Presented By O’Reilly and Cloudera
Make Data Work
21–22 May 2018: Training
22–24 May 2018: Tutorials & Conference
London, UK

General Data Protection Regulation (GDPR) tutorial and ePrivacy introduction

Aurélie Pols (Mind Your Privacy)
9:0012:30 Tuesday, 22 May 2018
Law, ethics, and governance, Strata Business Summit
Location: Capital Suite 9 Level: Non-technical
Secondary topics:  Security and Privacy
Average rating: *****
(5.00, 1 rating)

Who is this presentation for?

  • Managers of data science teams

Prerequisite knowledge

What you'll learn

  • Understand what the GDPR is about
  • Learn a framework to assure compliance


With its 173 recitals and 99 articles, Europe’s revision of the current Data Protection Directive (95/46/EC) into the General Data Protection Regulation (GDPR) induces a shift in the risk equation for data-fueled businesses because of the fines it allows (up to 4% of global turnover). It’s time to step up and understand what this means for your organizations, for your responsibilities as a data controller, and for the partners that support your data practices in light of the May 2018 deadline.

Aurélie Pols walks you through a “5+5 pillars” framework for GDPR readiness, explaining what the GDPR means to data-fueled businesses. You’ll learn how to attribute responsibility to assure compliance and build toward ethical data practices, minimizing risk for your company while fostering trust with your clients as you cover basic global privacy concepts to assure responsible data uses, enshrined within the revised OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data as well as the more US-based Fair Information Practice Principles. Aurélie pays particular attention to the territorial scope (art. 3) of the GDPR, helping you grasp how far your obligations might stretch and whether obligations such as appointing a DPO will be required. Along the way, you’ll explore considerations around personal data, PII, personal information, purpose, choice and consent, and privacy principles, such as lawfulness, fairness, and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, and accountability.

The 5+5 pillars of GDPR readiness:

  1. Data security and breach notification
  2. Codes of conduct and certifications
  3. Pseudonymization of personal data
  4. Data subject consent
  5. Profiling and the right to object
  6. Cross-border data transfers
  7. The right to be forgotten/deletion/access
  8. Data portability
  9. Duties and responsibilities of data controllers/processors/joint controllers
  10. Procedures and fines
Photo of Aurélie Pols

Aurélie Pols

Mind Your Privacy

Aurélie Pols is the chief visionary officer of Mind Your Group by Mind Your Privacy and teaches privacy and ethics at IE Business School in Madrid and Solvay Business School in Brussels. Aurélie designs data privacy best practices, documenting data flows in order to limit privacy backlashes and minimizing risk related to ever-increasing data uses while solving for data quality—the most accurate label would probably be "privacy engineer.” She used to follow the money to optimize data trails; now she follows the data to minimize increasing compliance and privacy risks and implement security best practices and ethical data use. Her mantra is: Data is the new oil; Privacy is the new green; Trust is the new currency. She has spent the past 15 years optimizing (digital) data-based decision-making processes. She also cofounded and successfully sold a startup to Digitas LBi (Publicis) and served as data governance and privacy advocate for leading data management platform (DMP) Krux Digital Inc. prior to its acquisition by Salesforce. Aurélie has spoken at various events all over the globe, including SXSW, Strata Data Conference, the IAPP’s Data Protection Congress, Webit, and eMetrics summits, and has written several whitepapers on data privacy and privacy engineering best practices. She is a member of the European Data Protection Supervisor’s (EDPS) Ethics Advisory Group (EAG), cochairs the IEEE’s P7002—Data Privacy Process standard initiative, and serves as a training advisor to the International Association of Privacy Professionals (IAPP).

Comments on this page are now closed.


26/05/2018 14:20 BST

Hello – are the slides from this presentation yet made available?
Thanks – Brian