Privacy by design & default 

This presentation is cookie free It does not track you, nor does it require any personal preferences to keep. No cookies need to be accepted since there are none to give. 

Hi 👋 I care about your privacy… not you Michelangelo van Dam 

In recent news Latitude Financial vows not to pay ransom to hackers in wake of massive data breach The Guardian|15 hours ago Yum Brands Discloses Data Breach Following Ransomware Attack SecurityWeek|8 hours ago University of Hawaii Maui Reveals February Data Breach Government Technology|22 hours ago Dutch National Railway data breach impacts 780,000 customers Bitdefender|7 days ago Millions affected by Dutch data breach: Here's what we know IamExpat|1 week ago VodafoneZiggo caught in Dutch data breach TelcoTitans|2 weeks ago 

Assume data breach Prove me wrong, I dare you 😈 

GDPR Article 25 Privacy by Design and Default 

7 principles to remember 1. Proactive not Reactive 2. Privacy as the Default Setting 3. Privacy Embedded into Design 4. Full Functionality 5. End-to-End Security 6. Visibility and Transparency 7. Respect for User Privacy 

Refreshing your memory 1. Less is more: request only the minimum amount of personal information for your services or products 2. Protect it: apply strong encryption on your storages, preferably in a way that you can not access it 3. No longer as needed: remove personal information the moment you no longer need it or are obliged to keep it 4. Monitor access: know who accessed this personal information, when they accessed it, and for what purpose 5. Don’t share: your customers are doing business with you, not your partners 

Less is more 

Online retail primary target 

Protect it 

Unauthorized account takeover & identity theft 

No longer as needed 

15 years of data disrupts performance 

Monitor access 

GGD Covid patient info sold by insider 

Do not share!!! 

Share success stories, not customer data 

I have a business to run, stop selling me this BS!!! 

Privacy Driven Development It’s just another way of looking at the problem 

Cross functional team Business Legal Security Development Organizational goals and objectives 

Customer decides when to use their information Customer Long term data Transactional data Encrypted storage Encrypted storage Org Key User Key User key unlocks information for transactions Hard copy Data is destroyed after transaction is completed 1 2 

Pseudonymization in user interfaces Customer # FCA59AB 78B8A102 FD87CC81 Name A. Adams B. Bakers C. Custers Location Antwerp (BE) Bonn (DE) Rotterdam (NL) Email Send email Send email Send email Phone Make call Make call Make call UUID Limited info City & Country Internal System knows, not user Internal System knows, not user 

Code samples 

User and UserShield classes User string userId (UUID) bool anonymous string userName string password string privateKey getUserId(): string isAnonymous(): bool getUserName(): string getPassword(): string getPrivateKey(): string UserShield string privateKey encrypt(string $clearText): string decrypt(string $cipherText): string ::encryptIt(string $privateKey, string $clearText): string ::decryptIt(string $privateKey, string $cipherText): string ::generatePrivateKey(int $length): string UserShield Source Code: in2.se/UserShield 

Default user is anonymous userId = $userId; $this->anonymous = ('' === $userName); $this->userName = $userName; $this->password = $password; $this->privateKey = $privateKey; } } isAnonymous()) { echo 'Hello ' . $user->getUserName(); } else { echo 'Hello dear visitor'; } // Output: Hello dear visitor 

User enabled encryption for data 1/2

User enabled encryption for data 2/2 // Registration of email address and shipping address via web form $emailAddress = '[email protected]'; $shippingAddres = new Address( street: 'Kerkstraat', number: '123', postalCode: '2000', city: 'Antwerp', countryCode: 'BE' ); $userMeta = new UserMeta($user->getUserId(), $emailAddress, $shippingAddres); $repository = new Repository(); // Keep records for transactions for a limited time // Can be encrypted by a universal encryption key $repository->storeTransactionMeta($userMeta); // Keep records for longer time period, securely encrypting the data // using the user's own encryption key $repository->persistUserMeta($userMeta, $user); 

Encrypted storage object(stdClass)#6 (7) { ["userId"]=> string(36) "FF4AF873-F2EB-458D-9981-7070617FE7DB" ["emailAddress"]=> string(84) "Vm5RODBab3NJa3BsMnZyK1h5ZGw2UTg4cUpaT0hCRWQ4ekIxdTdhUnN5MD06Oq5ZkUcTR+KqzNJRR0SnpVk=" ["street"]=> string(56) "M05xOUdxbjBYeXp4VVF6MG52d0JyQT09OjqXVO/pYUm2st8vbieNvwK7" ["number"]=> string(56) "NXFiSWp2U3Q3dGtPVFl2c2wwWGVkQT09OjryDqbwJsClOK9OHDeP7j4U" ["postalCode"]=> string(56) "TzVoRUNiYWpTOUQ2NUxSNmY5YTB6dz09OjqaX5GA9agIJS/eRKAlYZ3w" ["city"]=> string(56) "MHh5b2NyN0xaK1pCQVdUZDk2dGg5QT09OjrkTWwA0iq0DhoHxD18ZrJm" ["countryCode"]=> string(56) "Qm5McVFuejhmc1F5dWx4TytCZjFCdz09Ojof2uJfoh7FzEPr3+jxs1Af" } 

What about CRM and helpdesk support? You can create a separate table with pseudonymized data. Searches will occur on these pseudonymized records, referencing the ID of the user with generic information like city and country. In case of third-party solutions, be vigilant on how they protect your customer data and especially how they handle data removal. Be transparent in your privacy statement that you use this vendor and give your users the default option not to be included. 

Pseudonymized information object(stdClass)#7 (4) { ["userId"]=> string(8) "FF4AF873" ["name"]=> string(8) "DragonBe" ["emailAddress"]=> string(26) "[email protected]" ["location"]=> string(11) "Antwerp(BE)" } 

Remember: it’s NOT your data! 

Data breach impact: Identity theft Terrorists stole Olympic medallists identity The Olympic silver medallist swimmer Pieter Timmers has reacted with shock to the news that the terrorists involved in last March’s attacks used his identity when signing a contract with a utilities company. The three terrorists stole Timmers’ identity to arrange a power supply contract with the utilities company Lampiris for their safe house in the Brussels municipality of Schaarbeek. VRT | Sun 12 Mar 2017 - Link 

Recap 1. Privacy must be by design and default 2. Privacy is an organizational mindset to meet business needs 3. Encrypt data in transit and in rest using individual keys 4. Use pseudonymization when necessary (CRM, helpdesk) 

Thank you 🙏 @DragonBe @[email protected] [email protected] Michelangelo van Dam in2.se/pdd-2023