160 likes | 351 Views
Privacy Protection Audit and IT Security Problems in Germany. Dr. Thilo Weichert Independent Centre for Privacy Protection Schleswig-Holstein, Germany. Privacy Protection Audit and IT Security Problems in Germany. Reasons for the Establishment of the Privacy Protection Audit
E N D
Privacy Protection Audit and IT Security Problems in Germany Dr. Thilo Weichert Independent Centre for Privacy Protection Schleswig-Holstein, Germany 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Reasons for the Establishment of the Privacy Protection Audit Shortcomings of the previous Privacy Protection System One-sided focus on legal aspects Too much geared towards Rules and Prohibitions Lack of incentive for good Privacy Protection Concepts Customers and Citizens not enough involved 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Privacy Protection makes an arrival at the free economy Influence on the technical Design Increased Possibility for Control Privacy Protection as a winning Model Reasons for the Establishment of the Privacy Protection Audit 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Legal Situation in Germany Federal Data Protection Act Member States‘ Privacy Protection Acts Privacy Protection Act of Schleswig-Holstein Privacy Protection Audit IT Seal of Quality 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Privacy Protection Audit in Schleswig-Holstein Legal Situation Rules How to execute the Audit Subject of the Audit Public Authorities Parts of Public Authorities Administrative Proceedings 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany On voluntary Basis Increasing Personal Responsibility Using the Audit as an Image und Commercial factor Privacy Protection Audit in Schleswig-Holstein 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Examining the current Privacy Protection Situation Determination of Privacy Protection Aims Establishment of a Privacy Protection Management System Appraisal by the Independent Centre for Privacy Protection Procedure of the Privacy Protection Audit in Schleswig-Holstein 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Awarding with the Audit Seal First Experience Procedure of the Privacy Protection Audit in Schleswig-Holstein 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany IT Seal of Quality in Schleswig-Holstein Legal Regulation: § 4 par. 2 Priv.Prot.Act Further Steps July 01, 2000: Enactment of the Priv.Prot.Act April 04, 2001: Quality Seal Decree by the State Government Nov 05, 2001: Beginning of the Expert Accreditation Procedure Feb 01, 2002: Publication of the Product Criteria Feb 01, 2002: Accreditation of the first Experts 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Product to be certified Conclusion of an Expert Agreement Examination and Evaluation of the Product by the Expert Expert Opinion The Independent Center for Privacy Protection checks the Expert Opinion on conclusiveness and understandability Course of the Quality Seal Procedure in Schleswig-Holstein 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Awarding with the Mark of Quality 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Competence and Expert Knowledge Independence Reliability List of Experts: http://www.datenschutzzentrum.de/guetesiegel/ Experts in the Schleswig-Holstein Seal of Quality Procedure 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Criteria for the Schleswig-Holstein Seal of Quality No violation of Privacy Protection Laws Support of Privacy Protection and Data Security Aims by Means of technical Design Possible organisational Backup Measures are described in an understandable Way and can be put into Action with appropriate Effort Easily understandable Documentation Altogether adequate to the User 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Data Avoidance/Data Austerity Guarantee for Data Security and Ability to Revision Guarantee for the Rights of the involved citizen Special Criteria for the Schleswig-Holstein Seal of Quality 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany Supported by the EU Results Influence the Federal Legislation International Congress 2003 in Kiel The Schleswig-Holstein Seal of Quality Procedure 4th Conference on Information Society Infobalt, Vilnius
Privacy Protection Audit and IT Security Problems in Germany The Independent Centre for Privacy Protection Where? Holstenstraße 98, 24103 Kiel Telephone? 0431/988-1205 Telefax? 0431/988-1223 E-Mail? mail@datenschutzzentrum.de Internet? www.datenschutzzentrum.de 4th Conference on Information Society Infobalt, Vilnius