SlideShare a Scribd company logo

Open Source, Python based Privacy Engineering Tools

Cillian Kieran
Cillian Kieran

Presentation for #PyConUS2022 about Fides, the open-source, Python based privacy engineering platform. This presentation covers: 1. An overview of #privacyascode - The challenges of data privacy for engineering teams - How privacy-as-code can solve this 2. Getting started with Fides privacy engineering platform - Summary of Fides - Configuration and getting started - The Fides privacy taxonomy - Core Fides resources and concepts 3. Automating policy checks in your CI pipeline - Describing a systems privacy behavior - Declaring a dataset in Fides - Checking policies as part of your CI pipeline 4. Automated data subject rights (DSR) in your production runtime - Processing a data subject request (DSR) - Modifying a dataset and reflecting this in the runtime data model - Executing a new request in production against the updated model

Engineering
1 of 45
Download to read offline
@cillian
@cillian Today # What is Privacy-as-code # Overview of Fides # Use case 1: checking policies in CI # Use case 2: automating data rights requests
@cillian Privacy is a fundamental Human Right.
@cillian Privacy is really complicated.
@cillian Privacy today is considered after software is shipped, leading to pain for developers and lawyers. Privacy Software Development
@cillian Privacy today is considered after software is shipped, leading to pain for developers and lawyers. Privacy Software Development from Data Discovery Data Mapping Privacy Review Consent & Rights
@cillian New laws like GDPR, CCPA, and PIPL require privacy to be at the core of every system: “Privacy by Design”
@cillian These laws create tremendous complexity for engineers. Data Discovery Data Mapping DPIA Privacy Review DSR Consent Data Categories Data Purposes
@cillian Tools to add privacy to software development #privacyascode
@cillian Front End Back End Database Version Control Infrastructure as code Privacy-as-code Privacy-as-code are tools that make it effortless for developers to implement Privacy by Design
@cillian Open-source developer tools for Privacy By Design in any tech stack. A set of tools built in Python to help engineers and data teams ship privacy-compliant systems effortlessly. License License Apache 2 Apache 2 License License CC BY 4.0 CC BY 4.0
@cillian DEPLOYMENT CODE MANAGEMENT (SDLC) PRIVACY IN SDLC Privacy as Code, Risk Analysis & Reporting PRIVACY OPERATIONS User Data Rights, Consent Enforcement & Reporting With Fides, developers have tools to shift privacy left and solve complex privacy challenges at their source. RUNTIME (DATA QUERIED) How can we prevent privacy risk when our product is being built? “ How can we dynamically define 
 and enforce user privacy rights? LEGAL TEAM “
@cillian fidesctl Mgmt tool to validate fideslang and evaluate policy in CI pipeline. fidesops fideslang Description language and taxonomy to describe privacy as code. Data orchestration tool to automate privacy rights requests.
@cillian lang A description language that supports GDPR, CCPA, LGPD and ISO 19944. In other words: easily describe personal data in all systems. Explorer fid.es/taxonomy
@cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Categories 
 “What” type of data am I processing user.provided.identifiable.contact
@cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Subjects 
 “Who” is the owner of the data - user - customer - patient
@cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Uses 
 “How” is the data being used personalize.system
@cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Qualifier 
 How re-identifiable a person is aggregated.anonymized
@cillian fid.es/taxonomy
@cillian # Light-weight declarative language # Dot notation (mostly) # YAML in your projects (inline declarations coming soon) Fides Declarations # System operations data # User provided email address system.operations user.provided.identifiable.contact.email
@cillian Fides Primitives Organizations 
 1. Represents all or any part of an organization. 2. Establishes the root of the resource hierarchy. 3. Organizations are unique, i.e. you cannot reference other organization scopes. # Organizations # Systems # Datasets # Policies
@cillian # Organizations # Systems # Datasets # Policies Fides Primitives Systems 
 1. Represents the privacy properties of a single project, services, codebase or application. 2. Describes the categories of data being processed and use of the data in the system.
@cillian # Organizations # Systems # Datasets # Policies Fides Primitives Datasets 
 1. Represent any location data is stored; databases, data warehouses or other stores. 2. You can declare individual fields of data and describe the types of data they are storing.
@cillian # Organizations # Systems # Datasets # Policies Fides Primitives Policies 
 1. Represents a set of rules that a system must adhere to — your privacy policy as code. 2. Fidesctl evaluates these policies against system/dataset declarations for compliance.
@cillian # What type of data your application processes (data_category) # How your system uses that data (data_use) # What policies you want your system to adhere to # And more! Using Fides, you can describe…
@cillian # Developer tools # Pushing Privacy Left # Compliance checks in CI/CD pipelines # Runtime Application # Manage and automate Data Subject Requests to comply with GDPR et al.
@cillian @cillian Use Case 1 Policy Enforcement in Development
@cillian @cillian Fidesctl Database Fidesctl Webserver CI Pipelines Local CLI Components
@cillian @cillian Config docs fid.es/config Getting Started: Configuration Github repo fid.es/ctl [cli] server_url = “http://fidesctl:8080" [api] database_url = “postgresql+psycopg2://postgres:fidesctl@fidesctl-db:5423/fidesctl" 
 test_database_url = “postgresql+psycopg2://postgres:fidesctl@fidesctl-db:5423/fidesctl_test" log_destination = “” log_level = “INFO” log_serialization = “”
@cillian @cillian Getting Started: Commands # fidesctl -h fid.es/commands annotate Annotate fidesctl resource types. apply Validate local manifest files and persist any changes via the API server. db Database utility commands. delete Delete a resource on the server. evaluate Compare your System's Privacy Declarations with your Organization's Policies. export Export fidesctl resource types generate Generate fidesctl resource types get View a resource from the server as a JSON object. init Initializes a Fidesctl instance, creating the default directory. scan Scan external resource coverage against fidesctl resources
@cillian CNIL Docs bit.ly/cnil-pia
@cillian Privacy Dev Tools: Check Policy in CI # What type of data we’re processing and storing # What we’re doing with that data in our system # Check it against the policies set by our organization # Maintain an audit trail of evaluations
@cillian @cillian Use Case 2 Programmatic Data Rights Requests
Data Subject Access Requests look like this…
PROCESSING INFR/DEV OPS DATA PRIVACY 3rd PARTY APPLICATIONS DATA SOURCES COMPLIANCE CHECK PRIVACY, ENG, DATA JIRA/TICKETING WORKFLOW FRONTLINE CUSTOMER SERVICE SUPPORT TEAMS LETTERS, EMAILS, TICKETING & SUPPORT SYSTEMS TICKET/SUPPORT USER SUBJECT
@cillian Privacy Dev Tools: Automation Data Request # Construct a request policy # Retrieve data and collate data across systems # Make a development change that affects the data model # Re-run the request to see dev change reflected in model
@cillian Privacy Dev Tools: Summary # Described our system’s personal data characteristics # Run evaluations in CI to know we’re complying with policies # Automated retrieval of user data across systems # Automatically update requests against dev changes
@cillian @cillian Helpers: Simplifying Privacy Many helpers for simplifying privacy on the way… # ML classifier to automate dataset labeling/annotation # UI for better visual management of the data map and taxonomy # Roadmap tackles each major privacy engineering problem
@cillian Conclusion Privacy Engineering Platform
@cillian We’ve covered # What is Privacy-as-code # Overview of Fides # Use case 1: checking policies in CI # Use case 2: automating data rights requests
@cillian Fides is a free, open-source Python project on Github Up and running in 15 mins with the quick-start engineering guide Great documentation and Fides slack community to support you Easy to get your team using Fides
@cillian Open-source developer tools for privacy. Thank you. Comments, Issues, PRs welcome! License License Apache 2 Apache 2 License License CC BY 4.0 CC BY 4.0 fid.es/join fid.es/pycon2022
@cillian Appendix
@cillian
@cillian

Recommended

Embedding Privacy by Design Into Data Infrastructure
Embedding Privacy by Design Into Data InfrastructureEmbedding Privacy by Design Into Data Infrastructure
Embedding Privacy by Design Into Data InfrastructureCillian Kieran
 
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD ProcessCillian Kieran
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Steven Meister
 
IAPP PSR 2022: How do you engineer DSAR for Complexity?
IAPP PSR 2022: How do you engineer DSAR for Complexity?IAPP PSR 2022: How do you engineer DSAR for Complexity?
IAPP PSR 2022: How do you engineer DSAR for Complexity?Cillian Kieran
 
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DevOps.com
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analyticsMarc Vael
 
Lessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idLessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idDavid Kelts, CIPT
 
Data quality and data profiling
Data quality and data profilingData quality and data profiling
Data quality and data profilingShailja Khurana
 

Recommended

Embedding Privacy by Design Into Data Infrastructure
Embedding Privacy by Design Into Data InfrastructureEmbedding Privacy by Design Into Data Infrastructure
Embedding Privacy by Design Into Data InfrastructureCillian Kieran
 
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD Process
#DEVWEEK2020 Data Privacy in the Tech Stack & CI/CD ProcessCillian Kieran
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Steven Meister
 
IAPP PSR 2022: How do you engineer DSAR for Complexity?
IAPP PSR 2022: How do you engineer DSAR for Complexity?IAPP PSR 2022: How do you engineer DSAR for Complexity?
IAPP PSR 2022: How do you engineer DSAR for Complexity?Cillian Kieran
 
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DBAs - Is Your Company’s Personal and Sensitive Data Safe?DevOps.com
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analyticsMarc Vael
 
Lessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idLessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idDavid Kelts, CIPT
 
Data quality and data profiling
Data quality and data profilingData quality and data profiling
Data quality and data profilingShailja Khurana
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your InformationAIIM International
 
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredCountdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredPrecisely
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Overview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxOverview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxgerardkortney
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safeALI ANWAR, OCP®
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureDataWorks Summit
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Personally Identifiable Information Protection
Personally Identifiable Information ProtectionPersonally Identifiable Information Protection
Personally Identifiable Information ProtectionPECB
 
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareExplore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareKonverge Technologies Pvt. Ltd.
 
Trends in Data Modeling
Trends in Data ModelingTrends in Data Modeling
Trends in Data ModelingDATAVERSITY
 
Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Albert Hoitingh
 
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceeBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceKim Cook
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Ragnar Heil
 
How Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceHow Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceCloudera, Inc.
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesPrabhanshu Chaturvedi
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 

More Related Content

Similar to Open Source, Python based Privacy Engineering Tools

Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your InformationAIIM International
 
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredCountdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredPrecisely
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Overview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxOverview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxgerardkortney
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureDataWorks Summit
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Personally Identifiable Information Protection
Personally Identifiable Information ProtectionPersonally Identifiable Information Protection
Personally Identifiable Information ProtectionPECB
 
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareExplore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareKonverge Technologies Pvt. Ltd.
 
Trends in Data Modeling
Trends in Data ModelingTrends in Data Modeling
Trends in Data ModelingDATAVERSITY
 
Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Albert Hoitingh
 
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceeBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceKim Cook
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Ragnar Heil
 
How Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceHow Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceCloudera, Inc.
 

Similar to Open Source, Python based Privacy Engineering Tools (20)

Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
 
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredCountdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Overview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docxOverview of Database Security Manisha R.Shinde Radhai.docx
Overview of Database Security Manisha R.Shinde Radhai.docx
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safe
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant Architecture
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & Sensitivity
 
Personally Identifiable Information Protection
Personally Identifiable Information ProtectionPersonally Identifiable Information Protection
Personally Identifiable Information Protection
 
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareExplore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
 
Trends in Data Modeling
Trends in Data ModelingTrends in Data Modeling
Trends in Data Modeling
 
Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021
 
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
Denodo’s Data Catalog: Bridging the Gap between Data and Business (APAC)
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015
 
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceeBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data Governance
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
 
How Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceHow Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR compliance
 

Recently uploaded

Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesPrabhanshu Chaturvedi
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Call Girls in Nagpur High Profile
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college projectTonystark477637
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdfKamal Acharya
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfankushspencer015
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfKamal Acharya
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 

Recently uploaded (20)

Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and Properties
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdf
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 

Open Source, Python based Privacy Engineering Tools

  • 2. @cillian Today # What is Privacy-as-code # Overview of Fides # Use case 1: checking policies in CI # Use case 2: automating data rights requests
  • 3. @cillian Privacy is a fundamental Human Right.
  • 5. @cillian Privacy today is considered after software is shipped, leading to pain for developers and lawyers. Privacy Software Development
  • 6. @cillian Privacy today is considered after software is shipped, leading to pain for developers and lawyers. Privacy Software Development from Data Discovery Data Mapping Privacy Review Consent & Rights
  • 7. @cillian New laws like GDPR, CCPA, and PIPL require privacy to be at the core of every system: “Privacy by Design”
  • 8. @cillian These laws create tremendous complexity for engineers. Data Discovery Data Mapping DPIA Privacy Review DSR Consent Data Categories Data Purposes
  • 9. @cillian Tools to add privacy to software development #privacyascode
  • 10. @cillian Front End Back End Database Version Control Infrastructure as code Privacy-as-code Privacy-as-code are tools that make it effortless for developers to implement Privacy by Design
  • 11. @cillian Open-source developer tools for Privacy By Design in any tech stack. A set of tools built in Python to help engineers and data teams ship privacy-compliant systems effortlessly. License License Apache 2 Apache 2 License License CC BY 4.0 CC BY 4.0
  • 12. @cillian DEPLOYMENT CODE MANAGEMENT (SDLC) PRIVACY IN SDLC Privacy as Code, Risk Analysis & Reporting PRIVACY OPERATIONS User Data Rights, Consent Enforcement & Reporting With Fides, developers have tools to shift privacy left and solve complex privacy challenges at their source. RUNTIME (DATA QUERIED) How can we prevent privacy risk when our product is being built? “ How can we dynamically define 
 and enforce user privacy rights? LEGAL TEAM “
  • 13. @cillian fidesctl Mgmt tool to validate fideslang and evaluate policy in CI pipeline. fidesops fideslang Description language and taxonomy to describe privacy as code. Data orchestration tool to automate privacy rights requests.
  • 14. @cillian lang A description language that supports GDPR, CCPA, LGPD and ISO 19944. In other words: easily describe personal data in all systems. Explorer fid.es/taxonomy
  • 15. @cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Categories 
 “What” type of data am I processing user.provided.identifiable.contact
  • 16. @cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Subjects 
 “Who” is the owner of the data - user - customer - patient
  • 17. @cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Uses 
 “How” is the data being used personalize.system
  • 18. @cillian Fides Taxonomy # Data Categories # Data Subjects # Data Uses # Data Qualifiers Data Qualifier 
 How re-identifiable a person is aggregated.anonymized
  • 20. @cillian # Light-weight declarative language # Dot notation (mostly) # YAML in your projects (inline declarations coming soon) Fides Declarations # System operations data # User provided email address system.operations user.provided.identifiable.contact.email
  • 21. @cillian Fides Primitives Organizations 
 1. Represents all or any part of an organization. 2. Establishes the root of the resource hierarchy. 3. Organizations are unique, i.e. you cannot reference other organization scopes. # Organizations # Systems # Datasets # Policies
  • 22. @cillian # Organizations # Systems # Datasets # Policies Fides Primitives Systems 
 1. Represents the privacy properties of a single project, services, codebase or application. 2. Describes the categories of data being processed and use of the data in the system.
  • 23. @cillian # Organizations # Systems # Datasets # Policies Fides Primitives Datasets 
 1. Represent any location data is stored; databases, data warehouses or other stores. 2. You can declare individual fields of data and describe the types of data they are storing.
  • 24. @cillian # Organizations # Systems # Datasets # Policies Fides Primitives Policies 
 1. Represents a set of rules that a system must adhere to — your privacy policy as code. 2. Fidesctl evaluates these policies against system/dataset declarations for compliance.
  • 25. @cillian # What type of data your application processes (data_category) # How your system uses that data (data_use) # What policies you want your system to adhere to # And more! Using Fides, you can describe…
  • 26. @cillian # Developer tools # Pushing Privacy Left # Compliance checks in CI/CD pipelines # Runtime Application # Manage and automate Data Subject Requests to comply with GDPR et al.
  • 27. @cillian @cillian Use Case 1 Policy Enforcement in Development
  • 29. @cillian @cillian Config docs fid.es/config Getting Started: Configuration Github repo fid.es/ctl [cli] server_url = “http://fidesctl:8080" [api] database_url = “postgresql+psycopg2://postgres:fidesctl@fidesctl-db:5423/fidesctl" 
 test_database_url = “postgresql+psycopg2://postgres:fidesctl@fidesctl-db:5423/fidesctl_test" log_destination = “” log_level = “INFO” log_serialization = “”
  • 30. @cillian @cillian Getting Started: Commands # fidesctl -h fid.es/commands annotate Annotate fidesctl resource types. apply Validate local manifest files and persist any changes via the API server. db Database utility commands. delete Delete a resource on the server. evaluate Compare your System's Privacy Declarations with your Organization's Policies. export Export fidesctl resource types generate Generate fidesctl resource types get View a resource from the server as a JSON object. init Initializes a Fidesctl instance, creating the default directory. scan Scan external resource coverage against fidesctl resources
  • 32. @cillian Privacy Dev Tools: Check Policy in CI # What type of data we’re processing and storing # What we’re doing with that data in our system # Check it against the policies set by our organization # Maintain an audit trail of evaluations
  • 34. Data Subject Access Requests look like this…
  • 35. PROCESSING INFR/DEV OPS DATA PRIVACY 3rd PARTY APPLICATIONS DATA SOURCES COMPLIANCE CHECK PRIVACY, ENG, DATA JIRA/TICKETING WORKFLOW FRONTLINE CUSTOMER SERVICE SUPPORT TEAMS LETTERS, EMAILS, TICKETING & SUPPORT SYSTEMS TICKET/SUPPORT USER SUBJECT
  • 36. @cillian Privacy Dev Tools: Automation Data Request # Construct a request policy # Retrieve data and collate data across systems # Make a development change that affects the data model # Re-run the request to see dev change reflected in model
  • 37. @cillian Privacy Dev Tools: Summary # Described our system’s personal data characteristics # Run evaluations in CI to know we’re complying with policies # Automated retrieval of user data across systems # Automatically update requests against dev changes
  • 38. @cillian @cillian Helpers: Simplifying Privacy Many helpers for simplifying privacy on the way… # ML classifier to automate dataset labeling/annotation # UI for better visual management of the data map and taxonomy # Roadmap tackles each major privacy engineering problem
  • 40. @cillian We’ve covered # What is Privacy-as-code # Overview of Fides # Use case 1: checking policies in CI # Use case 2: automating data rights requests
  • 41. @cillian Fides is a free, open-source Python project on Github Up and running in 15 mins with the quick-start engineering guide Great documentation and Fides slack community to support you Easy to get your team using Fides
  • 42. @cillian Open-source developer tools for privacy. Thank you. Comments, Issues, PRs welcome! License License Apache 2 Apache 2 License License CC BY 4.0 CC BY 4.0 fid.es/join fid.es/pycon2022