jm + gdpr   4

Handling GDPR: How to make Kafka Forget
How do you delete (or redact) data from Kafka? The simplest way to remove messages from Kafka is to simply let them expire. By default Kafka will keep data for two weeks and you can tune this as required. There is also an Admin API that lets you delete messages explicitly if they are older than some specified time or offset. But what if we are keeping data in the log for a longer period of time, say for Event Sourcing use cases or as a source of truth? For this you can make use of  Compacted Topics, which allow messages to be explicitly deleted or replaced by key.


Similar applies to Kinesis I would think.
kafka  kinesis  gdpr  expiry  deleting  data  privacy 
5 days ago by jm
'Let’s all survive the GDPR'
Simon McGarr and John Looney's slides from their SRECon '17 presentation
simon-mcgarr  data-privacy  privacy  data-protection  gdpr  slides  presentations 
september 2017 by jm
GDPR Advisors and Consultants - Data Compliance Europe
Simon McGarr's new consultancy:
Our consultancy helps our clients understand how EU privacy law applies to their organisations; delivers the practical and concrete steps needed to achieve legal compliance; and helps them manage their continuing obligations after GDPR comes into force. Our structured approach to GDPR provides a long-term data compliance framework to minimise the ongoing risk of potential fines for data protection breaches. Our continuing partnership provides regulator liaison, advisory consultancy, and external Data Protection Officer services.
gdpr  simon-mcgarr  law  privacy  eu  europe  data-protection  regulation  data 
may 2017 by jm
[1606.08813] European Union regulations on algorithmic decision-making and a "right to explanation"
We summarize the potential impact that the European Union's new General Data Protection Regulation will have on the routine use of machine learning algorithms. Slated to take effect as law across the EU in 2018, it will restrict automated individual decision-making (that is, algorithms that make decisions based on user-level predictors) which "significantly affect" users. The law will also effectively create a "right to explanation," whereby a user can ask for an explanation of an algorithmic decision that was made about them. We argue that while this law will pose large challenges for industry, it highlights opportunities for computer scientists to take the lead in designing algorithms and evaluation frameworks which avoid discrimination and enable explanation.


oh this'll be tricky.
algorithms  accountability  eu  gdpr  ml  machine-learning  via:daveb  europe  data-protection  right-to-explanation 
march 2017 by jm

Copy this bookmark:



description:


tags: