End of Privacy 1.0 – Week 2018
- May 22: Privacy in Advertising: Marketing, Media & Privacy – #MMaP18
- May 23: Privacy in Security: Security, Standards & GDPR
- May 24: Privacy in Data Control: End Of Privacy 1.0 – Data Portability & Building the Right to Privacy Information
What is End of Privacy 1.0 Week?
- What do privacy rights mean for your industry?
- What privacy falls under exemptions and legitimate interest?
- What privacy has to be consent or could be explicit consent based ?
- How long is data retention?
- When can data be deleted?
- Do I need customers to provide consent again?
- Does sending a legal notice to my customers satisfy the GDPR requirements for transparency?
- What is the easy way to comply, be competitive and increase customer retention?
- What guidelines are there for security so that privacy cannot be used as a business attack ?
- What is open standard usable Privacy and Privacy 2.0 ?
Privacy in security is a key topic for OpenConsent, we have a deep background in surveillance, privacy and identity standards and innovation.
To this end there is
“there is a drum beat around interoperability. Interoperability among global enterprise physical security systems, to this day, is nascent for the physical security functions as well as their support of information technology standards. ”
“absolutely necessary that cybersecurity and privacy best practices are put in place from the very beginning of the design stage and through prototype” (Sal D’Agostino @IDmachines )
With posts like “Securing physical security” being written by Open Consent Co-Founder, Sal D’Agostino, it should be no surprise that OpenConsent is focused on security in privacy, with the GDPR surveillance infrastructure needs an update and data breach is a critical security function for any organisation with data to protect.
Read the full article here
Of all the privacy risks an organisation faces today, there are 3 ways in which a regulatory audit will occur for organisations that don’t deal with special categories of data.
- People will complain to a regulator
- A Data Breach will attract a regulator
- Whistle Blowing will out you to a regulator
Tip #1 Be Aware of your own Open Public Privacy Profile
Note: In the future, there will be certifications and trust-marks that will help to automate public privacy for organisations. The European Union is currently building this infrastructure, so until there are standards, or you find some technology that enables your organisation to let people control their own data, it’s up to your organisation to be on its best behaviour.
Tip #2: Register with the ICO
Be publicly open and register with an authoritative 3rd party like the UK ICO data controller registry while you can, not only is it inexpensive, but this provides an independent point of privacy transparency to increase a brand’s trust. The ICO data controller registry provides a means for organisations to show off some privacy prowess and be used as apart of a way to show low compliance risk with EU regulations via an independent public privacy profile.
Tip #3 Privacy Response
2. Respond in the allotted time by UK regulation, regardless of where your organisation resides in the world, and if you do, a regulator won’t easily have the opportunity to audit you.
Privacy by default, is the promise of Privacy 2.0 which is marked as starting when the Privacy laws become enforceable in the EU May 25th, 2018. Its also marked as the day digital technology is recognised in terms of the threat to personal security.
On May 25th, Public Privacy gets an upgrade in the EU and privacy regulators in the rest of the world are task with demonstrating equivalence.
The expected results is societal evolution along the lines of usable digital privacy rights for people.
Stay tuned for announcement for May- Privacy & Industry 2.0 activities and events being planned for May 22-23 in London on the Southbank.
Mark Lizar in an interview with unBoundID, explains the experiences people have with consent.
“If you look at the experience that most people go through, such as entering in passwords or resetting passwords, the uncertainty about where your data is going and how it is being used, it is not a friendly process. People are stuck in a situation where they have to give consent to complete an action online but there is no transparency. As a result, people feel isolated, forced to lie and agree to terms not read, and are not empowered. Each organization’s policies are a closed, bespoke, policy framework, where you are more often than not, agreeing to consent forever.”
The OpenConsent solution, is to let people manage consent independently, enabling consent to be freely given and easily withdrawn. But for consent to be open companies need to have publicly usable privacy profiles, or people still need to go to each company, one at a time.