1. Digital Analytics & Privacy: its not the end of the world November 12th 2013Aurlie Pols Something (Digital) Analytics Europe Chief Visionary Officer & Founder @aureliepols

2. Expectations: no legislation, promised!@aureliepols 3. Datenschutz, Proteccin de datos, Protection des donnes@aureliepols 4. Privacy, a human right? Navi PillaySource: http://rt.com/news/germany-brazil-un-spying-resolution-394/@aureliepolsSource: http://www.ohchr.org/EN/Pages/WelcomePage.aspx 5. The changing tide of public opinionSource: http://www.gl obalresearch.c a/25verdadessobre-el-casoevomoralesedwar dsnowden/534 1660 @aureliepols 6. Democracy in danger since the Patriot Act?Source: http://minnesota.publicradio.org/display/we b/2013/01/22/daily-circuit-alexis-detocqueville-democracy-in-america@aureliepols 7. This is about keeping your jobSource: http://toogoodtogodown.wordpress.com/2012/04/30/yourefired-which-grimsby-town-players-will-be-offered-new-deals-and-whichwill-be-released/@aureliepolshttp://blog.kevinmaxwell.co.uk/2012/11/guess-what-youre-fired/ 8. The confessions of a European analyst Grew up in the Netherlands, Dutch passport French mother tongue Most of my friends of bilingual at least! Have Polish & Russian origins Set-up my first start-up in Belgium in 2003 Sold it to a UK agency, Digitas LBi (Publicis), in 2008 Moved to Spain in 2009 Created Mind Your Group (Putting Your Data to Work) + sister company Mind Your Privacy in 2012 (yes, law firm)@aureliepols 9. Bridging Analytics & Data Protection in Europe European Convention of Human Rights, Article 8: Privacy is a fundamental right you dont have to agree ;-) Spain = 80% of EU Data Protection fines; strict data protection legislation, breach notification & security protocols best practices@aureliepols 10. The Rule of Law is the foundation of Democracy Democracy must be built through open societies that share information. When there is information, there is enlightment. When there is debate, there are solutions. When there is no sharing of power, no rule of law, no accountability, there is abuse, corruption, subjugation and indignation. Atifete Jahjaga, President of Kosovo@aureliepols 11. The Rule of Law is the foundation of Democracy APEC Continental law influencedUS & UK Common LawEU Continental LawClass actions Privacy Business focusedFines (by DPAs: Data protection Agencies) Personal Data Protection Citizen focused: data belongs to the visitor/prospect/consumer/citizen Over-arching EU Directives & RegulationsSector based legislations: HIPPA, COPPA, VPPA, PII varies per state but lists defined* Again, you dont have to agree!@aureliepolsIntroduction of pseudo-anonymized data within the new PDP Regulation, partially trying to avoid pinning down PII exactly imho 12. Privacy is a tough cookie to crack So was probably the Declaration of Human Rights, ask Eleanor Roosevelt! So called Cookie Directive, good or bad idea? - Very techno specific - Doesnt help when legislation lags behind - Raised awareness? - Clean house?@aureliepolsBest cookies in the world: Maison Dandoy, Brussels, since 1829, http://www.maisondandoy.com/en/home/, 13. Rome wasnt build in a day Take away #1: The EU & the US view Privacy & data protection very differently and that is fine! Rome wasnt built in one day, neither was the traffic regulation in NY or Madrid!@aureliepols 14. Wicked French ;-) Most EU countries talk of zebra paths France: are still talking of passages clots Take away #2 related to data: Time: - Techno evolves faster than legislation - Privacy procedures are new to techno players => no Privacy culture! Data is ad infinitum transferable, without decay => new Privacy challenges, la bande de GAFA (CNIL)@aureliepolsImage source: http://images.forum-auto.com/mesimages/770027/passage %20cloute.jpg 15. Privacy tri-partite Joint effort by: 1. Governments &/or international Associations => regulations, guidelines.. 2. Businesses 3. Citizens/consumers/voters Each party wanting to defend its rights: -Personal Data Protection & the Rule of Law through respect of Fundamental Rightsvs. -Profits & hopefully Sustainability @aureliepols 16. If data is the new oil, is Privacy the new Green? Comparing Facebooks Privacy policySource: http://mattmckeon.com/facebook-privacy/@aureliepols 17. Whats in a word? DATA LIFECYCLESource: https://vividcortex.com/blog/2013/10/30/slides-from-makingbig-data-small-at-strata@aureliepolsSource: http://www.simpletraining.com/lifecycledata-management-training.html 18. Overlap & pieces missing Take away #3 Data: - ad infinitum transferable Legislation: - Breach notification Common sense: - Procedures! Source: http://libraries.mit.edu/guides/subjects/datamanagement/cycle.html@aureliepols 19. The evolution of Breach notificationhttp://www.informationisb eautiful.net/visualizations/ worlds-biggest-databreaches-hacks/@aureliepols 20. LinkedIn Big Data feedback loop Consent? Anyone? Example: Netflix VPPASource: https://www.facebook.com/photo.php?v=10151708759330687&set=vb.9445547199&type=2&theater@aureliepols 21. Some basic Privacy terms, bouh! PURPOSE: What are you using the data for? CONSENT: Reasonable expectation of the use of data => Transparency Trust => Social Media reputation (See also Breach notification for Crisis Management) Creepy => Ethics boundary@aureliepols 22. You: Data Controller Tools: Data Processor, ok? Take away #4 Review those bloody contracts, will you? Assure liability is clear and that you are covered!Source: http://ec.europa.eu/justice/ data-protection/datacollection/obligations/index _en.htm @aureliepols 23. Did Big Data kill the Privacy framework? No, it introduced a paradigm shift Just like analytics is becoming permeable through the companyPurpose PurposeNew business opportunity New business opportunity through data through dataUser consent User consentThis is also the case for the legal consequences of the use of data: Employee Training & internal debate related to what is acceptable & what is not should become part of businessFair & Legal process Fair & Legal process Data diving analysis / /Big Data Data diving analysis Big DataInformation for approved use Information for approved use@aureliepols 24. Security is only one solution to the problem SECURITY SECURITY (TECHNOLOGY) (TECHNOLOGY)The guy in the middle is a DPO: Data Protection Officer, required key personnel once the EU Personal Data Protection Regulation passes DATA COLLECTION DATA COLLECTION@aureliepols 25. The EU Personal Data Protection Regulation is coming #EUDataP Source: www.iabeurope.eu/fil es/8813/7882/1681/IA B_Tuesday_Webinar _Data_Protection_FI NAL.pdfICO is an outlier@aureliepols 26. Without the right support, the best security crumbles RIITY )) R TY Y ECU OG Y E C U L OG S S NO L H NO TE C H ((TECDATA COLLECTION DATA COLLECTION@aureliepols 27. Human error causes most data breachesSource: http://www.cooldail yinfographics.com/p ost/data-andsecurity-breaches 28. Bridging the analytics to the legal world Security = Icing on the cakeSECURITY SECURITY TECHNOLOGY TECHNOLOGY Information for Information for approved use approved use Data diving analysis // Data diving analysis Big Data Big DataFair & Legal process Fair & Legal process New business New business opportunity through opportunity through data data User consent User consentDATA COLLECTION DATA COLLECTION@aureliepols 29. Harmonising Security & Privacy Effective Privacy management depends upon a Risk driven approach that surpasses compliance needs - Prepare for legislative changes - Recognise that just because something is legal, it doesnt mean it is a good idea - Consider how Privacy drives strategic advantage => USP? Skill requirements & interfaces between professionals - Identifying intersection and tackling conflict - Finding a common language - Developing a Privacy culture@aureliepolsSource: http://www.rsaconference.com/writable/pr esentations/file_upload/grc-w07-whenworlds-collide-harmonising-governancebetween-security-and-privacy.pdf 30. Always ask yourself these 3 questions & keep your job What data am I collecting? - PII vs. non-PII - Persnlich Pseudonym Anonym Who has access to this data? - Both persons & tools Where is the data stored? - SafeHarbor vs. Binding Corporate Rules@aureliepols 31. Or follow the IABs recommendations!@aureliepols 32. Source: http://www.fanpo p.com/clubs/thegoodwife/images/25049 423/title/goodwife-special-aliciaseason-3-photo 33. Thank you for your time! Aurlie Pols Something (Digital) Analytics Europe Chief Visionary Officer & Founder @aureliepols www.mindyourprivacy.com/uk/