Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

The Great GDPR MyData Debate - Aurelie Pols - Keynote

The GDPR empowers citizens with several fundamentally new rights. This session will summarise some of those new rights with an exciting keynote and three supporting presentations. In particular we will discuss the various implementation opportunities, technical and legal challenges and form a view on how these new rights should manifest for a mydata economy. We will then enter an audience participatory debate led by the speaker panel and your GDPR Mydata hosts, finalised with 4 key questions the debate has surfaced and poll the audience views on the most likely market solutions.
https://mydata2017.org/session/gdpr-debate/

The Great GDPR MyData Debate - Aurelie Pols - Keynote

  1. 1. The Great MyData GDPR Debate Aurélie Pols Helsinki August 31 2017 @aureliepols 1
  2. 2. 2
  3. 3. GDPR: Data crash test seatbelt? Drawing parallels • Seatbelt first invented beginning of XIXth century • 1955: option in some Ford models • 1958: standard by Saab • 1959: standard fitted 3-point safety belt by Volvo (still used today) • 1976: compulsory in Netherlands (EU: 1993) • US? Depends per state, NY 1984 • Today: my car beeps!!!! @aureliepols 3
  4. 4. Opposition? Most common grounds: • The view that laws requiring the wearing of belts are an infringement on individual liberty • Claims that official estimates of the number of lives saved by seatbelts are over stated or fail to take into account additional risk for other road users Source: Wikipedia (I confess!) 4@aureliepols
  5. 5. Sure the GDPR is not perfect! • Group Privacy? • Competition? “Anti-Trust?” • Freedom of Expression / ”Fake News”? • Data Property / Copyright? o Rising inequalities o GDP measurements => decisions o Ethics o Democracy 5@aureliepols
  6. 6. The GDPR is a base line, re-introducing the Data Subject into the equation 6@aureliepols
  7. 7. I am a Data Subject 7@aureliepols
  8. 8. Source: https://www.rizikon.oi/gdpr-compliance 8
  9. 9. I AM A DATA SUBJECT YOU ARE A DATA SUBJECT HE/SHE IS A DATA SUBJECT WE ARE DATA SUBJECTS YOU ARE DATA SUBJECTS THEY ARE DATA SUBJECTS 9 @aureliepols
  10. 10. We are Data Subjects as • Parents, Caretakers, • Consumers, Customers, • Citizens, • Business Partners, Employees, • Men and women, • Young and old, • …. 10 @aureliepols
  11. 11. 11 @aureliepols
  12. 12. Highlighted examples • Art 1. Human dignity: “Human dignity is inviolable. It must be respected and protected” • Art. 7 Respect for private life and family life • Art. 8 Protection of personal data • Art. 11 Freedom of expression and information • Art. 21 Non-discrimination • Art. 23 Equality between women and men • Art 48 Presumption of innocence and right to defense 12 @aureliepols
  13. 13. Threat or Opportunity? 13 @aureliepols
  14. 14. Beyond data plumbing? 14 @aureliepols
  15. 15. Autonomy 15 @aureliepols
  16. 16. Improving the Base Line Source: https://edps.europa.eu/sites/edp/files/publication/15-09-11_data_ethics_en.pdf 16 @aureliepols
  17. 17. Festina Lente Making haste slowly or Fail fast & break “things”? 17@aureliepols
  18. 18. The Internet is growing up The New Yorker - July 5, 1993 10 years later… 18 @aureliepols
  19. 19. Data commodification is already “en marche” Source: http://crackedlabs.org/en/corporate-surveillance/#7 19
  20. 20. Some of you might remember 20 @aureliepols
  21. 21. Interlocking liabilities & obligations People Company (Telco, Bank, Insurance..) Company (Agency, consultancy, vendor, ...) Cloud provider• Aligning contract obligations • (+ enforcement?) • Providing • Security • Privacy features • Privacy engineering B2C B2B B2B Privacy policies Consent MSA SOW T&C 21 @aureliepols
  22. 22. Constantly bumping up against Personal data threshold Data ownership? My Data Your Data Their Data 22 @aureliepols
  23. 23. Rights, roles & responsibilities! Questions to ask: • Who has the authority to control access and use of particular information? • What rights does a party have in using and distributing a piece of information? • What responsibilities does an information user have to others with respect to that information? Source: http://blog.joeandrieu.com/2010/01/21/beyond-data-ownership-to-information-sharing/comment-page-1/ 23 @aureliepols
  24. 24. Incentives and business models Source: http://www.slideshare.net/databeers/databeers-20150129-data-superpowers-marco-bressan-bbva-da Marco Bressan, BBVA, DataBeers Madrid Data Ethics? 24 @aureliepols
  25. 25. Compliance mitigates Risk It doesn’t build Trust (with commoditization, Trust will be the differentiator) 25 @aureliepols
  26. 26. Data is the new Electricity 26 @aureliepols
  27. 27. Data is the New Electricity Privacy is the New Green Trust is the New Currency 27 @aureliepols
  28. 28. Rights within the GDPR 28 @aureliepols
  29. 29. Define tools & uses to 1. Build o Access o Portability o Objection o Rectification o Erasure o Information o Restriction 2. For 3. Because our Values are 29 @aureliepols
  30. 30. And actors are! 30
  31. 31. Even them! 31 @aureliepols
  32. 32. The age of transparency wars? 32 @aureliepols
  33. 33. Sure the GDPR is not perfect! • Group Privacy? • Competition? “Anti-Trust?” • Freedom of Expression / ”Fake News”? • Data Property / Copyright? o Rising inequalities o GDP measurements => decisions o Ethics o Democracy 33 @aureliepols
  34. 34. Obligations as Data Subjects? 34 @aureliepols
  35. 35. Fostering data literacy 35 Source: http://arcades-project.eu/images/pdf/arcades_teaching_handbook_final_EN.pdf @aureliepols
  36. 36. 36
  37. 37. Thank you for your attention aurelie@mindyourprivacy.com 37

×