Centre d’innovació i Tecnologia BARCELONATECH

ENISA’s ANNUAL PRIVACY FORUM 2018 in Barcelona

27/06/2018

Through esCERT, a member of inLab-FIB, the UPC participated in the organisation of the Annual Privacy Forum (APF) 2018 along with ENISA, the European Commission’s DG Connect, and Telefónica. The event called on international experts in the privacy and data protection field to share progress in research and development, new challenges at political and legislative level, and privacy and data protection solutions that should be adopted.

 

In the exhibition area, in parallel with the Conference sessions, the UPC presented projects that it is working on or that have been developed by research teams in relation to privacy and data protection (such as Live-FOR, TRUESSSEC, C-ROADS, etc.). It also presented its technological capacities in cybersecurity applied to privacy and data protection, cloud and big data, infrastructure security, business continuity plans, forensic and risk analysis consultancy, security auditing, trust services and Blockchain.

 

Privacy and its challenges

Devices connected through digital communication networks and interconnected services have become ubiquitous in daily life. Many of the devices that we carry (mobile phones), that carry us (vehicles) or that provide services for us (heating, videosurveillance, and television) know where we are, what we are doing, almost what we think. If we do not pay attention to the conditions that we accepted when we decided to use these devices, many more people than we are aware of may know more about our lives than we do.

At a time in which automated profiles (Bots) are greater in number than human profiles in social networks, and in which electronic surveillance and espionage tools have become available to all, citizens and companies must face the restrictions and threats inherent in the processing of personal data or in their own privacy online. The lack of transparency in connectivity and functionality of online applications and services increases the risk that personal data will be processed outside of the control of organisations that have permission to process our data and that have taken responsibility for them, or simply exposes us unnecessarily to theft and/or dissemination, an attack on privacy.

In the EU’s legal framework, as stated in the General Data Protection Regulation (GDPR), it is vital to try to improve the control of personal data processing. It is expected that the coming Privacy and Electronic Communications Regulations will boost the protection of privacy in electronic communications. One of the problems set out at APF18 is how to determine which technologies and best practices are adapted to the “state of the art” at each point in time for application by organisations to protect the personal data that they process. Even the utmost legislative efforts cannot keep up with the pace of technological innovation and commercial models that defy the way personal data is processed and privacy is protected in the EU and beyond. Therefore, it is vital to examine what is at play and to identify the source of threats. Business associations in different sectors should agree on these best practices, as in the past, and define shared strategies. In this way, they can protect themselves in line with the constant evolution of criteria that could be applied by European data protection agencies, in function of the types of attacks and the cybersecurity market.

 

More information: Jordi Martín
Senior Industrial Liaison Officer
Phone: 93.4054690
Email: info.cit@upc.edu