Overview
Explore the challenges of implementing Data Protection by Design as a legal obligation under the GDPR in this 51-minute USENIX Security '19 conference talk. Delve into the implications for organizations processing personal data in the EU, the role of supervisory authorities, and the need for practicable criteria to assess compliance. Examine how the GDPR addresses the entire lifecycle of data processing systems and the new demands placed on privacy engineers. Consider the maturity of privacy engineering, potential gaps in existing Privacy-Enhancing Technologies (PETs), and the role of public sector procurement in advancing data protection standards. Discuss potential tools and instruments to address these challenges, including design patterns, software catalogues, toolboxes, and checklists.
Syllabus
Intro
Overview
The EDPS
GDPR family
GDPR changes
Lawful processing
DPA powers
From Privacy to Data Protection by Design
Privacy by Design
GDPR Article 25
Enforcement
EDPS tech intensive guidelines
Taught by
USENIX