Privacy and Data Protection
-
Upload
directorate-of-information-security-ditjen-aptika -
Category
Technology
-
view
772 -
download
6
description
Transcript of Privacy and Data Protection
![Page 1: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/1.jpg)
Privacy and Data Protection
Indonesia ICT Council
Prof. Dr.-Ing. Kalamullah RamliExecutive Team National ICT Council
![Page 2: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/2.jpg)
Privacy and Data Protection Principles
![Page 3: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/3.jpg)
Madrid Resolution 2009• The need for international standards on
privacy and data protection• To define a set of principles and rights
guaranteeing the effective and internationally uniform protection of privacy
• Basic principles are- Lawfulness and fairness - Proportionality- Purpose spefication - Data quality- Openness - Accountability
3
![Page 4: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/4.jpg)
Basic Principles on Privacy and Data Protection
• Lawfulness and Fairness PrinciplePersonal data must be fairly processed, respecting the applicable legislation as well as the rights freedom of individuals in conformity with the purpose and principles of the Universal Declaration of Human Rights and International Convenant on Civil and Political Rights
• Proportionality PrinciplesPersonal data should be limited to such processing as is adequate, relevant and not excessive in relation to the purpose for which it was intended
4
![Page 5: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/5.jpg)
Basic Principles on Privacy and Data Protection
• Purpose Specification Principleprocessing of personal data should be limited to the fulfilment of the specific, explicit and legitimate purpose for which it was collected
• Data Quality Principlepersonal data shall be kept accurate and up to date and not be retained beyond the period for which it was intended
5
![Page 6: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/6.jpg)
Basic Principles on Privacy and Data Protection
• Opennes Principlethe data controller shall have transparent policies with regard to processing of personal data
• Accountability Principlethe data controller shall take all the necessary measures to observe the principles and obligations set out the in the Madrid Resolution and in the applicable national legislation, and have the necessary internal mechanisms in place for demonstrating such observance both to data subjects and to the regulatory authorities
6
![Page 7: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/7.jpg)
Privacy by Design
![Page 8: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/8.jpg)
Universal Declaration of Human Rights (article 12)
8
No one shall be subjected to arbitrary interference with his privacy, family, home, or correpondence, nor to attacts upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacts
![Page 9: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/9.jpg)
Privacy by Design
9
![Page 10: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/10.jpg)
Privacy Enhancing Technology
![Page 11: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/11.jpg)
Privacy Enhancing Technology (PET)
1. Reduce the risk of contravening privacy principles and legislation
2. Minimize the amount of data held about individuals
3. Allow individuals to retain control about themselves at all time
11
![Page 12: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/12.jpg)
Technologies for Privacy Protection Measures in the Data Life Cycle
12
![Page 13: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/13.jpg)
Penutup
![Page 14: Privacy and Data Protection](https://reader033.fdocuments.in/reader033/viewer/2022061201/54798f8bb4795977098b47dc/html5/thumbnails/14.jpg)
CLOSURE• The awareness on Privacy and Data Protection
Education• Synergy (inter-ministries) on the Development of
Eletronic Privacy and Data Protection Government Regulation (Peraturan Pemerintah, PP)
• The involvement of experts, standard bodies, business representatives, and communities– International Telecommunication Union (ITU)– International Organization for Standard (ISO)– Cloud Security Alliance (CSA), COBIT, etc– MIKTI, MITI, Aspiluki, IMOCA, etc
14