Zurück

Let’s call for data sovereignty – yes, but…

Digitalization being the new normal, cross-border data flows are a prerequisite for digitalization and the protection of the data processed when people are acting online becomes more and more important.
Given national differences in data protection regimes the level of protection varies country by country. This leads to additional measure required to be taken when data flows across regions to protect the data as required.
One reaction to this effort is the call for data sovereignty.
While data sovereignty, where understood as control over what data is processed, for what purpose, where and by whom and free choices to allow this or not, is a must.
Data sovereignty, understood as a requirement to localize data without balancing purpose and benefits against the risks, is set to fail.
A general call for data localization not only limits the global economic growth but finally weakens the level of protection instead of strengthening it.
Digitalization requires international data flows, so does online security: The determination whether an online device is acting in a legitimate or bad manner and the gained threat data needs to be share globally to ensure global security and data protection.
Keeping know-how on cyberthreats in one region not only puts the other regions at disadvantage. It also prevents attack detection in the other regions.
Valuable time is lost, and attack mitigation gets harder as the attack already happened. In worst case localization of threat data eases data breaches as security measures cannot be applied in time.
So data localization should not be applied in a generalized manner.
Unfortunate this results in the decision between pest and cholera, as one either complies with data transfer requirements by implementing data localization or one complies with data security requirements by implementing state of the art security measures.
But only where this careful assessment is done, an informed decision can be made and one really lives up with the principles of data sovereignty.

Lernziele

Rise awareness about the tradeoff between data privacy and threat protection

Speaker

 

Anna Schmits
Anna Schmits (EMEA DPO) begeistert sich als Rechtsanwältin und zertifizierte Datenschutzexpertin seit über 10 Jahren für die Schnittstellen von Technik und Datenschutz. Sie verantwortet das globale Datenschutzteam von Akamai Technologies mit und fungiert als Datenschutzbeauftragte der EMEA Region. Für Akamai betreut sie Themen wie IOT, Cloud Security, Block Chain und internationale Datenübermittlungen. Für den Bereich kritische Infrastruktur kümmert sie sich um die Datensicherheit und Zertifizierungen. Ihr Motto “Let’s do it” schlägt sich in ihrer pragmatischen und lösungsorientierten Arbeitsweise nieder.

 

Jetzt Tickets sichern

IT-GRC-Kongress Newsletter

Ihr möchtet über den IT-GRC-Kongress
auf dem Laufenden gehalten werden?

 

Anmelden