Privacy, Data Protection, Identity Standards & Architecture

  •  TYPE: Track   DATES: May 15 - May 16, 2019
Conference Tracks

The EU GDPR (General Data Protection Regulation), is in force since May 25, 2018, and had a global impact not only on data privacy but on the interaction between businesses and their customers and consumers. Organizations had to review how they onboard customers and consumers and how to convince these of giving consent, but also review the amount and purposes of PII they collect. Building an identity and access management strategy is a key factor to comply with the GDPR, to manage customer identities and to help improve the business’s view of its customer and its relationship with them.

For the effective and secure Identity management platform, using proper standards, protocols and architectures are necessary. With the Increasing number of regulations and compliance issues, standardization remains an important challenge. Various open and proprietary solutions exist for tackling different challenges within an enterprise. Therefore, it is important to choose the right standard for your company depending on the business model and the necessity. For example, Federated Identity management tries to solve the problem of handling digital identities between a number different trusted domains. Although challenges such as implementation and compromised identities.

Moderators:

Tracks:

Privacy by Design

Sessions:

Use of Production Data in Test Environments

Date: Wednesday, May 15, 2019 Time: 11:00-12:00 Location: AMMERSEE I

Use of Production Data in Test Environments
Due to the requirements in GDPR, IAM professionals can no longer accept to use production data in development and test environments, which has been a common practice for many years. The presentation will focus on the GDPR requirements regarding anonymization or pseudonymization of production data, and discuss why this is almost impossible to do in IAM projects. Testing IAM solutions and cleaning data is an integral part of the presentation. Key takeaways:...

Privacy By Design as a System Design Strategy

Security and Privacy in the “When-Not-If” Era
Beyond a mere equation between risk appetite, compliance and costs, cybersecurity is becoming a matter of good corporate governance, good ethics, and quite simply – good business. The Board, which is ultimately accountable for cyber resilience, must own it and drive it as a key pillar of any firm Environmental, Social and Governance (ESG) strategy

Privacy — Do We Actually Care?

Date: Wednesday, May 15, 2019 Time: 12:00-13:00 Location: AMMERSEE I

Privacy — Do We Actually Care?
This session will highlight how we rationalize or perceive data-privacy, why we care and actually don't, and what we expect from companies when it comes to our own data.  This session will explore and explain how understanding individuals’ expectation about privacy, and the principle of behavioral economics will have an enormous impact on how companies conduct business today and more importantly, tomorrow. 

LIVE Demo of an Interoperable Personal Data Receipt Ecosystem – the Kantara Initiative Privacy Control Panel System

Privacy Governance, Data Protection & Compliance

Sessions:

GDPR - Digital Risk and the Catalyst for Global Opportunity

Date: Wednesday, May 15, 2019 Time: 14:30-15:30 Location: AMMERSEE I

GDPR - Digital Risk and the Catalyst for Global Opportunity

GDPR Compliance and IAM Services in a European Municipality
The session will be about the installation of WSO2 Identity Server and homogenization of various user stores in the municipality of Heraklion Crete in Greece. The presentation explores the situation which existed, prior to using WSO2, with multiple and heterogeneous per application user management solutions, the problems that occurred, and how they were solved. This session looks at the benefits of WSO2 Identity Server in the specific installation. They also managed to prepare...

Panel: Anonymisation and Pseudonymisation - What Is It and Why Does It Matter?

How to Turn Privacy and Data Protection Regulations into a Competitive and Trust-Building Advantage

Date: Wednesday, May 15, 2019 Time: 15:30-16:30 Location: AMMERSEE I

How to Turn Privacy and Data Protection Regulations into a Competitive and Trust-Building Advantage

The Ripple Effect of GDPR in North America: What’s Ahead of us with CCPA?

Spartacus as a Service (SaaS): Privacy Through Obfuscation and the Right to Be Forgotten

Consumer Consent - The Make or Break of your PSD2 Compliance Implementation

Date: Wednesday, May 15, 2019 Time: 17:30-18:30 Location: AMMERSEE I

Consumer Consent - The Make or Break of your PSD2 Compliance Implementation

Panel: Consent Lifecycle Management as Necessity for Your GDPR & PSD2 Compliance
Consent Management continues to be a hot topic for many organizations, especially for those who store and process customer data. This Panel will discuss why a core requirement for being compliant with regulations like GDPR or PSD2 is a strategy for the Lifecycle of Consumer Consent and what consent management features do you need.

Can MyData Solve Post-GDPR Consent Management?

Identity Standards & Architectures I

Sessions:

Establishing an European Digital Identity Network Based on Trust and Standards

Date: Thursday, May 16, 2019 Time: 11:00-12:00 Location: AMMERSEE I

Establishing an European Digital Identity Network Based on Trust and Standards
Digital ID is a key control point in the digital economy. The barriers for registration and (strong) authentication of customers must be broken down so the best services will win. Currently hyper platforms dominate the ID market at the expense of user sovereignty. How can we return data sovereignty to the user and enable companies to create more innovative business models with a safe and fair usage of ID data? We need to create a European network for digital identities based on mutual trust...

As the World Turns: Real-World Identity Relationships Driving Data Decisioning
A massive new identity system-of-systems is emerging. Billions of previously isolated devices and cloud-native microservices are joining this digital ecosystem to serve organizations and individuals. In the meantime, many relationships in the real world can change in an instant, from device/user pairings and unpairings to business contract formations to marriages and divorces. Business decisions need to be made in near-real-time about everything: not just authorized access but consented...

The OpenID Connect Self-Certification Program

Date: Thursday, May 16, 2019 Time: 12:00-13:00 Location: AMMERSEE I

The OpenID Connect Self-Certification Program
The OpenID Foundation has created a test and self-certification program for OpenID Connect protocol implementations to stimulate interoperability, deployment and robustness of these implementations. This presentation provides an introduction into the OpenID Foundation and the OpenID Connect self-certification program and will cover the following topics: - what is the OpenID Foundation and how does it compare to other standardization organizations - what is OpenID Connect self-certification...

OAuth 2.0 Security Reinforced
The OAuth working group recently decided to discourage use of the implicit grant. But that’s just the most prominent recommendation the working group is about to publish in the upcoming OAuth 2.0 Security Best Current Best Practice (https://tools.ietf.org/html/draft-ietf-oauth-security-topics), which will elevate OAuth security to the next level. The code flow shall be used with PKCE only and tokens should be sender constraint to just mention a few. Development of this enhanced...

Panel: Next Generation Authentication
Guaranteeing maximum security while providing your users with a frictionless experience is a persistent challenge. The more we shift into the digital environment, the more it requires every business to pay critical attention to user experience as boosting customer satisfaction by providing better usability and accessibility in the interaction with every aspect of a product is crucial. This is where next-generation authentication comes into play, decreasing disparities between security and...

Identity Standards & Architectures II

Sessions:

A Digital Society Needs a Digital ID

Date: Thursday, May 16, 2019 Time: 14:30-15:30 Location: AMMERSEE I

A Digital Society Needs a Digital ID
Our world is becoming more digital and more mobile every day. The sensitivity of information being exchanged online grows rapidly and data privacy is a real concern to many people. How are we facing new challenges to keep pace with today's digital transformation? Getting rid of all paper flows, taking KYC-process to the next level, improve customers’ experience, introduce a safer way to login and confirm transactions, be compliant with EU regulations and PSD2.  Creating a digital...

How to Write a Good IAM Request for Proposal (RFP)
Do you want to hear how we read your RFP’s? As an IAM implementer, PwC reads many RFP’s and wonder why the clients put together the RFP’s  like  they do. In many  cases  clients write requirements which can’t be solved by standard IAM solutions on the market without customization, but  still  require that the solution should be as standard as possible. Or ask for testing that will cost a fortune, but require  low  price. The...

Using eIDAS to Drive Mass Adoption of Identity Solutions
With over 750.000  itsme  accounts being created in the first 19 months after the product launch in the small Belgian market, it is clear that the  itsme  Mobile Identity solution is getting mass adoption. Several key success factors were required to get there: the right consortium; a correct mix of product characteristics with appeal for each stakeholder (verified identity, privacy,  user friendliness , security); the setup of a strong ecosystem; but certainly also...

Digital Identity: A Prerequisite for Financial Inclusion and Good Governance? Lesotho Experiences Linking Foundational ID with Functional ID

Date: Thursday, May 16, 2019 Time: 15:30-16:30 Location: AMMERSEE I

Digital Identity: A Prerequisite for Financial Inclusion and Good Governance? Lesotho Experiences Linking Foundational ID with Functional ID

Making Standards Work in the Real World – Examples from Canada and Scotland
Standards are needed establish interoperable, ubiquitous and inclusive digital identity ecosystems. However, standards suggest that everyone's requirements are the same when they are not. Regulations, customer demographics and existing systems all determine what make work for an organisation. Different sectors, organisations and even services within an organisation can all be different. And yet there is a pressing need for standardisation in order to be able to realise the benefits of...

Canada's True North Strategy for Establishing Interoperability of Third Party Networks For Identity
Identity is best solved by a village that connects the best capabilities of the public and private sectors to grow economic opportunities. Governments hold the "book of names" for people and organizations that sets a legal foundation for identity verification. People and organizations perform most of their transactions outside of government contexts. These transactions form the basis of functional or "street" identity. The private sector needs to rely on the public sector for legal identity...

Developing National Digital Identity Initiatives & Ecosystem in the UK - Successes, Challenges & Learnings

Date: Thursday, May 16, 2019 Time: 17:00-18:00 Location: AMMERSEE I

Developing National Digital Identity Initiatives & Ecosystem in the UK - Successes, Challenges & Learnings
A perspective on the importance of understanding the needs of customers and users, and how the UK has broadened its national model as the social, economic, political and risk landscape has change markedly in the last 5 years. The UK government originally invested in the development of a digital identity initiative to enable citizens to prove their identity to log into government services. It has now broadened its strategy, its understanding of who its customers are, to focus on...

Panel: Myth Busting with ID Crowd and Friends
Synopsis: Since the days of our early ancestors, new frontiers have always been associated with myths, be them dragons, demons or wizards. The world of digital identity is no different, our twitter timelines are full jargon, acronyms and confusing terminology. Much of this is helpful but once in a while a misinformed opinion can take root and spread around the world before the facts have had a chance to get their boots on. This panel will debunk some common myths and...

Quick Links

Stay Connected

Information

Munich, Germany

Congress

European Identity & Cloud Conference 2019

Language:
English
Registration fee:
€2100.00 $2625.00 S$3360.00 23100.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • May 14 - 17, 2019 Munich, Germany

Partners

The European Identity & Cloud Conference 2019 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00