IAPP article
https://iapp.org/news/a/virginia-passes-the-consumer-data-protection-act/
(incl. data protection assessments)
EAID – slides/recording – 02.03.2021: Datenschutz – Zertifizierung – Quo Vadis?
https://www.eaid-berlin.de/datenschutz-zertifizierung-quo-vadis/
includes
Die Idee hat eine lange Geschichte…und auch eine Zukunft?
• Gabriel Schulz, Stellvertreter des Landesdatenschutzbeauftragten Mecklenburg-Vorpommern
Der erste Versuch hat Erfahrungen – wie gut sind diese?
• Sebastian Meissner, EuroPriSe, Head of the EuroPriSe Certification Authority
Zertifizierungen nach Artikel 42 DSGVO und Zertifizierungsstellen gem. Art. 43 DSGVO lassen aber immer noch aus sich warten. Warum?
• Dr. jur. Raoul Kirmes, DAkkS; Sachgebiet Grundsatzaufgaben
Quo Vadis Datenschutzzertifizierung?
• Frederick Richter, Vorstand Stiftung Datenschutz
The Netherlands: Privacy Assessment of Google Workspace G Suite Enterprise suite (DPIA)
“Commissioned by the Ministry of Justice and Security, Privacy Company investigated the privacy risks of G Suite Enterprise, with work and communication apps such as Gmail, Chat, Meet, Forms, Docs and Slides. Meanwhile, Google has renamed these services into Google Workspace.”
Related:
- Google Workspace DPIA for Dutch DPA (in English)
at https://www.rijksoverheid.nl/documenten/publicaties/2021/02/12/google-workspace-dpia-for-dutch-dpa - “Google has also published a guide for system administrators, explaining the rules and the available privacy choices, the Google Workspace data protection implementation guide.”
at https://services.google.com/fh/files/misc/google_workspace_data_protection_guide_en_dec2020.pdf
Google Firebase
Point of contract
https://console.firebase.google.com/
Terms of Service for Firebase Services
https://firebase.google.com/terms?authuser=0
Data Processing and Security Terms
https://firebase.google.com/terms/data-processing-terms?authuser=0
also general description
https://firebase.google.com/support/privacy?authuser=0
BSI – AI Cloud Service Compliance Criteria Catalogue (AIC4) Date 2021.02.02
“The AI Cloud Service Compliance Criteria Catalogue provides AI-specific criteria, which enable an evaluation of the security of an AI service across its lifecycle. The criteria set a baseline level of security, which can be reliably assessed through independent auditors. The catalogue has been developed for AI services that are based on standard machine learning methods and iteratively improve their performance by utilizing training data.”
Privacy and Genomic data – reader list
Identification and genomic data
https://www.phgfoundation.org/documents/PHGF-Identification-and-genomic-data.pdf
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5266631/
https://academic.oup.com/bioinformatics/article/35/3/365/5056754
Re-identifiability of genomic data and the GDPR
https://www.embopress.org/doi/pdf/10.15252/embr.201948316
Re-Identification of Individuals in Genomic Data-Sharing Beacons via Allele Inference
https://www.biorxiv.org/content/10.1101/200147v1.full.pdf
Identification of individuals by trait prediction using whole-genome sequencing data
https://www.pnas.org/content/early/2017/08/29/1711125114
—
https://dpph.ch/
Medical research and privacy related books by MWV (mostly in German)
“Medizinisch Wissenschaftliche Verlagsgesellschaft (MWV) publishes reference books, textbooks and scientific books as well as ebooks for professionals and students in Medicine, Nursing and Health Care Management.”
e.g.
Data Privacy in European Medical Research
A Contemporary Legal Opinion
Christian Dierks, Philipp Kircher, Charlotte Husemann, Julia Kleinschmidt, Martin Haase
NIST – Toward a Privacy-Enhancing Cryptography Use-Case Suite: Preliminary Draft White Paper Available for Comment
NIST – Toward a Privacy-Enhancing Cryptography Use-Case Suite: Preliminary Draft White Paper Available for Comment
“Privacy-enhancing cryptography (PEC) refers to cryptography used to enhance privacy, beyond the traditional sense of data confidentiality. For example, it enables sophisticated interactions that obtain a useful output of the combined information of multiple entities, although without them sharing their inputs with one another. Representative PEC techniques include secure multi-party computation, zero-knowledge proofs and searchable encryption.
Because of the advanced technical features of PEC, this field has traditionally not been covered by standardization activities. However, the state of the art is becoming more pertinent and accessible. To tap into the potential of PEC, this preliminary draft presents a sketch idea toward creating a “PEC use-case suite.” The goal of the write-up is to motivate initial feedback about the idea, which intends to connect PEC tools and representative use-cases where privacy is a central point.”
Draft:
https://csrc.nist.gov/CSRC/media/Projects/pec/documents/suite-draft1.pdf