End Of Privacy 1.0: GDPR Week 2018

 End of Privacy 1.0 – Week 2018

This week in May will mark a historical moment when EU Privacy Laws become enforced  on May 25th.
OpenConsent is apart of hosting 3 events this week, bringing together industry, standards and privacy experts.
3 Privacy Activites in London: May, 22, 23rd and 24th.

 What  is End of Privacy 1.0 Week?

These events focus on the disruption GDPR enforcement is having at this time. Each event has a focus on privacy frameworks for a different industry and the role privacy standards play for different industries being impacted by the GDPR.
Some of the topics being discussed this week as the GDPR comes into Force?
  • What do privacy rights mean for your industry?
  • What privacy falls under exemptions and legitimate interest?
  • What privacy has to be consent or could be explicit consent based ?
  • How long is data retention?
  • When can data be deleted?
  • Do I need customers to provide consent again?
  • Does sending a legal notice to my customers satisfy the GDPR requirements for transparency?
  • What is the easy way to comply, be competitive and increase customer retention?
  • What guidelines are there for security so that privacy cannot be used as a business attack ?
  • What is open standard usable Privacy and Privacy 2.0 ?
 Speaker Highlights: 
Tues: Kantara Initiative:  Doc Searls, David Clayton, Lyndsi Plummer,
Wed: BSIA, IDmachines & OpenConsent, Sal D’Agostino,
Thurs: BSI – PIMS Jas Sahota, MIT: Thomas Harjourno
Posted in Editorial, News | Comments Off on End Of Privacy 1.0: GDPR Week 2018

Privacy is also about “Securing physical security”

Privacy in security is a key topic for OpenConsent, we have a deep background in surveillance, privacy and identity standards and innovation.

To this end there is

“there is a drum beat around interoperability. Interoperability among global enterprise physical security systems, to this day, is nascent for the physical security functions as well as their support of information technology standards. ”

“absolutely necessary that cybersecurity and privacy best practices are put in place from the very beginning of the design stage and through prototype” (Sal D’Agostino @IDmachines )

With posts like “Securing physical security” being written by Open Consent Co-Founder, Sal D’Agostino, it should be no surprise that OpenConsent is focused on security in privacy, with the GDPR surveillance infrastructure needs an update and data breach is a critical security function for any organisation with data to protect.


Read the full article here

Securing physical security – Medium post

Posted in Editorial | Comments Off on Privacy is also about “Securing physical security”

Top Tips For Open Privacy under the GDPR

Of all the privacy risks an organisation faces today, there are 3 ways in which a regulatory audit will occur for organisations that don’t deal with special categories of data.

  1. People will complain to a regulator 
  2. A Data Breach will attract a regulator
  3. Whistle Blowing will out you to a regulator

Tip #1 Be Aware of your own Open Public Privacy Profile

Most organisations are not even aware that they have a public privacy profile and are under an assumption that a privacy policy is all that is public.   An organisations public privacy profile is what a regulator looks at first when a company comes to their attention. 

Note: In the future, there will be certifications and trust-marks that will help to automate public privacy for organisations.  The European Union is currently building this infrastructure, so until there are standards, or you find some technology that enables your organisation to let people control their own data, it’s up to your organisation to be on its best behaviour.

Tip #2: Register with the ICO

Be publicly open and register with an authoritative 3rd party like the UK ICO data controller registry while you can, not only is it inexpensive, but this provides an independent point of privacy transparency to increase a brand’s trust.  The ICO data controller registry provides a means for organisations to show off some privacy prowess and be used as apart of a way to show low compliance risk with EU regulations via an independent public privacy profile.

Tip  #3 Privacy Response

1. Make sure you have basic privacy controller identity, address and linkable contact information in your privacy policy.

2. Respond in the allotted time by UK regulation, regardless of where your organisation resides in the world, and if you do, a regulator won’t easily have the opportunity to audit you.

Posted in Editorial, Privacy 2.0 | Comments Off on Top Tips For Open Privacy under the GDPR

Promise of Privacy 2.0

Privacy by default, is the promise of Privacy 2.0 which is marked as starting when the Privacy laws become enforceable in the EU May 25th,  2018.      Its also marked as the day digital technology is recognised in terms of the threat to personal security.

On May 25th, Public Privacy gets an upgrade in the EU and privacy regulators in the rest of the world are task with demonstrating equivalence.

The expected results is  societal evolution along the lines of  usable digital privacy rights for people.

Stay tuned for announcement for May- Privacy & Industry 2.0 activities and events being planned for May 22-23 in London on the Southbank.

Posted in Editorial, Privacy 2.0 | Comments Off on Promise of Privacy 2.0

Why Consent Management is Merging into Identity Management

Mark Lizar in an interview with unBoundID, explains the experiences people have with consent.

“If you look at the experience that most people go through, such as entering in passwords or resetting passwords, the uncertainty about where your data is going and how it is being used, it is not a friendly process. People are stuck in a situation where they have to give consent to complete an action online but there is no transparency. As a result, people feel isolated, forced to lie and agree to terms not read, and are not empowered. Each organization’s policies are a closed, bespoke, policy framework, where you are more often than not, agreeing to consent forever.”

The OpenConsent solution, is to let people manage consent independently, enabling consent to be freely given and easily withdrawn.  But for consent to be open companies need to have publicly usable privacy profiles, or people still need to go to each company, one at a time.



Posted in Editorial, Privacy 2.0 | Comments Off on Why Consent Management is Merging into Identity Management