Magali Feys, Chief Strategist - Ethical Data Use at Anonos speaks at PrivSec London on Ethical Data Use

Presentation Transcript
 
I'm Maggie Feys. I am Chief Strategist Ethical Data Use with Anonos. And I also have a private practice as a tech lawyer. I specialized in IP, IT, and data protection.
What are the priority areas for data professionals to address as they bid to develop cyber security and privacy within an organization?
They have been stressing on, and that's okay, on security. But I think also the time now has come to see that also data protection by design and by default must be there and so that when we are innovative, that we also have to be innovative when it comes down to privacy and data protection.
How do you think organisations can improve collaboration between Data Protection and cyber security teams?
I never liked the approach that GDPR or whatever is coming, and to frighten people. I think if you make it into a positive endeavor that you will really get people around the table. Make sure that people also understand because cyber security, sometimes it's really technical. And if it's not laid down in layman terms, then I think for people it's just not their thing, where in their daily basis they have to think about. So I think, first of all, the awareness and then make sure that you have different teams around the table, so that it doesn't become only an IT project, but it's really an intertwined project throughout the entire company.
What do you think are the main compliance challenges organisations face and what steps do you think they can take to help resolve them?
If you have, for example, with regard to GDPR, if you have a good action plan, and we, for example, we divided it in 10 steps, then each steps is easy embraceable and takeable. Then of course, it also comes down, I think the legal stuff is actually quite easy to get around. There are, of course, some exceptions that will have or need some creative thinking and analysis. But I think when it also come down to the technical part that really, companies must do their best now also to comply with that on a technical level, and implement also the technical parts. And when it comes down to cyber security, I think a lot of companies or controllers, they really stress on “you have to be ISO certified”. I think in some of the sectors, it does make sense. But when working, for example, with startups, I think you need to also do a balancing, and the way that the balance is between, is this appropriate for this company to work with.
Are consumers waking up to the value of personal data and the importance of keeping it secured?
My generation and the generation if I can say so behind me is doing so because yeah, we were brought up with computers in the digital age. And we do understand also the dangers. I think also once again, we have much more in schools, they're stressing on awareness sessions. So there, with that, my generation and the generation behind me, we really see that they start, that they care, and that they make conscious decisions on how they, they want to, for example, share their data by using cookies and things like that.

When it comes to other generations or other people there, I see that honestly, they do not, they aren't that aware, but also because I think they do not understand. And I say that with all due respect, but they don't see the entire danger behind and the ways of, for example, in AD tech - data transfer, and data process, and real time bidding happens. And I think a lot of people still think that, for example, the fact that they receive ads on their Facebook profiles, that is sort of coincident, or it was because she just went to that site, but they have no idea of the entire process behind that. And we see that a lot when people come down with I don't have anything to hide. And I don't think that data protection or privacy is about what you want to hide or not want to hide. But it's the fact indeed what companies, banks, for example, or ad tech companies can do with your data. And if we don't get aware, and don't push them into the fact that they have to be ethical about it. That can be, of course, it can have some consequences. And I don't think everybody is that aware.
What are your future predictions within your industry for data protection and cyber security?
I think when they're introduced to it and then say to the main public, GDPR, now, we see a shift into people, because they also become aware through the fact that they have to do it within the company, and all of a sudden they are a part of GDPR compliance group within the company. So you get that awareness little by little. And also now with a lot of the hacking incidents happening. We also now are stressing on cyber security, where I think two years ago, people weren't only talking about cyber crime when it came down to the criminal activities or something. But cyber security wasn't some word that was that mainly used, and now people are really starting to see that this is a main focus and I think we have a work cut out for us from a legal perspective and ethical perspective and a technical perspective, in order to embrace innovation and always keep along with the legal, the code of conduct, the ethical principles ahead of our time because the days of legislation running behind innovation and technology that should be over.
CLICK TO VIEW CURRENT NEWS

Are you facing any of these 4 problems with data?

You need a solution that removes the impediments to achieving speed to insight, lawfully & ethically

Roadblocks
to Insight
Are you unable to get desired business outcomes from your data within critical time frames? 53% of CDOs cannot achieve their desired uses of data. Are you one of them?
Lack of
Access
Do you have trouble getting access to the third-party data that you need to maximise the value of your data assets? Are third-parties and partners you work with worried about liability, or disruption of their operations?
Inability to
Process
Are you unable to process data due to limitations imposed by internal or external parties? Do they have concerns about your ability to control data use, sharing or combining?
Unlawful
Activity
Are you unable to defend the lawfulness of your current data processing activities, or data processing you have done in the past?
THE PROBLEM
Traditional privacy technologies focus on protecting data by putting it in “cages,” “containers,” or limiting use to centralised processing only. This limitation is done without considering the context of what the desired data use will be, including decentralised data sharing and combining. These approaches are based on decades-old, limited-use perspectives on data protection that severely minimise the kinds of data uses that remain available after controls have been applied. On the other hand, many other new data-use technologies focus on delivering desired business outcomes without considering that roadblocks may exist, such as those noted in the four problems above.
THE SOLUTION
Anonos technology allows data to be accessed and processed in line with desired business outcomes (including sharing and combining data) with full awareness of, and the ability to remove, potential roadblocks.