SlideShare une entreprise Scribd logo

Preparing for the GDPR

RIPE NCC
RIPE NCC

Presentation given by Mirjam Kühne at 53rd TF-CSIRT in Hamburg, Germany on 5 February 2018

Technologie
1  sur  16
Télécharger pour lire hors ligne
22 January 2018 | 53rd TF-CSIRT Meeting Mirjam Kühne (slides by Athina Fragkouli) RIPE NCC Preparing for the GDPR
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 2 General Data Protection Regulation • Adopted in April 2017 • Replacing the EU Data Protection Directive • In effect from May 2018
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 3 The RIPE NCC • Not-for-profit • Membership-based organisation • The registration authority for Internet number resources in its service region - Operation of the publicly available RIPE Database - Maintenance of non public registration information • Important role for the operations of the Internet globally - Accountability and clear governance procedures are vital!
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 4 Data Protection by the RIPE NCC • The RIPE NCC already covered by the EU Data Protection Directive - Based in the Netherlands • In 2006 the RIPE Community established the Data Protection Task Force (DPTF) - Mandate to recommend steps for the implementation of the Directive - Developed procedures and legal framework with the RIPE NCC • Data Protection Report - https://www.ripe.net/about-us/legal/ripe-ncc-data-protection-report
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 5 RIPE NCC Service Region
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 6 Involvement in Legislative Discussions • 2009 - EU public consultation on the legal framework for the fundamental right to protection of personal data • The RIPE NCC submitted an opinion “[…] The RIPE NCC considers that personal data related to the operators of the Internet should be easily available to each other, both inside and outside the EU, in order for those individuals to be able to contact one another to coordinate the proper functioning of the Internet around the world. […]”
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 7 Today: Preparing for the GDPR • GDPR a good opportunity for a general review of all data sets processed by the RIPE NCC • March 2017 - establishment of internal project - Review all personal data processed by the RIPE NCC - Project team consists of two legal counsels and two security officers - Support by colleagues of all department - Engagement of external legal counsels, industry partners etc. - Communication and consultations with RIPE community is essential
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 8 Work So Far • Catalogue of all data sets processed by the RIPE NCC • Reviewing compliance with GDPR • Areas of focus - RIPE Database - Retention of personal data - Internal process of all personal data - Other RIPE NCC services
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 9 The RIPE Database (1) • The purpose described in Article 3 of the RIPE Database Terms and Conditions - Established by the RIPE Community and the Data Protection Task Force • Among others, it states: - “Facilitating coordination between network operators (network problem resolution, outage notification etc)” • For this purpose, crucial to have publicly available contact information of individuals - E.g. cases of cyber attacks, quick contact among operators that have no direct (business) relations
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 10 The RIPE Database (2) • Legal basis for the processing - Sharing contact information by the resource holders is part of their responsibility - If contact information of resource holder’s employee —> legal basis depends on their working relationship - If contact information of resource holder’s customers —> depends on customer’s responsibilities - Personal data removal procedure: ๏ https://www.ripe.net/manage-ips-and-asns/db/support/documentation/removal- of-personal-data
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 11 More Details on RIPE Labs https://labs.ripe.net/gdpr
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 12 Retention of Personal Data • Personal data maintained for as long as justified by the purpose of obtaining it • Carefully review the purpose for every data set • Focus on RIPE Registry data - Information about old non-publicly available personal data - Registry role similar to Land Register - Historic information important in resolving possible future disputes over Internet number resource registrations
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 13 Internal Processing of Personal Data • Review of internal policies, including: - Who is authorised to have access - How personal data is stored (security aspects) - Making sure we comply to all GDPR aspects
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 14 Other RIPE NCC Services • RIPE Atlas • Meetings registration • Websites operated by the RIPE NCC
Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 15 Stay Tuned! • Series of RIPE Labs articles describing the GDPR preparations - https://labs.ripe.net/gdpr • Webpages dedicated to GDPR - https://www.ripe.net/about-us/legal/corporate-governance/ gdpr-and-the-ripe-ncc
Questions mir@ripe.net @mir_ripe_labs

Recommandé

EDF2014: Harry Theocharis, General Secretary of Public Revenue in the Ministr...
EDF2014: Harry Theocharis, General Secretary of Public Revenue in the Ministr...EDF2014: Harry Theocharis, General Secretary of Public Revenue in the Ministr...
EDF2014: Harry Theocharis, General Secretary of Public Revenue in the Ministr...European Data Forum
 
SAP Business One
SAP Business OneSAP Business One
SAP Business OneAGSanePLDTCompany
 
GDPR in a nutshell
GDPR in a nutshellGDPR in a nutshell
GDPR in a nutshellInitio
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPRPriyab Satoshi
 
GDPR: Key Article Overview
GDPR: Key Article OverviewGDPR: Key Article Overview
GDPR: Key Article OverviewCraig Clark ITIL, CIS LI,EU GDPR P
 
Cathal ryan
Cathal ryanCathal ryan
Cathal ryanHIQAHIS
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRIT Governance Ltd
 
Datum DPO outsourced May 2016
Datum DPO outsourced May 2016Datum DPO outsourced May 2016
Datum DPO outsourced May 2016Mark Honeyball
 

Recommandé

EDF2014: Harry Theocharis, General Secretary of Public Revenue in the Ministr...
EDF2014: Harry Theocharis, General Secretary of Public Revenue in the Ministr...EDF2014: Harry Theocharis, General Secretary of Public Revenue in the Ministr...
EDF2014: Harry Theocharis, General Secretary of Public Revenue in the Ministr...European Data Forum
 
SAP Business One
SAP Business OneSAP Business One
SAP Business OneAGSanePLDTCompany
 
GDPR in a nutshell
GDPR in a nutshellGDPR in a nutshell
GDPR in a nutshellInitio
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPRPriyab Satoshi
 
GDPR: Key Article Overview
GDPR: Key Article OverviewGDPR: Key Article Overview
GDPR: Key Article OverviewCraig Clark ITIL, CIS LI,EU GDPR P
 
Cathal ryan
Cathal ryanCathal ryan
Cathal ryanHIQAHIS
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRIT Governance Ltd
 
Datum DPO outsourced May 2016
Datum DPO outsourced May 2016Datum DPO outsourced May 2016
Datum DPO outsourced May 2016Mark Honeyball
 
GDPRR: The Key Changes
GDPRR: The Key ChangesGDPRR: The Key Changes
GDPRR: The Key ChangesCraig Clark ITIL, CIS LI,EU GDPR P
 
EY General Data Protection Regulation: Are you ready?
EY General Data Protection Regulation: Are you ready?EY General Data Protection Regulation: Are you ready?
EY General Data Protection Regulation: Are you ready?VYTIS MALECKAS
 
Data Manaement with Semantic MediaWiki - fulfilling GPDR requirements
Data Manaement with Semantic MediaWiki - fulfilling GPDR requirementsData Manaement with Semantic MediaWiki - fulfilling GPDR requirements
Data Manaement with Semantic MediaWiki - fulfilling GPDR requirementsBernhard Krabina
 
GDPR - New European Union Legislation
GDPR - New European Union LegislationGDPR - New European Union Legislation
GDPR - New European Union LegislationTekwill
 
Quick Guide to GDPR
Quick Guide to GDPRQuick Guide to GDPR
Quick Guide to GDPRPavol Balaj
 
Open Data for Artificical Intelligence
Open Data for Artificical IntelligenceOpen Data for Artificical Intelligence
Open Data for Artificical IntelligenceDerilinx
 
EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer IT Governance Ltd
 
Big data minute privacy
Big data minute privacyBig data minute privacy
Big data minute privacyGuyVanderSande
 
Kawser Hamid : ICO and Data Protection in the Cloud
Kawser Hamid : ICO and Data Protection in the CloudKawser Hamid : ICO and Data Protection in the Cloud
Kawser Hamid : ICO and Data Protection in the CloudGurbir Singh
 
VIAF GDPR
VIAF GDPRVIAF GDPR
VIAF GDPRBiblioteca Nacional de España
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection RegulationRamiro Cid
 
The EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowThe EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowSophos Benelux
 
GDPR in practice
GDPR in practiceGDPR in practice
GDPR in practiceZoneFox
 
Preparing for EU GDPR
Preparing for EU GDPRPreparing for EU GDPR
Preparing for EU GDPRIT Governance Ltd
 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET
 
Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...
Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...
Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...ArabNet ME
 
Data Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRData Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRIT Governance Ltd
 
China's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 DaysChina's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 DaysTrustArc
 
Appointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPRAppointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPRIT Governance Ltd
 
Keep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approachKeep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approachNagib Aouini
 
GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018Marjane Moghimi, ERP
 
The Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionThe Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionAtlas_Cloud
 

Contenu connexe

Tendances

EY General Data Protection Regulation: Are you ready?
EY General Data Protection Regulation: Are you ready?EY General Data Protection Regulation: Are you ready?
EY General Data Protection Regulation: Are you ready?VYTIS MALECKAS
 
Data Manaement with Semantic MediaWiki - fulfilling GPDR requirements
Data Manaement with Semantic MediaWiki - fulfilling GPDR requirementsData Manaement with Semantic MediaWiki - fulfilling GPDR requirements
Data Manaement with Semantic MediaWiki - fulfilling GPDR requirementsBernhard Krabina
 
GDPR - New European Union Legislation
GDPR - New European Union LegislationGDPR - New European Union Legislation
GDPR - New European Union LegislationTekwill
 
Quick Guide to GDPR
Quick Guide to GDPRQuick Guide to GDPR
Quick Guide to GDPRPavol Balaj
 
Open Data for Artificical Intelligence
Open Data for Artificical IntelligenceOpen Data for Artificical Intelligence
Open Data for Artificical IntelligenceDerilinx
 
EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer IT Governance Ltd
 
Big data minute privacy
Big data minute privacyBig data minute privacy
Big data minute privacyGuyVanderSande
 
Kawser Hamid : ICO and Data Protection in the Cloud
Kawser Hamid : ICO and Data Protection in the CloudKawser Hamid : ICO and Data Protection in the Cloud
Kawser Hamid : ICO and Data Protection in the CloudGurbir Singh
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection RegulationRamiro Cid
 
The EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowThe EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowSophos Benelux
 
GDPR in practice
GDPR in practiceGDPR in practice
GDPR in practiceZoneFox
 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET
 
Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...
Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...
Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...ArabNet ME
 
Data Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRData Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRIT Governance Ltd
 
China's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 DaysChina's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 DaysTrustArc
 

Tendances (18)

GDPRR: The Key Changes
GDPRR: The Key ChangesGDPRR: The Key Changes
GDPRR: The Key Changes
 
EY General Data Protection Regulation: Are you ready?
EY General Data Protection Regulation: Are you ready?EY General Data Protection Regulation: Are you ready?
EY General Data Protection Regulation: Are you ready?
 
Data Manaement with Semantic MediaWiki - fulfilling GPDR requirements
Data Manaement with Semantic MediaWiki - fulfilling GPDR requirementsData Manaement with Semantic MediaWiki - fulfilling GPDR requirements
Data Manaement with Semantic MediaWiki - fulfilling GPDR requirements
 
GDPR - New European Union Legislation
GDPR - New European Union LegislationGDPR - New European Union Legislation
GDPR - New European Union Legislation
 
Quick Guide to GDPR
Quick Guide to GDPRQuick Guide to GDPR
Quick Guide to GDPR
 
Open Data for Artificical Intelligence
Open Data for Artificical IntelligenceOpen Data for Artificical Intelligence
Open Data for Artificical Intelligence
 
EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer
 
Big data minute privacy
Big data minute privacyBig data minute privacy
Big data minute privacy
 
Kawser Hamid : ICO and Data Protection in the Cloud
Kawser Hamid : ICO and Data Protection in the CloudKawser Hamid : ICO and Data Protection in the Cloud
Kawser Hamid : ICO and Data Protection in the Cloud
 
VIAF GDPR
VIAF GDPRVIAF GDPR
VIAF GDPR
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection Regulation
 
The EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowThe EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to know
 
GDPR in practice
GDPR in practiceGDPR in practice
GDPR in practice
 
Preparing for EU GDPR
Preparing for EU GDPRPreparing for EU GDPR
Preparing for EU GDPR
 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection Regulation
 
Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...
Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...
Keynote: Raising the Bar on the Ethical Use of Data in Government at the Arab...
 
Data Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRData Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPR
 
China's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 DaysChina's PIPL: How to Comply in Under 60 Days
China's PIPL: How to Comply in Under 60 Days
 

Similaire à Preparing for the GDPR

Appointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPRAppointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPRIT Governance Ltd
 
Keep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approachKeep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approachNagib Aouini
 
GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018Marjane Moghimi, ERP
 
The Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionThe Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionAtlas_Cloud
 
GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...
GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...
GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...Alan McSweeney
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection RegulationPeter Haase
 
The first steps towards GDPR compliance 
The first steps towards GDPR compliance The first steps towards GDPR compliance 
The first steps towards GDPR compliance IT Governance Ltd
 
sunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfsunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfmsacs
 
An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015Rachel Aldighieri
 
An introduction to data protection - Manchester - 24/06/15
An introduction to data protection - Manchester - 24/06/15An introduction to data protection - Manchester - 24/06/15
An introduction to data protection - Manchester - 24/06/15Rachel Aldighieri
 
Introduction to data protection - Edinburgh - 29/04/15
Introduction to data protection - Edinburgh - 29/04/15Introduction to data protection - Edinburgh - 29/04/15
Introduction to data protection - Edinburgh - 29/04/15Rachel Aldighieri
 
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...Mailjet
 
SC7 Workshop 3: Big Data Value -Big Data and SC7-
SC7 Workshop 3: Big Data Value -Big Data and SC7-SC7 Workshop 3: Big Data Value -Big Data and SC7-
SC7 Workshop 3: Big Data Value -Big Data and SC7-BigData_Europe
 
Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Aaron Banham
 
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...IT Governance Ltd
 
General Data Protection Regulation - The Belgian Guidance on Records of Proce...
General Data Protection Regulation - The Belgian Guidance on Records of Proce...General Data Protection Regulation - The Belgian Guidance on Records of Proce...
General Data Protection Regulation - The Belgian Guidance on Records of Proce...pi
 
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)Nordic APIs
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...IT Governance Ltd
 

Similaire à Preparing for the GDPR (20)

Appointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPRAppointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPR
 
Keep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approachKeep your data safe and be compliant via a 360° approach
Keep your data safe and be compliant via a 360° approach
 
GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018
 
The Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionThe Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and Protection
 
Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...
 
GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...
GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...
GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection Regulation
 
The first steps towards GDPR compliance 
The first steps towards GDPR compliance The first steps towards GDPR compliance 
The first steps towards GDPR compliance 
 
Legal update
Legal updateLegal update
Legal update
 
sunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfsunil_soares_dama_day.pdf
sunil_soares_dama_day.pdf
 
An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015An introduction to data protection - 2/09/2015
An introduction to data protection - 2/09/2015
 
An introduction to data protection - Manchester - 24/06/15
An introduction to data protection - Manchester - 24/06/15An introduction to data protection - Manchester - 24/06/15
An introduction to data protection - Manchester - 24/06/15
 
Introduction to data protection - Edinburgh - 29/04/15
Introduction to data protection - Edinburgh - 29/04/15Introduction to data protection - Edinburgh - 29/04/15
Introduction to data protection - Edinburgh - 29/04/15
 
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
 
SC7 Workshop 3: Big Data Value -Big Data and SC7-
SC7 Workshop 3: Big Data Value -Big Data and SC7-SC7 Workshop 3: Big Data Value -Big Data and SC7-
SC7 Workshop 3: Big Data Value -Big Data and SC7-
 
Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0
 
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
The GDPR and NIS Directive Risk-Based Security Measures and Incident Notifica...
 
General Data Protection Regulation - The Belgian Guidance on Records of Proce...
General Data Protection Regulation - The Belgian Guidance on Records of Proce...General Data Protection Regulation - The Belgian Guidance on Records of Proce...
General Data Protection Regulation - The Belgian Guidance on Records of Proce...
 
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...
 

Plus de RIPE NCC

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryRIPE NCC
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionRIPE NCC
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in TechRIPE NCC
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfRIPE NCC
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISRIPE NCC
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopRIPE NCC
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfRIPE NCC
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfRIPE NCC
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsRIPE NCC
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing SecurityRIPE NCC
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfRIPE NCC
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasRIPE NCC
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasRIPE NCC
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet InfrastructureRIPE NCC
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenRIPE NCC
 

Plus de RIPE NCC (20)

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet Registry
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate Action
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in Tech
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement Tools
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the Baltics
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing Security
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE Atlas
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement Services
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in Sweden
 

Dernier

Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 

Dernier (20)

Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 

Preparing for the GDPR

  • 1. 22 January 2018 | 53rd TF-CSIRT Meeting Mirjam Kühne (slides by Athina Fragkouli) RIPE NCC Preparing for the GDPR
  • 2. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 2 General Data Protection Regulation • Adopted in April 2017 • Replacing the EU Data Protection Directive • In effect from May 2018
  • 3. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 3 The RIPE NCC • Not-for-profit • Membership-based organisation • The registration authority for Internet number resources in its service region - Operation of the publicly available RIPE Database - Maintenance of non public registration information • Important role for the operations of the Internet globally - Accountability and clear governance procedures are vital!
  • 4. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 4 Data Protection by the RIPE NCC • The RIPE NCC already covered by the EU Data Protection Directive - Based in the Netherlands • In 2006 the RIPE Community established the Data Protection Task Force (DPTF) - Mandate to recommend steps for the implementation of the Directive - Developed procedures and legal framework with the RIPE NCC • Data Protection Report - https://www.ripe.net/about-us/legal/ripe-ncc-data-protection-report
  • 5. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 5 RIPE NCC Service Region
  • 6. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 6 Involvement in Legislative Discussions • 2009 - EU public consultation on the legal framework for the fundamental right to protection of personal data • The RIPE NCC submitted an opinion “[…] The RIPE NCC considers that personal data related to the operators of the Internet should be easily available to each other, both inside and outside the EU, in order for those individuals to be able to contact one another to coordinate the proper functioning of the Internet around the world. […]”
  • 7. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 7 Today: Preparing for the GDPR • GDPR a good opportunity for a general review of all data sets processed by the RIPE NCC • March 2017 - establishment of internal project - Review all personal data processed by the RIPE NCC - Project team consists of two legal counsels and two security officers - Support by colleagues of all department - Engagement of external legal counsels, industry partners etc. - Communication and consultations with RIPE community is essential
  • 8. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 8 Work So Far • Catalogue of all data sets processed by the RIPE NCC • Reviewing compliance with GDPR • Areas of focus - RIPE Database - Retention of personal data - Internal process of all personal data - Other RIPE NCC services
  • 9. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 9 The RIPE Database (1) • The purpose described in Article 3 of the RIPE Database Terms and Conditions - Established by the RIPE Community and the Data Protection Task Force • Among others, it states: - “Facilitating coordination between network operators (network problem resolution, outage notification etc)” • For this purpose, crucial to have publicly available contact information of individuals - E.g. cases of cyber attacks, quick contact among operators that have no direct (business) relations
  • 10. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 10 The RIPE Database (2) • Legal basis for the processing - Sharing contact information by the resource holders is part of their responsibility - If contact information of resource holder’s employee —> legal basis depends on their working relationship - If contact information of resource holder’s customers —> depends on customer’s responsibilities - Personal data removal procedure: ๏ https://www.ripe.net/manage-ips-and-asns/db/support/documentation/removal- of-personal-data
  • 11. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 11 More Details on RIPE Labs https://labs.ripe.net/gdpr
  • 12. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 12 Retention of Personal Data • Personal data maintained for as long as justified by the purpose of obtaining it • Carefully review the purpose for every data set • Focus on RIPE Registry data - Information about old non-publicly available personal data - Registry role similar to Land Register - Historic information important in resolving possible future disputes over Internet number resource registrations
  • 13. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 13 Internal Processing of Personal Data • Review of internal policies, including: - Who is authorised to have access - How personal data is stored (security aspects) - Making sure we comply to all GDPR aspects
  • 14. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 14 Other RIPE NCC Services • RIPE Atlas • Meetings registration • Websites operated by the RIPE NCC
  • 15. Mirjam Kühne | 53rd TF-CSIRT | 5 February 2018 15 Stay Tuned! • Series of RIPE Labs articles describing the GDPR preparations - https://labs.ripe.net/gdpr • Webpages dedicated to GDPR - https://www.ripe.net/about-us/legal/corporate-governance/ gdpr-and-the-ripe-ncc