Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

PV > PRVMG > Flashcards

PRVMG Flashcards

1
Q

Privacy by Design 7

A
  1. Proactive not reactive; preventive not remedial: anticipate and prevent privacy issues before they happen
  2. Privacy as a default: no action on part of the individual is required for maximum degree of privacy of privacy protection ( before default was not maximum at Facebook)
  3. Privacy embedded into design: privacy is not bolted on but integral to the core of a system ( end to end encryption )
  4. Full functionality - positive sum, not zero sum: accommodate all legitimate interest in a win win manner (no party should have a trade off)
  5. End to end security - full lifecycle protection: privacy throughout the lifecycle of data involved
  6. Visibility and transparency: practices are visible and transparent
  7. Respect for user privacy: user interests at the center of design

NOT PRIORITY NUMBER 1 FOR COMPANIES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Privacy enhancing Technologies

A

technical measures protecting information privacy by eliminating or minimizing personal data to prevent unnecessary or unwanted processing of personal data without losing the functionality of the information system

  • Homomorphic encryption: enables computational operations on encrypted data
  • zero knowledge proofs: allow proving possession of information without revealing the information itself or additional information (only if one knows some secret information to prove you know e.g the password)
  • communication anonymizers: replace identifiable information with non identifiable information
  • Differential privacy: allows drawing insights from data while withholding personal data (output is infeasible to recompute)

PETs are only complementary to other protection instruments ( such as regulation)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Privacy MGMT

A

survey among cops an other privacy professionals

open ended questions aiming at identifying the challenges faced by those professionals I their daily work

a total of 15 professionals participated

  • Jobs: cpos, Epos, and similiar functions
  • Participants origin: North America, Europe, —Australia
  • Large organization
  • Described a total of 46 challenges
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Challenges

A

Complexic Legislation:

Conflicts

Privacy by design

Awareness

Data management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Selected Challenges

A

rapidly EVOLVING LEGAL AND REGULATORY LANDSCAPE GLOBALLY. It is very challenging to keep track of new privacy and data protection laws, regulatory guidance and case law across multiple jurisdictions. Many senior stakeholders in other areas of the business have AN UNREALISTIC EXPECTATIONof how quickly complex questions about cross border transfers or local compliance requirements can be resolved. There is also a lack of understanding that GDPR is not the only relevant piece of legislation that regulates the processing of personal data and that many other legal regimes exist around the world

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Challenges 2

A

Perception within an organization that privacy compliance impedes innovation (new business ideas are tossed)

Ensuring sufficient resources is the biggest problem. CFO thinks everything can be done with free online resources. Budget allocating for privacy is not ensured

expectation that very small privacy data protection team will do data and privacy protection. difficult to encourage different department that they have a role to play in managing those risks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

organization centric privacy research

A
  • lack of policies gaps between policies and practice leadership vacuums on privacy issues corporate climates that inhibit discussions of privacy concerns until an external threat motivates organizations to fix these issues
  • organizations violations of Privacy regulation are more likely if violations are perceived as being associated with low risk, if organization are under economic strain or have slack resources, or if the regulations are perceived to conflict with core values of the organization
  • Organizations use different tactics to address the tensions resulting from a need to collect and use customer data on the hand and a need to protect customer privacy on the other
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

tensions and tactics

A

how do companies perceive and handle the tensions between their need to intrude customer privacy to address organizational information needs and their need to protect privacy to attract and retain customers?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Tensions Associated with Customer Data

A

T1 Trading of data against customers: Collect customer data vs win and retain customers

T2 timing the problem: collect customer data today vs collect customer data tomorrow

T3 image related costs of customer data:
collect and use customer data vs maintain corporate image

T4 losing customers due to data utilization
Increase usage variety vs. wind and retain customers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

PV (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions