Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

of

GDPR one year in: Observations Slide 1 GDPR one year in: Observations Slide 2 GDPR one year in: Observations Slide 3 GDPR one year in: Observations Slide 4 GDPR one year in: Observations Slide 5 GDPR one year in: Observations Slide 6 GDPR one year in: Observations Slide 7 GDPR one year in: Observations Slide 8 GDPR one year in: Observations Slide 9 GDPR one year in: Observations Slide 10 GDPR one year in: Observations Slide 11 GDPR one year in: Observations Slide 12 GDPR one year in: Observations Slide 13 GDPR one year in: Observations Slide 14
Upcoming SlideShare
What to Upload to SlideShare
Next

1 Like

Share

GDPR one year in: Observations

Short talk at the Cyber Security Summit Belgium for Vlaamse Toezichts Comissie(VTC) about the what we learned about GDPR.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

GDPR one year in: Observations

  1. 1. Vlaamse Toezichtcommissie GDPR one year in Observations Jan Guldentops Vlaamse Toezichtcommissie Cyber Security Summit 12th of june 2019
  2. 2. • ° 2008: Monitor the transfer of personal data by flemish government entities • ° 2018 : Supervising data protection authority (DPA) for the Flemish public sector o (local) Government, • Our task are described in art. 57 and 58 of the GDPR o Advice, monitor, complaints, standardisation, promote awareness, report data leaks, etc. • Belgian situation o Flemish VTC & Federal DPA • More info : o https://overheid.vlaanderen.be/vlaamse-toezichtcommissie Vlaamse Toezichtcommissie QUID VTC ?
  3. 3. Who am I ? • Jan Guldentops (°1973) o I am building server, network and other ICT infrastructure o for > 25 years o Founder of Better Access (°1996) and BA (°2003) o Open Source Fundamentalist (after hours) o Strong practical background in the field of security and privacy • Security “expert” by accident o Documented the security problems of the first Belgian Internet bank. ( Beroepskrediet / Belgium Online ) o Right hand of big brother o “Certified” Data Protection Officer o Do a lot of R&D and testing (security, infrastructure, performance) o Backup member of the VTC board Vlaamse Toezichtcommissie
  4. 4. GDPR – one year • The runup to may 2018 almost felt like it was 1999 (Y2K) all over again. • That mix of real concern, panic, smooth sales, apocalyptic thinking, not understanding … • Lots of products, consultancy, privacy-washing, etc. • We didn’t explain the why enough o Why is the protection of personal data so important The situation has relaxed, companies and organizations. Vlaamse Toezichtcommissie
  5. 5. Howto GDPR ? • A combination of hard work, Common Sense, following policies and not reinventing the wheel • We see a lot of shortcuts and easy way’s out Vlaamse Toezichtcommissie
  6. 6. IT’s a continuous proces Vlaamse Toezichtcommissie
  7. 7. Paper tigers Vlaamse Toezichtcommissie
  8. 8. Realism : Vlaamse Toezichtcommissie • There is no such thing as absolute security ! • infallibility
  9. 9. Smart use of technology: encryption Vlaamse Toezichtcommissie
  10. 10. Is personal data more secure now? • Did the extra attention on documentation, procedures and inventories diminish the real work on security . • Did it mean we put less time in the real security work ? o Security plan ? o Real technical audits ? o Etc. • There is more than personal data to consider : o PCI DSS o Other regulatory rules Vlaamse Toezichtcommissie
  11. 11. A couple of examples Vlaamse Toezichtcommissie
  12. 12. Dataleaks reported to VTC • https://overheid.vlaanderen.be/overzicht- gegevenslekken-reeds-gemeld-aan-de- vlaamse-toezichtcommissie Vlaamse Toezichtcommissie
  13. 13. Standstill ? • Are we at a standstill ? • Belgian DPA’s took some time to get organized. • Commercial companies complain that they are not doing a lot of business • Not a lot of complaints / right enforced by citizens Vlaamse Toezichtcommissie
  14. 14. Important mission • Teach our citizens to enforce their rights o The right to be informed o The right of access o The right to rectification o The right to erasure o The right to restrict processing o The right to data portability o The right to object o Rights in relation to automated decision making and profiling. Vlaamse Toezichtcommissie
  • AnneTeughels

    Jun. 13, 2019

Short talk at the Cyber Security Summit Belgium for Vlaamse Toezichts Comissie(VTC) about the what we learned about GDPR.

Views

Total views

238

On Slideshare

0

From embeds

0

Number of embeds

6

Actions

Downloads

0

Shares

0

Comments

0

Likes

1

×