Академический Документы
Профессиональный Документы
Культура Документы
1
Click to edit
Overview of Master
topics title style
2
Click
1 toCorrelation
of 11: edit Masterwith
title style
information security –
OWASP Top 10 risk - Sensitive data exposure
Examples
o Is any data transmitted in clear text? This concerns protocols such as HTTP, SMTP, and
FTP. External internet traffic is especially dangerous. Verify all internal traffic e.g.
between load balancers, web servers or back-end systems.
o Are any old or weak cryptographic algorithms used either by default or in older code?
o Are default crypto keys in use, weak crypto keys generated or re-used, or is proper key
management or rotation missing?
o Is encryption not enforced, e.g. are any user agent (browser) security directives or
headers missing?
o Does the user agent (e.g. app, mail client) not verify if the received server certificate is
valid?
Legal implications
Examples
o Auditable events, such as logins, failed logins, and high-value transactions are not logged.
o Logs of applications and APIs are not monitored for suspicious activity.
o Appropriate alerting thresholds and response escalation processes are not in place or effective
o Most successful attacks start with vulnerability probing. Allowing such probes to continue can raise the likelihood of
successful exploit to nearly 100%. In 2016, identifying a breach took an average of 191 days – plenty of time for damage to
be inflicted.
Legal implications
o Cybersecurity legislation obligations, data protection obligations (minimization, access management, security measures, data
• Lack of proper security measures on a web application of a data • Lack of proper access management implementation
processor (online voting platform – EUR 50,000) (hospital – EUR 460,000)
Poland
Lithuania
• Lack of security measures implemented (online retail
• Lack of security measures for web application (payment service company – EUR 644,000)
provider – EUR 61,500) 5 5
1 of 11:
Click to edit Master title
Correlation withstyle
information security
Bulgaria
http://www.enforcementtracker.com/
Germany
The Czech Republic • Lack of proper policies and procedures in place for ensuring
confidentiality of data (retail company)
• Lack of proper security measures implemented (credit broker EUR
1,165) 6 6
Click
2 of 11:
to edit
Personal
Master
data
title
definition
style
any information
o objective data about an individual (such as a client’s job)
o subjective data about an individual (such as a client’s risk rating).
Special types of personal data – article 9 GDPR – e.g. biometrics for identification, health data, criminal
records, politic views.
7
Click
2 of 11:
to edit
Personal
Master
data
title
definition
style
8 8
Click
2 of 11:
to edit
Personal
Master
data
title
definition
style
Data
• Individuals whose data is being processed
subjects
Data processing purpose identification as basis for analysis. Example: internet banking app having multiple
data flows – making payments, obtaining loans, shopping in the market place for partner products, obtaining
insurance.
9
Click
3 of 11:
to edit
LegalMaster
basis for
titledata
style
processing
Main types of legal basis usually applicable (other types are listed under article 6 of GDPR):
• Performance of agreement with the data subject (including negotiation phase)
• Legal obligation of the data controller (not of anyone else) – e.g. registration with authorities, reporting
• Legitimate interest of a data controller
• Consent (expressly given, freely given, informed, easily accessible, plain language)
• For subsequent data processing (different purposes), separate analysis should be made.
Examples:
1. data initially processed for usage of travel app used for identifying bugs and improving app;
2. user data used subsequently for marketing towards the users
Compatibility test:
• Similarity between the initial and subsequent purpose
• Reasonable expectation of the data subject with respect to the subsequent purpose
• Types of personal data processed and the consequences of the processing on the data subject
• Measures implemented for preventing negative consequences on data subjects
*Intra-group transfers – analysis of legal basis every time. Including in cases where a company holds IT apps/infrastructure for entire group
10
Click
4 of 11:
to edit
Information
Master title
notices
style
• Evidence needed for being brought to the attention of the data subject – e.g.
tick boxes saved in the database
• Specific content – articles 13 and 14 of the GDPR
• Easily accessible for users when online (direct access or layered approach)
• Provided prior to any data processing takes place (with some exemptions)
11
Click
5 toData
of 11: edit subject
Masterrights
title style
and retention period
12
Click
5 toData
of 11: edit subject
Masterrights
title style
–
Case study 1/3
- Implications of providing handling of data subject requests as an additional services for additional fees
- Offering of additional services for best practices in case of investigation of the controller
- Legal obligations of the processor?
13
Click
5 toData
of 11: edit subject
Masterrights
title style
–
Case study 2/3
• Obligation of co-contractor to assist in responding to data access requests
(e.g. copies of personal data held on behalf of controller)
14
Click
5 toData
of 11: edit subject
Masterrights
title style
–
Case study 3 of 3
15
Click
6 toController
of 11: edit Mastervs. title style
processor
Key characteristics
• Controller
o Entity which (alone or together with others); when jointly with others => joint controllers
o Determines the purposes; and
o Determines the means of processing.
• Processor
o Entity processing personal data on behalf of the controller; and
o Acting as per the instructions of the controller.
16
Click
6 toController
of 11: edit Master
vs. title style
processor
Case study 1 of 2
• Recruitment agency
- Who establishes the purpose?
- Who sets-out the means?
- Who decides the conditions for data transfer?
17
Click
6 toController
of 11: edit Master
vs. title style
processor
Case study 2 of 2
18
Click
7 of 11:
to edit
Liability
Master
sharing
title style
19
7 of 11:
Click to edit
Liability
Master
sharing
title style
Case study 1/9
20
7 of 11:
Click to edit
Liability
Master
sharing
title style
Case study 2/9
- Is the data used for secondary processing purposes? – e.g. marketing activity
- Fulfilment of information obligation towards data subjects?
- Data minimization principle?
- Need to know basis?
- Legal basis for transfer?
- Transfer outside the EU? Cloud services used by sub-contractor? Replication of servers of cloud service provider?
21
7 of 11:
Click to edit
Liability
Master
sharing
title style
Case study 3/9
22
7 of 11:
Click to edit
Liability
Master
sharing
title style
Case study 4/9
• Limitation of liability clause
23
7 of 11:
Click to edit
Liability
Master
sharing
title style
Case study 5/9
- Legal liability?
- Contractual liability?
- Fines from the authority?
- Cross-border implications?
- Claims brought by data subjects against the controller?
- Implications for partial knowledge of the processor of the data processing activity?
24
7 of 11:
Click to edit
Liability
Master
sharing
title style
Case study 6/9
• Data processor acting as per the instructions of the data controller, but such instructions are not in compliance
with the GDPR
(e.g. transfer to US without respecting the conditions set-out under the GDPR)
- Legal liability?
- Contractual liability?
- Fines from the authority?
- Cross-border implications?
- Claims brought by data subjects against the controller?
25
7 of 11:
Click to edit
Liability
Master
sharing
title style
Case study 7/9
- Joint controllers?
- Location / IT system where data is stored?
- Data minimization principle?
- Obtaining of consent of data subject?
- Secondary use of data?
26
7 of 11:
Click to edit
Liability
Master
sharing
title style
Case study 8/9
• Use of sub-contractors by the processor
- Requirements if there is a general authorization in the data processing agreement in this respect?
- Need to notify the controller? Need to notify the data subject?
- Requirements for the agreement between the processor and sub-processor?
27
7 of 11:
Click to edit
Liability
Master
sharing
title style
Case study 9/9
• Use of processors by the controller receiving data from another controller
28
Click
8 of 11:
to edit
IT security
Master case
title study
style 1/11
29
Click
8 of 11:
to edit
IT security
Master case
title study
style 2/11
30
Click
8 of 11:
to edit
IT security
Master case
title study
style 3/11
31
Click
8 of 11:
to edit
IT security
Master case
title study
style 4/11
32
Click
8 of 11:
to edit
IT security
Master case
title study
style 5/11
33
Click
8 of 11:
to edit
IT security
Master case
title study
style 6/11
- Relevance of data location and data access on liability – e.g. manufacturer of car, software of sensor, software of gateway, cloud
provider, ISP or implementation company
- Data minimization and need to know principles
34
Click
8 of 11:
to edit
IT security
Master case
title study
style 7/11
- Relevance of exposure of data breach (e.g. data sent accidentally to another user, data accessible by the public)?
- Liability shifting between controller, processor and sub-processor?
- Claims made by data subjects or co-contractors?
- Penalties imposed by authorities?
35
Click
8 of 11:
to edit
IT security
Master case
title study
style 8/11
36
Click
8 of 11:
to edit
IT security
Master case
title study
style 9/11
37
8 of 11:
Click to edit
IT security
Master –title style
Case study 10/11
• IT maintenance services
38
8Click toIT
of 11: edit Master–title style
security
Case study 11/11
• Framework agreement agreed with mother company for IT services – e.g. cloud or IT security services
39
Click
9 toProfiling
of 11: edit Master title style decisions
and automated
Concept
Profiling represents:
• any form of automated processing of personal data
• used to evaluate (including to analyse or to predict) certain personal aspects relating to a natural person
Limitations to profiling: e.g. need for consent in case of intrusive profiling (such as, processing of data not expected by data subject)
40
Click
9 toProfiling
of 11: edit Master title style decisions
and automated
Potential risks
41
Click
9 toProfiling
of 11: edit Master title style decisions
and automated
To do list
Data minimization – proportionality principle
Accuracy of data stored
Retention period
Information provided to data subjects – including structuring of the profiling and envisaged consequences of such processing
Right to rectification
Right to object (specifics for marketing activities)
Implementing appropriate safeguards
Data protection impact assessment (data analysis specific in certain situations provided by law)
42
Click
9 toProfiling
of 11: edit Master title style decisions
and automated
Case studies
• eHealth app – potential processing of sensitive data (derived and inferred data)
• Cybersecurity tools used by companies – IPS, IDS, SIEM
• Data analytics – for targeted marketing purposes
• Social media app – using profiles of its users for marketing purposes (on behalf of other companies – e.g. banks, retail
stores)
43
Click
10 to edit
of 11: Master title style
Pseudo-anonymized data –
Case study 1/3
• Database of financial transactions
(pseudo-anonymization of such data)
- Limitations around the use for creating new products or for marketing campaigns
- (i) it is still possible to identify a data subject? (ii) it is still possible to link records/entries relating to the same data subject? or (iii)
information can be deduced/inferred regarding a data subject?
- Is the data subject identified or identifiable by using any means likely reasonable to be used by either a data controller or a third party?
44
Click
10 to edit
of 11: Master title style
Pseudo-anonymized data –
Case study 2/3
• CRO (Contract research organisation) companies – clinical trials
45
Click
10 to edit
of 11: Master title style
Pseudo-anonymized data –
Case study 3/3
• Investigations performed by foreign public authorities towards the mother company
46
11 of to
Click 11edit
Privacy
Master
by design
title style
Privacy analysis life cycle - SDLC 1/2
Requirement
Change
Design
management
Deployment Coding
Testing
47
11 of to
Click 11edit
Privacy
Master
by design
title style
Privacy analysis life cycle 2/2
Change
Requirement Design Coding Testing Deployment
management
Difficult to
Identification of
define at the Legacy and Static code Implementation
UX vs privacy impact on
outset; risk group systems analysis steps
personal data
appetite
Correlation with
Offering of Third party Triggers for
existing Privacy testing Regular reviews
guidance source code privacy analysis
systems
Application
Consequences
• Collecting structure • Minimise
• (Pseudo-)anonymise
• Transferring • The data at rest • Encrypt/hide • Ensure integration with
• The application layer, • Inform existing IT systems
• Analysing including integration with • Control • Avoid delays and changes to
• Archiving other IT systems
• The data transition layer
• Demonstrate initial architecture
• Technical, privacy and
• Storing • The front-end business aspects adjusted
and included from the outset
Data processing
Implementation
types
49
Click
11 ofto11edit Master
Privacy bytitle style
design
Analysis angles - purpose 2/3
Traceability of consent/information
Risk management integration Risks for individuals
notices
Data (collection) minimisation and Incident identification, notification Nature, scope, context and purposes
purpose limitation and investigation of processing
51
Click
11 ofto
11edit
Privacy
Master
by title
designstyle
Role of stakeholders
52
11 of to
Click 11edit
Privacy
Master
by design
title style
Specifics depending on development methodology
53
11 of to
Click 11edit
Privacy
Master
by design
title style
Use of third parties
Specific requirements:
Use of third party
Audit e.g. DSR and incident
identification/investigatio
n
source code
Initial
External requirements and
Triggers for
additional privacy
periodical follow-
developers ups; SMEs
analysis
54
Click to edit
Relevant legislation
Master title
and guidance
style
Questions?
Email: larisagabudeanu@gmail.com
56