SPTIoTCoE Panel – Security, Privacy, and Trust implications of the European Data Act and Data Governance Act
Session Abstract:
We hear that IoT ” is all about the data”, and expect hundreds of trillions of Gigabytes to be collected annually within a few years. But when people understand the potential value of data, they tend to want to exercise control, and limit its use. Personal privacy and corporate confidentiality issues increasingly become apparent, along with the security implications of the merger of the cyber and physical worlds, and the intrusiveness of trillions of sensors. All of these issues combine to keep us from realizing the enormous value of IoT data. Then there’s lack of clarity regarding who has rights to the data, under what conditions. The purpose of the European data act, the Data Governance Act, the GDPR and related regulations is to address these issues, and allow for:
- The public and government sectors to have appropriate access to private sector data
- Requirements for sharing private sector data in B2B relationships and value chains
- Rules governing behavior of technology companies and third party data service providers and the ability of their customers to switch among them.
- Means for increasing access to data and encouraging the use of data for the common good
- The practical preservation of privacy rights
The panel will discuss implications of these statutes, and specifically explain how security, privacy, and trust management technologies can allow device makers, service providers, trusted third parties, and web3 distributed services to practically comply with the requirements of these statutes, achieve the potential of data sharing, and unlock the value people have been talking about for the last decade.
Speakers:
David Maher is EVP and CTO at Intertrust and has over 30 years of experience in secure computing. He is President of Seacert Corporation, the intertrust PKI a certificate authority for the Internet of Things and Co-chairman of the Marlin Trust Management Organization which oversees the world’s only independent digital rights management ecosystem. He was also President of WhiteCryption Corporation, a developer of application security software. Previously, Maher was chief scientist for AT&T Secure Communications Systems, Head of the Secure Systems Research Department, and security architect for AT&T’s Internet services platform. After joining Bell Labs in 1981, he developed secure communications, information vending, and e-commerce systems. He was Chief Architect for AT&T’s secure voice, data, and video products used by the White House and Department of Defense for top-secret communications. In 1992, Maher became a Bell Labs Fellow in recognition of his accomplishments in communications security. Maher holds dozens of patents in secure computing; has published numerous papers in the fields of mathematics and computer science; and has consulted with the National Science Foundation, National Security Agency, National Institute of Standards and Technology, and the Congressional Office of Technology Assessment. Maher holds a Ph.D. in mathematics from Lehigh University. He has taught electrical engineering, mathematics, and computer science at several institutions. Maher is currently focused on the design and development of Trust management and secure systems for Smart Grids.
George Young serves as both the Chief Information Security Officer and Chief Technologist, for CB Technologies, specializing in Intelligent Edge Solutions. As a domain expert in networking and cybersecurity engineered solutions, he has a strong background in many strategic and tactical areas around data protection and safekeeping, including: access control, information security governance and risk management, cryptography, security architecture and design, operations security, business continuity/disaster recovery planning, developing/enhancing information security programs, regulations/compliance (e.g., HIPPA, CCPA, CMMC, GDPR, ISO 27000), and audit execution. George has supervised emerging technology initiatives at several start-up companies and Fortune 100 enterprises, across multiple industries – where he held senior level advisory and management positions. He presently serves as a Security Technical Ambassador for an OEM, where he develops technical certification coursework and subsequent exams. He holds a Master of Science degree from Northwestern University in Communication Systems and numerous technical certifications associated with Data Security, Privacy and Trust.
Ted DellaVecchia is Founder, CEO and Managing Partner of Symbotix, a strategy management and technology consulting group that inspires and leads digitally-enabled business change. He is also General Manager of Global Business Operations for Devvio – a blockchain software enterprise serving global entities with sustainability and Environment-Social-Governance (ESG) solutions that have positive impact on climate change and a healthy planet. Ted is a proven leader who has delivered durable, step level EBITA CAGR in all executive assignments. Examples include delivering global elements of a corporate turnaround at IBM Corporation; implementing world-wide supply-chains and accelerating market/earnings growth for Starbucks Coffee Company; and restructuring IT divisions and enterprise business capabilities for three multi-billion-dollar BlueCross BlueShield Health Insurance Companies. Since 2007, Symbotix has designed and executed comprehensive reinventions of operational capacities at several academic medical centers and large commercial payors in the domestic USA. While CEO of Symbotix, Ted was recruited to be the Chief Healthcare Strategist at Red Hat Software where he designed and co-founded “LinuxForHealth”; a sub-licensed Linux Foundation Community open-source movement. LinuxForHealth is the kernel of a comprehensive health operating system for manifesting a healthier society through deployment of decentralized and autonomous AI agents that advance a modern-day virtual-health experience for all. Ted collaborates with entities dedicated to instigating a healthier society and saving our planet; performs advisory services for early and growth stage companies; and serves as advisory board member of the IoT Community, Ted recently chaired the IEEE Group Track on Blockchain and AI in Healthcare; is an active investor with early stage digital transformation companies; frequently speaks at industry events promoting symbiotic, ethical collaborations to improve environmental, social, and governance for all; and is an evangelist for promotion of decentralized identity to enable trust in the information sharing domain.
Evelyn de Souza leads privacy operations for the Oracle Cloud Applications LOB. She is focused on building in privacy versus bolting on privacy after the fact and harmonizing regulations to alleviate audit fatigue. She also serves as an advisor to several startups including Safeguard Cyber and 360ofme. She has previously served as the Co-Chair of the Cloud Security Alliance Cloud Controls Matrix and the chair of the Data Governance Group. Evelyn was named to CloudNOW’s Top 10 Women in Cloud Computing for 2014 and is the co-creator of Cloud Data Protection Cert, the industry’s first blueprint for making data protection “business-consumable”.
Cory Latschkowski Senior Specialist Solutions Architect, OpenShift, Red Hat; Over the previous decade Cory has made major stops in High Performance Computing (HPC), Cyber Security, Data Science, and container platforms (k8s, OpenShift). His last name is pronounced: Latch – cow – ski. Every week is another project. Asking his favorite <anything> will likely lead to a philosophical conversation. His passions are pretty moderate, but he will admit a love for automation, RTFM, and bacon. To learn more of his personal bank security questions, ping him on github.