Home
Use our global calendar of privacy events to locate an event near you.
FILTER BY
The right to data portability is listed among the most important novelties within the GDPR, both in terms of new control rights granted to data subjects and in terms of its intersection between data protection and other fields of law (for example, competition law, intellectual property, consumer protection, etc.). Despite of its internet social media origins, that perhaps continue to shape its public perception, the right to data portability, particularly if interpreted in an expansive manner, may find application in numerous fields and industries involved in personal data processing. Its exact content is, therefore, of crucial importance. This lunchtime seminar is aimed at highlighting the raison d’ etre of this new right to data portability, its potential scope, as well as its relationship to other individual rights within the GDPR.
The programme is now available.
The workshop will be held from 12:30 – 14:30 at the Institute of European Studies. Lunch will be included.
The event is free to attend but capacity is limited, so registration is required. For more information please contact [email protected].
Members only event that gathers Future of Privacy Forum‘s (FPF) leading academic, advocacy and corporate stakeholders. By invitation only. For FPF membership information, please contact Barbara Kelly at [email protected].
Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. The 2017 Symposium will mark the 38th annual meeting of this flagship conference.
The Symposium will be held on May 22-24, 2017, and the Security and Privacy Workshops will be held on May 25, 2017. Both events will be in San Jose, CA at the Fairmont Hotel.
Women in Security and Privacy (WISP) is proud to partner with PerimeterX to offer a 90 minutes hands-on web security workshop that discusses the threats from the latest generation of malicious Bots (nonhuman automated tools) and puts you into the drivers’ seat to learn on how to protect your web application.
Today up to 50% of a company’s web traffic can come from Bots and create a real threat to websites and applications. Bots are ideal workers for repetitive and complex tasks and can easily and efficiently run on different hosts and cloud services—or invisible as malware on infected machines. Bad Bots are participating in different types of attacks impacting all types of applications and businesses—performing the entire scale of attacks from web scraping, account abuse (account creation or account takeover), credit card and coupon guessing scalping, and click fraud. Bots range in complexity and abilities from simple scripts to full browser-based tools that can render complex pages and even solve CAPTCHA challenges.
Please feel free to invite your fellow privacy and security colleagues, but hurry! Space is limited.
Prerequisite Knowledge:
- Comfortable installing packages and running simple scripts and tools.
- Basic medium programming skills:
- We’ll be using Python for examples and exercises in the workshop
- Installing packages different modules
- A basic understanding Web services – specifically HTTP request/response.
Agenda:
5:30 – 6:00 pm – Registration, Networking, Food & Drinks
6:00 – 6:05 pm – Welcome
6:05 – 6:30 am – Presentation
6:30 – 8:00 am – Workshop
We will discuss / examine how Bots work, explain how to operate a few common Bots, and, most importantly, show what you can do to detect and block malicious activity while enabling your users and good Bots to work uninterrupted. We’ll introduce a few common Bots used by attackers, like PhantomJS and Selenium, to create a testing environment and verify that you can efficiently detect such tools. Then we’ll explore a variety of techniques and open source tools and libraries you can use in order to detect different Bots and outline the things to consider when you suspect a request is being originated by a Bot, such as:
- Blocking users not supporting JavaScript and cookies
- Sending hidden challenges that will bother bots but won’t affect real users’ experience
- Honeypots and traps to catch malicious automatic tools
- Detecting and whitelisting the good Bots
Presenters:
- Ido Safruti, Founder and CTO
- Corinna Krueger, VP of Marketing
- Christopher Federico, Lead Solutions Architect
Materials or Downloads Needed in Advance
- Your laptop with tools and libraries/code samples downloaded and installed
- Please follow instructions on the Read Me file here: https://github.com/PerimeterX/bot-tools
What You Will Learn
- Gain an awareness of threats from malicious Bots
- Learn how some of these bots operate
- Explore open source tools and techniques to detect and better manage Bots
Disclaimer: Photography
From time to time WISP uses photographs of its events in its promotional materials (e.g., the wisporg.com website). Unless this permission is revoked in writing to WISP, by virtue of their attendance, event attendees, volunteers, and speakers agree to the use of their likeness in such materials.
Thank you, Autodesk, for hosting us! Thank you, PerimeterX, for sponsoring the event, food and drinks!
Autodesk, Inc. is an American multinational software corporation that makes software for the architecture, engineering, construction, manufacturing, media, and entertainment industries.
PerimeterX™ is a provider of scalable, behavior-based threat protection technology for the web, cloud and mobile. Its security service PerimeterX Bot Defender™ accurately protects commerce, media and enterprise websites from all types of automated or non-human attacks, at any scale. Unlike other security solutions which place a proxy between customer and website, PerimeterX can detect and stop any automated threats with integration that is as simple as adding a JavaScript tag. For more information, please visit https://www.perimeterx.com.
Are data privacy and security your top corporate priorities? Find out why they should be on 23-24 May, 2017 in The Hague, Netherlands.
The GSMA, in cooperation with The Hague Security Delta and The Municipality of The Hague, is hosting the second annual Mobile 360 – Privacy & Security event to address the inevitable challenges that enterprises face with digital transformation. This event will address these challenges and focus on building digital-oriented businesses on trust, security and privacy. Across two days, these topics will be highlighted through keynotes, panel discussions, workshops, and technology demonstrations.
Space is limited; register today at www.mobile360series.com.
.
9:00AM-10:00AM PT / 12:00PM-1:00PM ET
Register NOW for this webinar, as our speakers will discuss:
- How to determine when a DPIA is required under GDPR
- Risk assessment – evaluating likelihood and severity
- Evaluating safeguards and other measures to mitigate the risks
- Related risk assessment considerations under GDPR, such as legitimate interests and breach notifications
*Can’t make the webinar? Register anyway! We’ll send you a followup email with the slides and recording after the webinar!*
TRUSTe Webinar FAQs
Click here for answers to the most commonly asked webinar related questions!
Zcash is the first open-source and decentralized cryptocurrency offering strong privacy in the form of shielded transactions, which are made possible by a novel form of zero-knowledge cryptography called zk-SNARKs. Like Bitcoin, Zcash payments are published on a public blockchain, except the sender, recipient, and amount of a transaction may remain fully private. In this talk, we will provide an uncomplicated overview of Zcash, how it works, the history of the protocol and its conception by a talented group of academics, cryptographers and scientists in the original “Zerocoin” paper, what’s happened since it finally launched in late 2016, and what’s in store for the future of ZEC. We’ll also look at the current state of the network and discuss the remarkable way we generated the public parameters required to construct and verify shielded transactions, in the so-called parameter generation ceremony.
Our speaker is Kevin Gallagher, DevOps Engineer for Zcash Company (@ageis)
CONSTITUTION CENTER
400 7th St SW, Washington, DC 20024 | Directions & Nearby
EVENT DESCRIPTION
Ten years ago, President Bush launched a new era in the fight against identity theft by issuing an executive order establishing the Identity Theft Task Force, which the Commission co-chaired. In the ensuing ten years, great strides have been made to combat identity theft but it remains a significant problem for American consumers. Last calendar year, the Federal Trade Commission received nearly 500,000 identity theft complaints and the Department of Justice reports that in 2014 17.6 million individuals – 7% of all U.S. residents age 16 and older – were victims of one or more incidents of identity theft.
On May 24, 2017, the Federal Trade Commission will host an all-day conference to take a comprehensive look at how identity theft has evolved over the last decade and what we can do to address this challenge in the future.
The unauthorized disclosure of personal information can result in identity theft and other frauds. Data breaches, lost equipment, and insiders have made sensitive consumer information available for identity thieves to use in a variety of ways. Because consumers often reuse their usernames and passwords, identity thieves with access to this information may have access to additional consumer accounts. Identity thieves are using the information they obtain to perpetrate fraud against consumers, businesses and the government; obtain employment and medical care; and hide from law enforcement.
Identity theft can have ramifications beyond financial harm. For example, consumers may be denied access to crucial services or medical care. Identity theft can also pose a threat to public safety, particularly when used to create fraudulent identity documents that facilitate criminal activity or enable individuals to hide from law enforcement.
The conference will gather input from academics, business and industry representatives, government experts and consumer advocates. We’ll look at the current state of identity theft, examine potential future challenges, and discuss how to address these issues. The conference will be open to the public and take place at the FTC’s Constitution Center building, 400 7th St., S.W., Washington, DC. The FTC invites comment from the public on the issues.
The event will address questions such as:
- What types of information do identity thieves steal? How do identity thieves obtain this information? What can the private sector and government do to inhibit access to this information?
- How much of this information comes from the dark or deep web? What types of information is available? How do these markets operate? How much does it cost identity thieves to obtain this information? How have these markets changed in recent years? How will these markets change in the next few years?
- How do identity thieves use this information? How have identity theft related frauds evolved? What are some of the potential new frauds? How do we quantify the magnitude and the impact on consumers, businesses, and the government?
- What threats to public safety can result from identity theft? How will these threats evolve? What can be done to protect against these threats?
- How are identity thieves utilizing synthetic identities? What are the challenges associated with identifying synthetic identities? Are current identity monitoring tools effective in notifying individuals that a synthetic identity associated with some of their information exists?
- Are certain populations more vulnerable to identity theft? What can the private sector and the government do to protect these vulnerable populations? How do we quantify the magnitude and the impact on these vulnerable populations?
- What resources are available to help identity theft victims? What are the limitations of these resources? What additional tools are needed to protect individuals from becoming victims of identity theft, mitigating the harm caused by identity theft, and restoring individuals’ identities? What is the role of the private sector, non-profits, academia, and the government in developing these tools?
- How effective are current monitoring and restoration services? How will these services evolve?
- How can the private sector, non-profits, academia, and government work together to address all these issues?
The conference will be available online via webcast. A webcast link will be added to this page on the day of the event.
CONTACT
If you have questions about the workshop, please email [email protected](link sends e-mail) or contact John Krebs at (202) 326-2692.
The Boston Bar Association’s inaugural Privacy Conference will bring together attorneys from private practice and in-house legal departments to network and discuss key topics and trends in privacy and cybersecurity.
This full-day conference will cover a wide range of topics from data breach response and litigation to compliance and transactional issues. Panelists will discuss new developments in the legal and regulatory landscape, while providing strategies to effectively prepare and respond to your client’s needs and offer insights into challenges and opportunities ahead.
Abstract and paper submission deadlines have been extended. Check here the new dates.
Privacy engineering research has never been a more timely endeavor. Ongoing news reports regarding global surveillance programs, massive personal data breaches in corporate databases, and notorious examples of personal tragedies due to privacy violations have intensified societal demands for privacy-friendly systems. In response, current legislative and standardization processes worldwide are seeking to strengthen individuals’ privacy by introducing legal and organizational frameworks that personal data collectors and processors must follow. As a result, engineers are increasingly expected to build and maintain systems that preserve privacy and comply with data protection standards in different ICT domains (such as health, energy, transportation, social computing, law enforcement, and public services) and on different infrastructures and architectures (such as cloud, grid, or mobile computing).
Although there is a consensus on the benefits of an engineering approach to privacy, few concrete proposals exist for models, methodologies, techniques and tools to support engineers and organizations in this endeavor. Work that focuses on helping organizations and software developers to identify and adopt appropriate privacy engineering methods, techniques and tools in their daily practices is also missing. Furthermore, it is difficult to systematically evaluate whether the systems developed using privacy engineering methodologies comply with legal frameworks, provide necessary technical assurances, and fulfill users’ privacy requirements.
Clearly, more research is needed in developing methods that can help translate legal and normative concepts, as well as user expectations, into systems requirements. There is also a growing need for techniques and tools to support organizations and engineers in developing and maintaining (socio-)technical systems that meet these requirements. In an effort to close the gaps in research, the topics of IWPE’17 include all aspects of privacy engineering, ranging from its theoretical foundations, engineering approaches and support infrastructures to its practical application in projects of different scales.
Specifically, we are seeking the following kinds of papers:
1) technical solution papers that illustrate a novel formalism, method or other research finding with preliminary evaluation;
2) experience and practice papers that describe a case study, challenge or lessons learned in a specific domain;
3) early evaluations of tools and techniques that support engineering tasks in privacy requirements, design, implementation, testing, etc.;
4) interdisciplinary studies or critical reviews of existing privacy engineering concepts, methods and frameworks;
5) vision papers that take a clear position informed by evidence based on a thorough literature review.