GDPR Compliance for Your Datastore
A presentation at Øredev Developer Conference in in Malmö, Sweden by Philipp Krenn
Who likes GDPR? @xeraa
Who is afraid of GDPR? @xeraa
“Can you recommend a GDPR expert? Yes! Great, can you give me their email address so I can contact them? No.” https://twitter.com/wardrox/status/988363811479572483 @xeraa
Questions: https://sli.do/xeraa Answers: https://twitter.com/xeraa @xeraa
General Data Protection Regulation Adopted 2016/04/14 Enforceable 2018/05/25 @xeraa
DatenschutzGrundverordnung Fines up to 4% of global revenues or €20m @xeraa
Where & Who? EU organizations Services or goods for / monitoring of EU citizens @xeraa
What? Personal Data Any information relating to an identified or identifiable natural person @xeraa
Rights? to be informed access rectification @xeraa
Rights? erasure (to be forgotten) restrict processing data portability @xeraa
Rights? object automatic decision making @xeraa
PS: Personal data in a blockchain is an issue @xeraa
Lawful use of data? Informed consent Contractual obligation Legitimate interest @xeraa
Lawful use of data? Legal obligation Vital interests Public task @xeraa
Proof Required Right to collect and legally use @xeraa
Disclosure Within 72 hours to a member state’s "supervisory body" @xeraa
Legacy Data Stop, Check, Delete @xeraa
What if no legal grounds? @xeraa
“More GDPR bizarro world logic. Log nothing, but also make sure to have a complete understanding of all your security breaches, track them down, patch them up…. with no logs.” https://twitter.com/ianlandsman/status/997561351009599488 @xeraa
- Stop Your Service @xeraa
@xeraa
@xeraa
@xeraa
@xeraa
- Drown them in forms @xeraa
https://twitter.com/rianjohnson/status/999730569641525248
- Pseudonymization @xeraa
Anonymous No information that could potentially identify an individual Not considered Personal Data by GDPR @xeraa
Pseudonymous Re-identification possible if combined with additional information Without this information, reidentification practically impossible @xeraa
When? Ingestion time Search time @xeraa
Developer @xeraa
@xeraa
@xeraa
fingerprint { method => "SHA256" source => ["ip"] key => "${FINGERPRINT_KEY}" } mutate { add_field => { '[identities][0][key]' => "%{fingerprint}" '[identities][0][value]' => "%{ip}" } } mutate { replace => { "ip" => "%{fingerprint}" } } @xeraa
How Secure Are Hashes? Without salting @xeraa
“You might think it would take a long time to run through all of the possible SSNs, but computers are very fast — there are "only" one billion possible SSNs, so your laptop can hash all of them in less time than it takes you to get a cup of coffee.” https://www.ftc.gov/news-events/blogs/techftc/2012/04/does-hashing-make-dataanonymous @xeraa
“Datafinder – Reverse email hashes for $0.04 per email” https://freedom-to-tinker.com/2018/04/09/fourcents-to-deanonymize-companies-reverse-hashedemail-addresses/ @xeraa
Access Control & Encryption @xeraa
Deletion @xeraa
“Interesting #GDPR solution for the "right to erasure" : Encrypt all user's data and when you have to delete it you just get rid of the private key. Will this become the norm?” https://twitter.com/Stephan007/status/985103374118014976 @xeraa
“[...] personal data of our users can only be persisted when it is encrypted. Each user has their own set of keys [...] it reduces the impact of leaking a dataset, since the dataset by itself is useless — attackers also need the decryption keys. [...] it allows us to control the lifecycle of data for individual users centrally.” https://labs.spotify.com/2018/09/18/scalable-user-privacy/ @xeraa
Conclusion @xeraa
Data Protection The new standard and norm of approaching personal data @xeraa
I am not a lawyer @xeraa
❤ GDPR and carry on @xeraa
@xeraa
Questions? Philipp Krenn @xeraa @xeraa
- What is the GDPR and what does it actually mean for your business?
- What are your options for storing data — including not storing information and securing it?
- What are some of the hands-on steps to take for example with logs that your applications are collecting?
The General Data Protection Regulation (GDPR) is changing how you can handle data in Europe. But what does this actually mean? The first part of this talk gives an overview of the implications of GDPR, which affects every software project with a European relation. That includes users' right to see, edit, and export their data, the right to be forgotten,... The second part takes a look at what this means for actual software projects with the specific use-case of logging. The main focus here is how to stay GDPR compliant while still being able to use the data for security and operation aspects.
Disclaimer: This talk does not replace legal advice or a deeper examination of the topic. It is just a general overview.
Buzz and feedback
Here’s what was said about this presentation on social media.
