The privacy notices and rights information, or lack of it, comprise what is becoming the public profile of an organization's privacy transparency or Public Privacy 1.0. The GDPR, coming into force on May 25th 2018, is the Y2K of privacy transparency, as services ‘data controllers and processors’ need to be transparent over data processing or risk being liable for non compliance, less trustworthy and less competitive. This presentation proposed to cover Privacy Transparency & Consent. It will cover how IdM systems need to be transparent. Delving into the standards and data sources that are used to make privacy and notice systematically, usable, transparent and public.
Privacy notices and rights information, or lack of it, by default comprises an organization’s public privacy profile. How to build, measure and leverage organizational privacy transparency is the goal and critical outcome of Public Privacy 2.0.
Privacy 1.0 is self regulation based on privacy policies. Privacy 2.0 is transparency at a machine readable and granular level, along with options for control.
The GDPR sets the stage for the ongoing performance of privacy transparency. As services ‘data controllers and processors’ need to be transparent about data processing.
The risk is that their privacy transparency and organizational performance is deemed non compliant, untrustworthy and less competitive, translating into fines, lost customer and revenue and brand equity.
Join this session to learn about standards for privacy rights, transparency, consent, and control as they relate to identity systems and interoperability.
The GDPR takes away ownership and control of personal data from businesses and gives it back to consumers, where it belongs. Siloed personal data under our existing and outdated model benefits no-one, not those who create it, or those who would like access to it for innovation. But returning that data to the consumer for them to own and control opens up a whole new world of fully consented and GDPR-compliant sharing, where innovation across all industries can flourish from the mass of accurate data available. A true win-win situation.
Key Takeaways:
The concept of a personal data store, as a means of providing the individual with control over their personal data, has existed for many years but to date there has been no significant adoption of such solutions. Personal data stores are starting to feature prominently in leading self-sovereign and consumer centric digital identity initiatives. So what has changed? This presentation will define what a personal data store is (and importantly what it is not), discuss the value personal data stores bring the digital identity ecosystem and also the limitations.
Key Takeaways: