour
REST/JSON/CoreData Example Code - A TourREST/JSON/CoreData Example Code - A Tour
REST/JSON/CoreData Example Code - A Tour
 
360iDev iOS AntiPatterns
360iDev iOS AntiPatterns360iDev iOS AntiPatterns
360iDev iOS AntiPatterns
 

Último

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 

Último (20)

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 

GDPR, User Data, Privacy, and Your Apps

  • 1. User Data, App Development, GDPR, Ethics and you CocoaCoders April 26th, 2018
  • 2. Disclaimer • I am not a lawyer • Viewer discretion advised
  • 3. Interactivity This is not supposed to be me lecturing Stop me and ask questions or interject
  • 5. What is GDPR? • European Union regulation on Privacy (more detail later) • Takes effect May 25th 2018 • Penalties: The greater of €10 million or 2% of global annual revenue
  • 6. Does this matter here? Some people think so
  • 7. Will (something like) this come to U.S.? What do you think?
  • 8. What Data is Affected? • Basic identity information such as name, address and ID numbers • Web data such as location, IP address, cookie data and RFID tags • Health and genetic data • Biometric data • Racial or ethnic data • Political opinions • Sexual orientation https://www.csoonline.com/article/3202771/data-protection/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html
  • 9. GDPR Principles (1/4) • "Easier access to your own data: individuals will have more information on how their data is processed and this information should be available in a clear and understandable way."
  • 10. GDPR Principles (2/4) • "A right to data portability: it will be easier to transfer your personal data between service providers."
  • 11. GDPR Principles (3/4) • "A clarified 'right to be forgotten': when you no longer want your data to be processed, and provided that there are no legitimate grounds for retaining it, the data will be delete."
  • 12. GDPR Principles (4/4) • "The right to know when your data has been hacked: For example, companies and organizations must notify the national supervisory authority of serious data breaches as soon as possible so that users can take appropriate measures.” • (“The 72-hour reporting window that the GDPR requires makes it especially important that vendors know how to properly report a breach.") https://www.csoonline.com/article/3202771/data-protection/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html
  • 13. New Apple APIs • Providing User Access to CloudKit Data • https://developer.apple.com/documentation/cloudkit/ providing_user_access_to_cloudkit_data/ • Responding to Requests to Delete Data • https://developer.apple.com/documentation/cloudkit/ responding_to_requests_to_delete_data/
  • 14. GreyKey Cracks a phones passkey Provides complete Keychain contents…
  • 15. Blue’s Suggestions •I recommend Apple's WWDC privacy sessions for Best Practices on obvious(?) concepts such as transparency, consent, and user control. The videos also cover ways to re-think data collection, trading firehoses for eye-droppers (and/or muddy water). For instance ... •"Privacy and Your Apps" (2017) https://developer.apple.com/videos/play/wwdc2017/702/ •"Engineering Privacy for Your Users" (2016) https://developer.apple.com/videos/play/ wwdc2016/709/ •The first video includes discussion (6:15) of how to back-away from raw data in order to get just the information you need. •The second video has a nice description (14:00) of Differential Privacy: adding noise to collected data.
  • 16. Strategies • 1. Determine whether the app really needs all the requested personal data • 2. Encrypt all personal data and inform users about it • 3. Think OAUTH for data portability • 4. Enforce secure communications through HTTPS • 5. Inform users about and encrypt personal data from ‘contact us' forms https://techbeacon.com/15-steps-developing-eu-privacy-policy-compliant-apps
  • 17. Strategies (cont) • 6. Make sure sessions and cookies expire and are destroyed after logout • 7. Do not track user activity for business intelligence  • 8. Tell users about logs that save location or IP addresses  • 9. Store logs in a safe place, preferably encrypted • 10. Security questions should not turn on users' personal data https://techbeacon.com/15-steps-developing-eu-privacy-policy-compliant-apps
  • 18. Strategies (cont) • 11. Create clear terms and conditions and make sure users read them • 12. Inform users about any data sharing with third parties   • 13. Create clear policies for data breaches • 14. Delete data of users who cancel their service • 15. Patch web/dependency vulnerabilities  https://techbeacon.com/15-steps-developing-eu-privacy-policy-compliant-apps
  • 19. Get Apple’s data on you • https://www.cnbc.com/2018/04/25/how-to-download-a-copy-of-apple- data-about-me.html
  • 20. Since We’re on the Subject Big Data is Everywhere…
  • 21. Further Reading • https://www.prnewswire.com/news-releases/lookout-report-84-of-it- executives-expect-data-accessed-on-mobile-to-cause-gdpr- violations-300555381.html • https://techbeacon.com/15-steps-developing-eu-privacy-policy-compliant- apps • http://europa.eu/rapid/press-release_IP-15-6321_en.htm • https://www.schneier.com/blog/archives/2018/03/greykey_iphone_.html • https://www.wsj.com/articles/how-europes-new-privacy-rules-favor-google- and-facebook-1524536324