E metrics san fran 2014 aurelie pols final
-
Upload
mind-your-group -
Category
Documents
-
view
117 -
download
0
description
Transcript of E metrics san fran 2014 aurelie pols final
@aureliepolsData Science Protected
The Rule of Law is the basis for DemocracyUS & UK EU APEC
Common Law Continental Law Continental law influenced
Class actions Fines (by DPAs: Data Protection Agencies)
Privacy Personal Data ProtectionBusiness focused Citizen focused: data belongs to the
visitor/prospect/consumer/citizenPatchwork of sector based legislations: HIPPA, COPPA, VPPA, …
Over-arching EU Directives & Regulations
PII: varies per state Risk levels: low, medium, high, extremely high
@aureliepolsData Science Protected
PII list of variables & US states 2
Medical information as PII
California
Arkansas
Missouri
New Hampshire
North Dakota
Texas
Virginia
Financial information as PII
Alaska North Carolina
Iowa North Dakota
Kansas Oregon
Massachusetts South Carolina
Missouri Vermont
Nevada Wisconsin
New York* Wyoming
Passwords as PII
Georgia
Maine
Nebraska
Biometric information as PII
Iowa
Nebraska
North Carolina
Wisconsin
Source: information based on current ongoing analysis
(partial results)
@aureliepolsData Science Protected
PII vs. Risk levels, US vs. EU
Low
Medium(profiling)
High(sensitive)
Risk level
Data typeInformation Security Measures
Extremely high(profiling of sensitive data)
PII
@aureliepolsData Science Protected
Total Privacy fines, penalties & settlements worldwide
Just 6 weeks into 2014, the world total in Privacy damages has
already reached half the level of last year’s record: $74 million
Source: http://www.computerworld.com/s/article/9246393/Jay_Cline_U.S._takes_the_gold_in_doling_out_priva
cy_fines?taxonomyId=84&pageNumber=3
@aureliepolsData Science Protected
EU Fines?Spain: responsible for 80% of data protection fines in the EU
Source: http://i0.kym-cdn.com/photos/images/newsfeed/000/242/381/63a
.jpg
Source: http://www.mindyourprivacy.com/download/privacy-infographic.pdf
@aureliepolsData Science Protected
Techno security is just 1 piece of the puzzle
Data Collection
TechnologicalP
roce
sses
Reso
urces
security
@aureliepolsData Science Protected
MYP Information Security Framework
Organizational Data Security measures
CONFIDENTIALITYSECURITY PRIVACY
Integrity Availability Authentication
DATA LIFECYCLE
RISK CLASSIFICATIONLow/medium/high/extreme
@aureliepolsData Science Protected
Remember! Human error causes most data breaches
Source: http://www.cooldailyinfographics.com/post/data-and-security-breaches
@aureliepolsData Science Protected
www.privacyisthenewgreen.com