Speaker: Nishant Bhajaria
Author, Privacy and Security Leader, Digital Product Architect @Uber
Nishant is a senior-level leader in the security, privacy, and compliance space, and he's built teams and programs to help achieve these goals. He typically serves as a vital link between legal, engineering, and C-level leadership to ensure that a company's products help protect user data and secure customer trust. Prior to his current role—privacy architecture and strategy at Uber—he worked in compliance, data protection, and security and privacy at Google. In addition, he has served as the head of privacy engineering at Netflix.
Nishant holds a BS in computer science from Truman State University and an MS in Computer Science from Arizona State University.
Find Nishant Bhajaria at:
SESSION + Live Q&A
Privacy Architecture for Data-Driven Innovation
Data-driven businesses can no longer treat privacy as strictly a legal compliance-focused discipline. In a post-GDPR world, privacy needs an engineering focus to ensure it is actionable, enforceable and scalable.
This talk will discuss how you can set up a privacy architecture to build in “privacy by data”.
The first part of the talk will tackle privacy challenges posed by incoming data into your company. This data can be extremely sensitive in that it describes who you are, where you are and other information that can uniquely identify you.
How does an organization assess and classify the risk around the data? I will discuss how your privacy architecture team can work with privacy legal to create a multi-tiered data classification, and then with security, data science and data platform teams to set up a backend that tags your data to reflect said classification. With this investment, your employees will be able to make informed decisions around data since they will know its privacy risk.
The second part of the talk will tackle privacy as it related to sharing data with third parties, be it vendors, partners or even governments and regulators. How do you protect data from security risk or even re-identification risk in those cases? What techniques are available and what are the trade-offs involved? Uber is at the forefront of those conversations and I will discuss what our research and case-studies have yielded.
Location
Pacific LMNO
Track
Ethics, Regulation, Risk, and Compliance
