An Open-Source Taxonomy for Ex-ante Privacy

Most current approaches to enterprise data privacy suffer from the ex-post nature of their application. Applications purporting to orchestrate crucial privacy tasks like access control, rights fulfillment, or risk assessment get bolted on to pre-existing systems and must dynamically respond to an underlying web of data flows that is poorly described, ever-evolving, and complex. It's a Sisyphean challenge that afflicts some of the most sophisticated technology enterprises operating today, to say nothing of non-digitally native legacy enterprises.

In this presentation, Cillian Kieran, Founder and CEO of Ethyca, will argue that the only way to meaningfully solve this important problem is to apply privacy protections at the start of the software delivery lifecycle rather than at the finish, and will propose one approach for doing so.

He'll demonstrate the benefits of ex-ante privacy by walking through a set of annotation and risk evaluation tools built on top of an open-source privacy taxonomy derived from the ISO/IEC 27701 standards. Cillian's presentation will show how an engineer can annotate projects, evaluate privacy risks in CI pipelines, and enable privacy rights to be enacted on data stored in annotated systems.

This will be a first public walkthrough of an open-source project that has been years development and has received interest from data engineering teams at some of the world's largest companies.