SlideShare une entreprise Scribd logo

DATA PRIVACY, CLOUD & PURCHASING DEPARTMENT

Prof. Jacques Folon (Ph.D)
Prof. Jacques Folon (Ph.D)

LECTURE GIVEN IN ESC RENNES IN MARCH 2015

Formation
1  sur  100
Télécharger pour lire hors ligne
DATA PRIVACY & PURCHASING DEPARTMENT  Jacques  Folon   www.folon.com   Partner  Edge  Consulting   Maître  de  conférences     Université  de  Liège     Chargé  de  cours     ICHEC  Brussels     Professeur  invité     Université  de  Lorraine   ESC  Rennes   IACE  Tunis     IAM  OUagadougou   http://www.nyls.edu/institute_for_information_law_and_policy/conferences/visualizing_law_in_the_digital_age/
All presentation and resources are available on WWW.FOLON.COM (cours)
TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
http://www.jerichotechnology.com/wp-content/uploads/2012/05/SocialMediaisChangingtheWorld.jpg
4 By giving people the power to share, we're making the world more transparent. The question isn't, 'What do we want to know about people?', It's, 'What do people want to tell about themselves?' Data privacy is outdated ! Mark Zuckerberg If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place. Eric Schmidt
From Big Brother to Big Other
http://fr.slideshare.net/bodyspacesociety/casilli-privacyehess-2012def Antonio Casili • Importance of T&C • Everybody speaks • mutual surveillance • Lateral surveillance
geolocalisation http://upload.wikimedia.org/wikipedia/commons/thumb/9/99/Geolocalisation_GPS_SAT.png/267px-Geolocalisation_GPS_SAT.png
data collection 1
Interactions controlled by citizens in the Information Society http://ipts.jrc.ec.europa.eu/home/report/english/articles/vol79/ICT1E796.htm
Interactions NOT controlled by citizens in the Information Society http://ipts.jrc.ec.europa.eu/home/report/english/articles/vol79/ICT1E796.htm
TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
some definitions
'personal data' shall mean any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity
'processing of personal data' ('processing') shall mean any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction
personal data filing system' ('filing system') shall mean any structured set of personal data which are accessible according to specific criteria, whether centralized, decentralized or dispersed on a functional or geographical basis
121 controller shall mean the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by national or Community laws or regulations, the controller or the specific criteria for his nomination may be designated by national or Community law;
19 'the data subject's consent' shall mean any freely given specific and informed indication of his wishes by which the data subject signifies his agreement to personal data relating to him being processed
20 Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use.
21 Member States shall provide that personal data may be processed only if: (a) the data subject has unambiguously given his consent; or (b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; or (c) processing is necessary for compliance with a legal obligation to which the controller is subject; or (d) processing is necessary in order to protect the vital interests of the data subject; or (e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data are disclosed
22 Member States shall prohibit the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of data concerning health or sex life
125 Member States shall provide that the controller or his representative must provide a data subject from whom data relating to himself are collected with at least the following information, except where he already has it: (a) the identity of the controller and of his representative, if any; (b) the purposes of the processing for which the data are intended; (c) any further information such as - the recipients or categories of recipients of the data, - whether replies to the questions are obligatory or voluntary, as well as the possible consequences of failure to reply, - the existence of the right of access to and the right to rectify the data concerning him in so far as such further information is necessary, having regard to the specific circumstances in which the data are collected, to guarantee fair processing in respect of the data subject
24 Right of access Member States shall guarantee every data subject the right to obtain from the controller: (a) without constraint at reasonable intervals and without excessive delay or expense: - confirmation as to whether or not data relating to him are being processed and information at least as to the purposes of the processing, the categories of data concerned, and the recipients or categories of recipients to whom the data are disclosed, - communication to him in an intelligible form of the data undergoing processing and of any available information as to their source, - knowledge of the logic involved in any automatic processing of data concerning him at least in the case of the automated decisions referred to in Article 15 (1); (b) as appropriate the rectification, erasure or blocking of data the processing of which does not comply with the provisions of this Directive, in particular because of the incomplete or inaccurate nature of the data; (c) notification to third parties to whom the data have been disclosed of any rectification, erasure or blocking carried out in compliance with (b), unless this proves impossible or involves a disproportionate effort
TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
OPT IN
27
Coockies
TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
international transfer & in particular cloud computing
Importance of data privacy issues for contracts with sub contractors
Sub-contractor’s choice 129 The Member States shall provide that the controller must, where processing is carried out on his behalf, choose a processor providing sufficient guarantees in respect of the technical security measures and organizational measures governing the processing to be carried out, and must ensure compliance with those measures
33 The carrying out of processing by way of a processor must be governed by a contract or legal act binding the processor to the controller and stipulating in particular that: - the processor shall act only on instructions from the controller, - the obligations as defined by the law of the Member State in which the processor is established, shall also be incumbent on the processor
TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
DATA SECURITY IS A KEY ELEMENT IN SUPPLYER’S CONTRACTS SOURCE DE L’IMAGE: http://www.techzim.co.zw/2010/05/why-organisations-should-worry-about-security-2/
Source : https://www.britestream.com/difference.html.
Everything must be transparent AND YOU NEED TO HAVE THE SYSTEM IN ORDER TO DEFEND YOUR COMPANY IN COURT
Article 16 Confidentiality of processing Any person acting under the authority of the controller or of the processor, including the processor himself, who has access to personal data must not process them except on instructions from the controller, unless he is required to do so by law
IAM
Member States shall provide that the controller must implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing. Having regard to the state of the art and the cost of their implementation, such measures shall ensure a level of security appropriate to the risks represented by the processing and the nature of the data to be protected.
48
86 SECURITY IS A LEGAL OBLIGATION
TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
What your boss thinks...
Employees share (too) many information and also with third parties
INTERNAL TRAININGS ARE NEEDED IN THE PURCHASING DEPARTMENT
Where do one steal data? •Banks •Hospitals •Ministries •Police •Newspapers •Telecoms •... Which devices are stolen? •USB •Laptops •Hard disks •Papers •Binders •Cars
63 RESTITUTIONS
51
154 Source de l’image : http://ediscoverytimes.com/?p=46
DATA SECURITY IS REQUESTED BY LAW AND IT IS THE COMPANY’S RESPONSIBILITY
Control by the employer 161SOURCE DE L’IMAGE: http://blog.loadingdata.nl/2011/05/chinese-privacy-protection-to-top-american/
SO CALLED HIDDEN COSTS 46 http://www.theatlantic.com/technology/archive/2011/09/estimating-the-damage-to-the-us-economy-caused-by-angry-birds/244972/
Phishing Sources/ Luc Pooters, Triforensic, 2011
DATA THEFT
Social engineering Sources/ Luc Pooters, Triforensic, 2011
May the employer control everything?
Who controls what?
Could my employer open my emails? 169
64 CODE OF CONDUCTS
TELEWORKING
Employer’s control 177 http://fr.slideshare.net/olivier/identitenumeriquereseauxsociaux
TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
Source: Wikipedia CLOUD COMPUTING CONTRACTS A SPECIFIC EXAMPLE OF DATA PRIVACY ISSUES
Five key characteristics, ¢• A service-oriented technology, where consumer concerns are abstracted from provider concerns, and that is ready-to-use SERVICE BASED; ¢• Services scale on-demand to add or remove resources as needed RAPID ELASTICITY AND SCALABILITY; ¢• Services share a pool of resources to build economies of scale SHARED RESOURCES; ¢• Services are tracked with usage metrics to enable the “pay-as-you-go model” PAY PER USE; ¢• Services are delivered through use of Web identifiers, standards, formats and protocols and with an identical access UBIQUITOUS NETWORK ACCESS; Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
3 types of services Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
Software as a service (SAAS) ○ The service provided makes use of the provider’s applications accessible through a client interface, such as a web browser (ex: Gmail). ○ The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system, the storage and cannot add specific development (even if there are limited user specific application configuration settings). ○ Offers: Billing, Financials, Legal, Sales, Desktop productivity, Human Resources, Content Management, Backup & Recovery, CRM (Customer Relationship Management), Document Management, Collaboration Tools, Social Networks. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
Platform as a service (PAAS) The service provided consists in the deployment of consumercreated applications on the provider’s infrastructure and the use of programming languages and tools supported by the platform (ex: Java or Python available on Google App Engine). ○ The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system and the storage but he has control over the deployed applications, and occasionally application hosting environment configurations. ○ Offers: General purpose, Business intelligence, Integration, Development & Testing, Database. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
Platform as a Service (PaaS) Now you don’t need to invest millions of $$$ to get that development foundation ready for your developers. The PaaS provider will deliver the platform on the web, and in most of the cases you can consume the platform using your browser, i.e. no need to download any software. It has definitely empowered small & mid-size companies or even an individual developer to launch their own SaaS leveraging the power of these platform providers, without any initial investment. PaaS Examples Google App Engine and Windows Azure are examples of Cloud OS. OrangesScape & Wolf PaaS are cloud middleware. http://www.techno- pulse.com/
INFRASTRUCTURE AS A SERVICE (IAAS) The service provided gives the possibility to rent resources, such as processing, storage or bandwidth, and allows the consumer to deploy and run anysoftware (operating systems and/or applications). The consumer doesn’t manage and control the infrastructure but he controls the operating system, the storage, the deployed applications, and occasionally networking components (firewall, load balancing). Some providers offer to manage the application if the latter is not too specific and is compatible with the perimeter of their offer. o Offers: Storage, Compute, Services Management. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
Infrastructure as a Service (IaaS) This is the base layer of the cloud stack. It serves as a foundation for the other two layers, for their execution. The keyword behind this stack is Virtualization. Let us try to understand this using Amazon EC2. In Amazon EC2 (Elastic Compute Cloud) your application will be executed on a virtual computer (instance). You have the choice of virtual computer, where you can select a configuration of CPU, memory & storage that is optimal for your application. The whole cloud infrastructure viz. servers, routers, hardware based load-balancing, firewalls, storage & other network equipments are provided by the IaaS provider. The customer buy these resources as a service on a need basis. http://www.techno- pulse.com/
Is this just Hosting 2.0?
No, they have different architectures
 and business model Cloud Players Hosting Players Only few can afford billions dollar investment on data centers Hundreds of them around the world
Hosting Players Often yearly Your contracts Cloud Players Pay As You Go Pay only what you use
Hosting Players Reliability, High Availability, Capacity Elasticity Cloud Players Built-in Redundancy Virtually unlimited 
 storage, computing power You have to manage reliability, fail over yourself Bring your own or rent servers to increase capacity
Who controls what ? Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
CLOUD AND PRIVACY SOURCE: http://fr.slideshare.net/ISPABelgium/cloud-computing-legal-issues-3195424?qid=18bb64e0-9210-424a-8a67-1d356af61e27&v=qf1&b=&from_
SOURCE: http://fr.slideshare.net/ISPABelgium/cloud-computing-legal-issues-3195424?qid=18bb64e0-9210-424a-8a67-1d356af61e27&v=qf1&b=&from_
SOURCE: http://fr.slideshare.net/ISPABelgium/cloud-computing-legal-issues-3195424?qid=18bb64e0-9210-424a-8a67-1d356af61e27&v=qf1&b=&from_
SOURCE: http://fr.slideshare.net/ISPABelgium/cloud-computing-legal-issues-3195424?qid=18bb64e0-9210-424a-8a67-1d356af61e27&v=qf1&b=&from_
SOURCE: http://fr.slideshare.net/ISPABelgium/cloud-computing-legal-issues-3195424?qid=18bb64e0-9210-424a-8a67-1d356af61e27&v=qf1&b=&from_
CLOUD COMPUTING CONTRACTS ARE COMPLEX
TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
CONCLUSION DATA PRIVACY IS AN IMPORTANT ISSUE FOR ANY PURCHASING DEPARTMENT BECAUSE IT HAS CONSEQUENCES IN MANY CONTRACTS AND IN PARTICULAR FOR CLOUD COMPUTING 95
SECURITY ???
87 “It is not the strongest of the species that survives, nor the most intelligent that survives. It is the one that is the most adaptable to change.” C. Darwin
ANY QUESTIONS ?
DATA PRIVACY, CLOUD & PURCHASING DEPARTMENT

Recommandé

data privacy
data privacydata privacy
data privacyProf. Jacques Folon (Ph.D)
 
Ichec dig strat gdpr
Ichec dig strat gdpr Ichec dig strat gdpr
Ichec dig strat gdpr Prof. Jacques Folon (Ph.D)
 
DATA PRIVACY
DATA PRIVACYDATA PRIVACY
DATA PRIVACYProf. Jacques Folon (Ph.D)
 
Esc gdpr oct 2018
Esc gdpr oct 2018Esc gdpr oct 2018
Esc gdpr oct 2018Prof. Jacques Folon (Ph.D)
 
Example Association Internal GDPR Policy
Example Association Internal GDPR PolicyExample Association Internal GDPR Policy
Example Association Internal GDPR PolicyLen Murphy
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)AltheimPrivacy
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
IAB Digital Advertising Guidance : special category data under the gdpr - 2020
IAB Digital Advertising Guidance : special category data under the gdpr - 2020IAB Digital Advertising Guidance : special category data under the gdpr - 2020
IAB Digital Advertising Guidance : special category data under the gdpr - 2020Fullstaak
 

Recommandé

data privacy
data privacydata privacy
data privacyProf. Jacques Folon (Ph.D)
 
Ichec dig strat gdpr
Ichec dig strat gdpr Ichec dig strat gdpr
Ichec dig strat gdpr Prof. Jacques Folon (Ph.D)
 
DATA PRIVACY
DATA PRIVACYDATA PRIVACY
DATA PRIVACYProf. Jacques Folon (Ph.D)
 
Esc gdpr oct 2018
Esc gdpr oct 2018Esc gdpr oct 2018
Esc gdpr oct 2018Prof. Jacques Folon (Ph.D)
 
Example Association Internal GDPR Policy
Example Association Internal GDPR PolicyExample Association Internal GDPR Policy
Example Association Internal GDPR PolicyLen Murphy
 
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)
Security and Privacy in Deals (altheim & mahajan)(6-3 -2015)AltheimPrivacy
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
IAB Digital Advertising Guidance : special category data under the gdpr - 2020
IAB Digital Advertising Guidance : special category data under the gdpr - 2020IAB Digital Advertising Guidance : special category data under the gdpr - 2020
IAB Digital Advertising Guidance : special category data under the gdpr - 2020Fullstaak
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
The Privacy Advantage 2016 - Ruth Boardman
The Privacy Advantage 2016 - Ruth BoardmanThe Privacy Advantage 2016 - Ruth Boardman
The Privacy Advantage 2016 - Ruth BoardmanKrowdthink
 
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?TrustArc
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)Extentia Information Technology
 
Are You GDPR Ready?
Are You GDPR Ready?Are You GDPR Ready?
Are You GDPR Ready?NICSA
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationN N
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
Conducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceConducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceFintan Swanton
 
GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization Vishnuvarthanan Moorthy
 
GDPR Summary
GDPR SummaryGDPR Summary
GDPR SummaryMartyn Ripley
 
Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Nanda Mohan Shenoy
 
GDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterGDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterBrowne Jacobson LLP
 
GDPR Introduction and overview
GDPR Introduction and overviewGDPR Introduction and overview
GDPR Introduction and overviewJane Lambert
 
GDPR, Data Privacy.
GDPR, Data Privacy.GDPR, Data Privacy.
GDPR, Data Privacy.Liviu Claudiu Cismaru
 
GDPR Presentation
GDPR PresentationGDPR Presentation
GDPR PresentationCILIP Ireland
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Werksmans Attorneys
 
DPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, LondonDPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, LondonBrowne Jacobson LLP
 
GDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamGDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamBrowne Jacobson LLP
 
DPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamDPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamBrowne Jacobson LLP
 
General data protection regulation
General data protection regulationGeneral data protection regulation
General data protection regulationFahad Ameen
 
LEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.com
LEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.comLEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.com
LEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.comWolfgang Stolle
 
Workplace Privacy
Workplace PrivacyWorkplace Privacy
Workplace Privacy- Mark - Fullbright
 

Contenu connexe

Tendances

Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
The Privacy Advantage 2016 - Ruth Boardman
The Privacy Advantage 2016 - Ruth BoardmanThe Privacy Advantage 2016 - Ruth Boardman
The Privacy Advantage 2016 - Ruth BoardmanKrowdthink
 
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?TrustArc
 
Are You GDPR Ready?
Are You GDPR Ready?Are You GDPR Ready?
Are You GDPR Ready?NICSA
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationN N
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
Conducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceConducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceFintan Swanton
 
GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization Vishnuvarthanan Moorthy
 
Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Nanda Mohan Shenoy
 
GDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterGDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterBrowne Jacobson LLP
 
GDPR Introduction and overview
GDPR Introduction and overviewGDPR Introduction and overview
GDPR Introduction and overviewJane Lambert
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Werksmans Attorneys
 
DPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, LondonDPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, LondonBrowne Jacobson LLP
 
GDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamGDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamBrowne Jacobson LLP
 
DPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamDPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamBrowne Jacobson LLP
 
General data protection regulation
General data protection regulationGeneral data protection regulation
General data protection regulationFahad Ameen
 

Tendances (20)

Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
 
The Privacy Advantage 2016 - Ruth Boardman
The Privacy Advantage 2016 - Ruth BoardmanThe Privacy Advantage 2016 - Ruth Boardman
The Privacy Advantage 2016 - Ruth Boardman
 
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
EU Update: Applying the new SCCs, or ‘just’ the complete GDPR?
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
Are You GDPR Ready?
Are You GDPR Ready?Are You GDPR Ready?
Are You GDPR Ready?
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulation
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...
 
Conducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceConducting a self-audit of data protection compliance
Conducting a self-audit of data protection compliance
 
GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization
 
GDPR Summary
GDPR SummaryGDPR Summary
GDPR Summary
 
Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019
 
GDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, ManchesterGDPR for public sector DPO's seminar, April 2018, Manchester
GDPR for public sector DPO's seminar, April 2018, Manchester
 
GDPR Introduction and overview
GDPR Introduction and overviewGDPR Introduction and overview
GDPR Introduction and overview
 
GDPR, Data Privacy.
GDPR, Data Privacy.GDPR, Data Privacy.
GDPR, Data Privacy.
 
GDPR Presentation
GDPR PresentationGDPR Presentation
GDPR Presentation
 
Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...Put your left leg in, put your left leg out: the exclusions and exemptions of...
Put your left leg in, put your left leg out: the exclusions and exemptions of...
 
DPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, LondonDPOs in the public sector, May 2018, London
DPOs in the public sector, May 2018, London
 
GDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, NottinghamGDPR for public sector DPO's, April 2018, Nottingham
GDPR for public sector DPO's, April 2018, Nottingham
 
DPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, BirminghamDPOs in the public sector, May 2018, Birmingham
DPOs in the public sector, May 2018, Birmingham
 
General data protection regulation
General data protection regulationGeneral data protection regulation
General data protection regulation
 

En vedette

LEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.com
LEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.comLEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.com
LEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.comWolfgang Stolle
 
Chapter 05 Digital Safety and Security
Chapter 05 Digital Safety and SecurityChapter 05 Digital Safety and Security
Chapter 05 Digital Safety and Securityxtin101
 
Privacy in a digital world
Privacy in a digital worldPrivacy in a digital world
Privacy in a digital worldrobkitchin
 
Privacy , Security and Ethics Presentation
Privacy , Security and Ethics PresentationPrivacy , Security and Ethics Presentation
Privacy , Security and Ethics PresentationHajarul Cikyen
 
Data Privacy and Protection Presentation
Data Privacy and Protection PresentationData Privacy and Protection Presentation
Data Privacy and Protection Presentationmlw32785
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Smau Firenze 2016 - dirICTo
Smau Firenze 2016 - dirICToSmau Firenze 2016 - dirICTo
Smau Firenze 2016 - dirICToSMAU
 
Workplace safety and health
Workplace safety and healthWorkplace safety and health
Workplace safety and healthshiva5717
 
SM Impact and Ethics in Workplace_Atansuyi, Kostak and Manhanga_073012_FINAL
SM Impact and Ethics in Workplace_Atansuyi, Kostak and Manhanga_073012_FINALSM Impact and Ethics in Workplace_Atansuyi, Kostak and Manhanga_073012_FINAL
SM Impact and Ethics in Workplace_Atansuyi, Kostak and Manhanga_073012_FINALJohn Kostak
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
 

En vedette (14)

LEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.com
LEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.comLEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.com
LEVI Trident, 1963, £44,950 For Sale Brochure. Presented By yachtingelite.com
 
Workplace Privacy
Workplace PrivacyWorkplace Privacy
Workplace Privacy
 
Privacy and Data Protection
Privacy and Data ProtectionPrivacy and Data Protection
Privacy and Data Protection
 
Workplace Privacy (excerpt)
Workplace Privacy (excerpt)Workplace Privacy (excerpt)
Workplace Privacy (excerpt)
 
Chapter 05 Digital Safety and Security
Chapter 05 Digital Safety and SecurityChapter 05 Digital Safety and Security
Chapter 05 Digital Safety and Security
 
Privacy in a digital world
Privacy in a digital worldPrivacy in a digital world
Privacy in a digital world
 
Privacy & Data Protection in the Digital World
Privacy & Data Protection in the Digital WorldPrivacy & Data Protection in the Digital World
Privacy & Data Protection in the Digital World
 
Privacy , Security and Ethics Presentation
Privacy , Security and Ethics PresentationPrivacy , Security and Ethics Presentation
Privacy , Security and Ethics Presentation
 
Data Privacy and Protection Presentation
Data Privacy and Protection PresentationData Privacy and Protection Presentation
Data Privacy and Protection Presentation
 
Data protection ppt
Data protection pptData protection ppt
Data protection ppt
 
Smau Firenze 2016 - dirICTo
Smau Firenze 2016 - dirICToSmau Firenze 2016 - dirICTo
Smau Firenze 2016 - dirICTo
 
Workplace safety and health
Workplace safety and healthWorkplace safety and health
Workplace safety and health
 
SM Impact and Ethics in Workplace_Atansuyi, Kostak and Manhanga_073012_FINAL
SM Impact and Ethics in Workplace_Atansuyi, Kostak and Manhanga_073012_FINALSM Impact and Ethics in Workplace_Atansuyi, Kostak and Manhanga_073012_FINAL
SM Impact and Ethics in Workplace_Atansuyi, Kostak and Manhanga_073012_FINAL
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hr
 

Similaire à DATA PRIVACY, CLOUD & PURCHASING DEPARTMENT

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!Fintan Swanton
 
GDPR: Protecting Your Data
GDPR: Protecting Your DataGDPR: Protecting Your Data
GDPR: Protecting Your DataUlf Mattsson
 
EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017Cliff Ashcroft
 
Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson LLP
 
Data protection regulation
Data protection regulationData protection regulation
Data protection regulationGreg Ezeilo
 
Niall Rooney FD Event 05.09.19
Niall Rooney FD Event 05.09.19Niall Rooney FD Event 05.09.19
Niall Rooney FD Event 05.09.19Niall Rooney
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
 
The ASEAN Data Protection Index 2020
The ASEAN Data Protection Index 2020The ASEAN Data Protection Index 2020
The ASEAN Data Protection Index 2020FairTechInstitute
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRNupur Samaddar
 
Group 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxGroup 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxStephenQuijano3
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Kirk Go
 
GDPR compliance process and maturity/readiness assessment checklist
GDPR compliance process and maturity/readiness assessment checklistGDPR compliance process and maturity/readiness assessment checklist
GDPR compliance process and maturity/readiness assessment checklistEz Fahmy
 

Similaire à DATA PRIVACY, CLOUD & PURCHASING DEPARTMENT (20)

Data privacy and digital strategy
Data privacy and digital strategyData privacy and digital strategy
Data privacy and digital strategy
 
Digital law and GDPR
Digital law and GDPRDigital law and GDPR
Digital law and GDPR
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!
 
Esc Rennes gdpr oct 2018
Esc Rennes gdpr oct 2018Esc Rennes gdpr oct 2018
Esc Rennes gdpr oct 2018
 
GDPR: Protecting Your Data
GDPR: Protecting Your DataGDPR: Protecting Your Data
GDPR: Protecting Your Data
 
EU GDPR (training)
EU GDPR (training) EU GDPR (training)
EU GDPR (training)
 
Ichec & ESC gdpr feb 2020
Ichec & ESC gdpr feb 2020Ichec & ESC gdpr feb 2020
Ichec & ESC gdpr feb 2020
 
EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017
 
Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017
 
Data protection regulation
Data protection regulationData protection regulation
Data protection regulation
 
Niall Rooney FD Event 05.09.19
Niall Rooney FD Event 05.09.19Niall Rooney FD Event 05.09.19
Niall Rooney FD Event 05.09.19
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
 
Data Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxData Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptx
 
The ASEAN Data Protection Index 2020
The ASEAN Data Protection Index 2020The ASEAN Data Protection Index 2020
The ASEAN Data Protection Index 2020
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPR
 
Group 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptxGroup 5 Banking Laws Semi Finals.pptx
Group 5 Banking Laws Semi Finals.pptx
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)
 
GDPR compliance process and maturity/readiness assessment checklist
GDPR compliance process and maturity/readiness assessment checklistGDPR compliance process and maturity/readiness assessment checklist
GDPR compliance process and maturity/readiness assessment checklist
 

Plus de Prof. Jacques Folon (Ph.D)

Rh et data DANS LE MONDE APRÈS LE CONFINEMENT
Rh et data DANS LE MONDE APRÈS LE CONFINEMENTRh et data DANS LE MONDE APRÈS LE CONFINEMENT
Rh et data DANS LE MONDE APRÈS LE CONFINEMENTProf. Jacques Folon (Ph.D)
 

Plus de Prof. Jacques Folon (Ph.D) (20)

Introduction to digital strategy
Introduction to digital strategy Introduction to digital strategy
Introduction to digital strategy
 
Ifc jour 1 dpo
Ifc jour 1 dpoIfc jour 1 dpo
Ifc jour 1 dpo
 
Cpas divers sujets
Cpas divers sujets Cpas divers sujets
Cpas divers sujets
 
Ferrer premier cours octobre 2021
Ferrer premier cours octobre 2021Ferrer premier cours octobre 2021
Ferrer premier cours octobre 2021
 
premier cours saint louis sept 2021
premier cours saint louis sept 2021premier cours saint louis sept 2021
premier cours saint louis sept 2021
 
Cmd premier cours sept 2021
Cmd premier cours sept 2021Cmd premier cours sept 2021
Cmd premier cours sept 2021
 
CPAS ET RGPD : direction et DPO
CPAS ET RGPD : direction et DPO CPAS ET RGPD : direction et DPO
CPAS ET RGPD : direction et DPO
 
le RGPD fossoyeur du marketing digital ?
le RGPD fossoyeur du marketing digital ?le RGPD fossoyeur du marketing digital ?
le RGPD fossoyeur du marketing digital ?
 
Ifc gdpr strat digit mai 2021
Ifc gdpr strat digit mai 2021Ifc gdpr strat digit mai 2021
Ifc gdpr strat digit mai 2021
 
Pandemie et vie privee
Pandemie et vie priveePandemie et vie privee
Pandemie et vie privee
 
GDPR & digital strategy
GDPR & digital strategyGDPR & digital strategy
GDPR & digital strategy
 
Cmd de la stratégie au marketing digital
Cmd de la stratégie au marketing digitalCmd de la stratégie au marketing digital
Cmd de la stratégie au marketing digital
 
Ichec ipr feb 2021
Ichec ipr feb 2021Ichec ipr feb 2021
Ichec ipr feb 2021
 
Strategy for digital business class #1
Strategy for digital business class #1Strategy for digital business class #1
Strategy for digital business class #1
 
E comm et rgpd
E comm et rgpdE comm et rgpd
E comm et rgpd
 
Cmd premier cours
Cmd premier coursCmd premier cours
Cmd premier cours
 
Cmd cours 1
Cmd cours 1Cmd cours 1
Cmd cours 1
 
Le dossier RGPD
Le dossier RGPDLe dossier RGPD
Le dossier RGPD
 
Rh et data DANS LE MONDE APRÈS LE CONFINEMENT
Rh et data DANS LE MONDE APRÈS LE CONFINEMENTRh et data DANS LE MONDE APRÈS LE CONFINEMENT
Rh et data DANS LE MONDE APRÈS LE CONFINEMENT
 
RGPD et stratégie digitale
RGPD et stratégie digitaleRGPD et stratégie digitale
RGPD et stratégie digitale
 

Dernier

AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
Culture Uniformity or Diversity IN SOCIOLOGY.pptx
Culture Uniformity or Diversity IN SOCIOLOGY.pptxCulture Uniformity or Diversity IN SOCIOLOGY.pptx
Culture Uniformity or Diversity IN SOCIOLOGY.pptxPoojaSen20
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
FILIPINO PSYCHology sikolohiyang pilipino
FILIPINO PSYCHology sikolohiyang pilipinoFILIPINO PSYCHology sikolohiyang pilipino
FILIPINO PSYCHology sikolohiyang pilipinojohnmickonozaleda
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 

Dernier (20)

AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
Culture Uniformity or Diversity IN SOCIOLOGY.pptx
Culture Uniformity or Diversity IN SOCIOLOGY.pptxCulture Uniformity or Diversity IN SOCIOLOGY.pptx
Culture Uniformity or Diversity IN SOCIOLOGY.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
FILIPINO PSYCHology sikolohiyang pilipino
FILIPINO PSYCHology sikolohiyang pilipinoFILIPINO PSYCHology sikolohiyang pilipino
FILIPINO PSYCHology sikolohiyang pilipino
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 

DATA PRIVACY, CLOUD & PURCHASING DEPARTMENT

  • 1. DATA PRIVACY & PURCHASING DEPARTMENT  Jacques  Folon   www.folon.com   Partner  Edge  Consulting   Maître  de  conférences     Université  de  Liège     Chargé  de  cours     ICHEC  Brussels     Professeur  invité     Université  de  Lorraine   ESC  Rennes   IACE  Tunis     IAM  OUagadougou   http://www.nyls.edu/institute_for_information_law_and_policy/conferences/visualizing_law_in_the_digital_age/
  • 2. All presentation and resources are available on WWW.FOLON.COM (cours)
  • 3. TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
  • 5.
  • 6. 4 By giving people the power to share, we're making the world more transparent. The question isn't, 'What do we want to know about people?', It's, 'What do people want to tell about themselves?' Data privacy is outdated ! Mark Zuckerberg If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place. Eric Schmidt
  • 7. From Big Brother to Big Other
  • 8. http://fr.slideshare.net/bodyspacesociety/casilli-privacyehess-2012def Antonio Casili • Importance of T&C • Everybody speaks • mutual surveillance • Lateral surveillance
  • 11. Interactions controlled by citizens in the Information Society http://ipts.jrc.ec.europa.eu/home/report/english/articles/vol79/ICT1E796.htm
  • 12. Interactions NOT controlled by citizens in the Information Society http://ipts.jrc.ec.europa.eu/home/report/english/articles/vol79/ICT1E796.htm
  • 13. TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
  • 15. 'personal data' shall mean any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity
  • 16. 'processing of personal data' ('processing') shall mean any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction
  • 17. personal data filing system' ('filing system') shall mean any structured set of personal data which are accessible according to specific criteria, whether centralized, decentralized or dispersed on a functional or geographical basis
  • 18. 121 controller shall mean the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by national or Community laws or regulations, the controller or the specific criteria for his nomination may be designated by national or Community law;
  • 19. 19 'the data subject's consent' shall mean any freely given specific and informed indication of his wishes by which the data subject signifies his agreement to personal data relating to him being processed
  • 20. 20 Member States shall provide that personal data must be: (a) processed fairly and lawfully; (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Member States provide appropriate safeguards; (c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use.
  • 21. 21 Member States shall provide that personal data may be processed only if: (a) the data subject has unambiguously given his consent; or (b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; or (c) processing is necessary for compliance with a legal obligation to which the controller is subject; or (d) processing is necessary in order to protect the vital interests of the data subject; or (e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data are disclosed
  • 22. 22 Member States shall prohibit the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of data concerning health or sex life
  • 23. 125 Member States shall provide that the controller or his representative must provide a data subject from whom data relating to himself are collected with at least the following information, except where he already has it: (a) the identity of the controller and of his representative, if any; (b) the purposes of the processing for which the data are intended; (c) any further information such as - the recipients or categories of recipients of the data, - whether replies to the questions are obligatory or voluntary, as well as the possible consequences of failure to reply, - the existence of the right of access to and the right to rectify the data concerning him in so far as such further information is necessary, having regard to the specific circumstances in which the data are collected, to guarantee fair processing in respect of the data subject
  • 24. 24 Right of access Member States shall guarantee every data subject the right to obtain from the controller: (a) without constraint at reasonable intervals and without excessive delay or expense: - confirmation as to whether or not data relating to him are being processed and information at least as to the purposes of the processing, the categories of data concerned, and the recipients or categories of recipients to whom the data are disclosed, - communication to him in an intelligible form of the data undergoing processing and of any available information as to their source, - knowledge of the logic involved in any automatic processing of data concerning him at least in the case of the automated decisions referred to in Article 15 (1); (b) as appropriate the rectification, erasure or blocking of data the processing of which does not comply with the provisions of this Directive, in particular because of the incomplete or inaccurate nature of the data; (c) notification to third parties to whom the data have been disclosed of any rectification, erasure or blocking carried out in compliance with (b), unless this proves impossible or involves a disproportionate effort
  • 25. TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
  • 27. 27
  • 29. TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
  • 30. international transfer & in particular cloud computing
  • 31. Importance of data privacy issues for contracts with sub contractors
  • 32. Sub-contractor’s choice 129 The Member States shall provide that the controller must, where processing is carried out on his behalf, choose a processor providing sufficient guarantees in respect of the technical security measures and organizational measures governing the processing to be carried out, and must ensure compliance with those measures
  • 33. 33 The carrying out of processing by way of a processor must be governed by a contract or legal act binding the processor to the controller and stipulating in particular that: - the processor shall act only on instructions from the controller, - the obligations as defined by the law of the Member State in which the processor is established, shall also be incumbent on the processor
  • 34. TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
  • 35. DATA SECURITY IS A KEY ELEMENT IN SUPPLYER’S CONTRACTS SOURCE DE L’IMAGE: http://www.techzim.co.zw/2010/05/why-organisations-should-worry-about-security-2/
  • 37. Everything must be transparent AND YOU NEED TO HAVE THE SYSTEM IN ORDER TO DEFEND YOUR COMPANY IN COURT
  • 38.
  • 39. Article 16 Confidentiality of processing Any person acting under the authority of the controller or of the processor, including the processor himself, who has access to personal data must not process them except on instructions from the controller, unless he is required to do so by law
  • 40. IAM
  • 41. Member States shall provide that the controller must implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing. Having regard to the state of the art and the cost of their implementation, such measures shall ensure a level of security appropriate to the risks represented by the processing and the nature of the data to be protected.
  • 42. 48
  • 43. 86 SECURITY IS A LEGAL OBLIGATION
  • 44. TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
  • 45. What your boss thinks...
  • 46. Employees share (too) many information and also with third parties
  • 47.
  • 48. INTERNAL TRAININGS ARE NEEDED IN THE PURCHASING DEPARTMENT
  • 49. Where do one steal data? •Banks •Hospitals •Ministries •Police •Newspapers •Telecoms •... Which devices are stolen? •USB •Laptops •Hard disks •Papers •Binders •Cars
  • 51. 51
  • 52.
  • 53. 154 Source de l’image : http://ediscoverytimes.com/?p=46
  • 54. DATA SECURITY IS REQUESTED BY LAW AND IT IS THE COMPANY’S RESPONSIBILITY
  • 55.
  • 56. Control by the employer 161SOURCE DE L’IMAGE: http://blog.loadingdata.nl/2011/05/chinese-privacy-protection-to-top-american/
  • 57. SO CALLED HIDDEN COSTS 46 http://www.theatlantic.com/technology/archive/2011/09/estimating-the-damage-to-the-us-economy-caused-by-angry-birds/244972/
  • 58. Phishing Sources/ Luc Pooters, Triforensic, 2011
  • 60. Social engineering Sources/ Luc Pooters, Triforensic, 2011
  • 61. May the employer control everything?
  • 63. Could my employer open my emails? 169
  • 65.
  • 66.
  • 67.
  • 70. TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
  • 71. Source: Wikipedia CLOUD COMPUTING CONTRACTS A SPECIFIC EXAMPLE OF DATA PRIVACY ISSUES
  • 72.
  • 73. Five key characteristics, ¢• A service-oriented technology, where consumer concerns are abstracted from provider concerns, and that is ready-to-use SERVICE BASED; ¢• Services scale on-demand to add or remove resources as needed RAPID ELASTICITY AND SCALABILITY; ¢• Services share a pool of resources to build economies of scale SHARED RESOURCES; ¢• Services are tracked with usage metrics to enable the “pay-as-you-go model” PAY PER USE; ¢• Services are delivered through use of Web identifiers, standards, formats and protocols and with an identical access UBIQUITOUS NETWORK ACCESS; Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
  • 74. 3 types of services Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
  • 75. Software as a service (SAAS) ○ The service provided makes use of the provider’s applications accessible through a client interface, such as a web browser (ex: Gmail). ○ The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system, the storage and cannot add specific development (even if there are limited user specific application configuration settings). ○ Offers: Billing, Financials, Legal, Sales, Desktop productivity, Human Resources, Content Management, Backup & Recovery, CRM (Customer Relationship Management), Document Management, Collaboration Tools, Social Networks. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
  • 76. Platform as a service (PAAS) The service provided consists in the deployment of consumercreated applications on the provider’s infrastructure and the use of programming languages and tools supported by the platform (ex: Java or Python available on Google App Engine). ○ The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system and the storage but he has control over the deployed applications, and occasionally application hosting environment configurations. ○ Offers: General purpose, Business intelligence, Integration, Development & Testing, Database. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
  • 77. Platform as a Service (PaaS) Now you don’t need to invest millions of $$$ to get that development foundation ready for your developers. The PaaS provider will deliver the platform on the web, and in most of the cases you can consume the platform using your browser, i.e. no need to download any software. It has definitely empowered small & mid-size companies or even an individual developer to launch their own SaaS leveraging the power of these platform providers, without any initial investment. PaaS Examples Google App Engine and Windows Azure are examples of Cloud OS. OrangesScape & Wolf PaaS are cloud middleware. http://www.techno- pulse.com/
  • 78. INFRASTRUCTURE AS A SERVICE (IAAS) The service provided gives the possibility to rent resources, such as processing, storage or bandwidth, and allows the consumer to deploy and run anysoftware (operating systems and/or applications). The consumer doesn’t manage and control the infrastructure but he controls the operating system, the storage, the deployed applications, and occasionally networking components (firewall, load balancing). Some providers offer to manage the application if the latter is not too specific and is compatible with the perimeter of their offer. o Offers: Storage, Compute, Services Management. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud- computing-in-france
  • 79. Infrastructure as a Service (IaaS) This is the base layer of the cloud stack. It serves as a foundation for the other two layers, for their execution. The keyword behind this stack is Virtualization. Let us try to understand this using Amazon EC2. In Amazon EC2 (Elastic Compute Cloud) your application will be executed on a virtual computer (instance). You have the choice of virtual computer, where you can select a configuration of CPU, memory & storage that is optimal for your application. The whole cloud infrastructure viz. servers, routers, hardware based load-balancing, firewalls, storage & other network equipments are provided by the IaaS provider. The customer buy these resources as a service on a need basis. http://www.techno- pulse.com/
  • 81. No, they have different architectures
 and business model Cloud Players Hosting Players Only few can afford billions dollar investment on data centers Hundreds of them around the world
  • 82. Hosting Players Often yearly Your contracts Cloud Players Pay As You Go Pay only what you use
  • 83. Hosting Players Reliability, High Availability, Capacity Elasticity Cloud Players Built-in Redundancy Virtually unlimited 
 storage, computing power You have to manage reliability, fail over yourself Bring your own or rent servers to increase capacity
  • 84. Who controls what ? Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
  • 85. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • 86. CLOUD AND PRIVACY SOURCE: http://fr.slideshare.net/ISPABelgium/cloud-computing-legal-issues-3195424?qid=18bb64e0-9210-424a-8a67-1d356af61e27&v=qf1&b=&from_
  • 91.
  • 92.
  • 94. TABLE OF CONTENT1.THE END OF DATA PRIVACY ? 2.A FEW DEFINITIONS 3.DATA ARCHIVING 4.DATA PRIVACY ISSUES IN SUPPLIER’S CONTRACTS 5.SECURITY ASPECTS & LIABILITY 6.EMPLOYEES ARE THE WEAKEST LINK 7.DATA PRIVACY AND CLOUD COMPUTING 8.CONCLUSION
  • 95. CONCLUSION DATA PRIVACY IS AN IMPORTANT ISSUE FOR ANY PURCHASING DEPARTMENT BECAUSE IT HAS CONSEQUENCES IN MANY CONTRACTS AND IN PARTICULAR FOR CLOUD COMPUTING 95
  • 97. 87 “It is not the strongest of the species that survives, nor the most intelligent that survives. It is the one that is the most adaptable to change.” C. Darwin
  • 98.