Don’t trust infrastructure

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 11 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. A common way to take security and privacy measurements to comply with the GDPR is to use secure services and trusted infrastructure components. Continue reading “Don’t trust infrastructure”

Privacy Threat Modeling

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 12 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. To design systems with a low risk profile for privacy and security risks a good tool is to use thread modeling. Continue reading “Privacy Threat Modeling”

Metadata Anonymisation

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 13 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. A complicating factor is that in many documents you store and process private data can be hidden without you knowing. Continue reading “Metadata Anonymisation”

Every Move You Make

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 14 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But even harder for Internet users is to be invisible using Internet communication when it mattes. Continue reading “Every Move You Make”

GDPR: Use a Privacy Reference Model

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 15 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But using a Privacy Reference Model will help. Continue reading “GDPR: Use a Privacy Reference Model”

Privacy Benchmark your site

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 16 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But before you are done it is advised that you perform a view simple privacy tests. Especially on your website(s). Continue reading “Privacy Benchmark your site”

The good and easy way: ‘Privacy by design’ design patterns

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 17 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. To be compliant with the GDPR you must apply to article 25 “Data protection by design and by default“. Also known as ‘Privacy by design‘. But applying this approach can be complex and time consuming. Continue reading “The good and easy way: ‘Privacy by design’ design patterns”

GDPR: Pseudonymization or Anonymization

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 18 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward when dealing with data masking.  Continue reading “GDPR: Pseudonymization or Anonymization”

The Web never forgets: The right to be forgotten

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 19 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward. The GDPR introduces a right for individuals to have personal data erased. This right to erasure is also known as ‘the right to be forgotten’. Continue reading “The Web never forgets: The right to be forgotten”

The rise and fall of the DPO (Data Protection Officer)

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 20 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward. The 261 pages long is not known for its clarity. There is e.g. some confusion on the DPO. Continue reading “The rise and fall of the DPO (Data Protection Officer)”