[wuc 2015] prof. dr. christoph bauer, ceo, eprivacy | cross-device tracking and privacy compliance
TRANSCRIPT
Trusted Privacy
Cross Device Tracking and Privacy Compliance
Prof. Dr. Christoph Bauer
webtrekk user conference, Berlin 29. May 2015
© 2015 ePrivacy
ePrivacy
... are an independent partner in Germany and Europe, specialized in digital data protection
... operate within the framework of privacy protection, on behalf of our customers
... create a competitive advantage through online privacy for our customers in Germany and Europe
... work closely with organizations, public authorities and legislators
... are a full-service provider, offering consulting, sealed certifications, and privacy protection technologies
We ...
2
© 2015 ePrivacy
Reference customers ePrivacy
Leading Companies in digital business in Europe and Germany
3
© 2015 ePrivacy
1) IP Adress / Cookie
IP Adress
Is the IP Adress PII? If yes, optin neccessary To be secure: anonymize IP Adress Pending decision for EU highest court
Cookies
Current status (Germany): Use of cookies allowed, if no PII stored in cookies (e.g. IP-Adress)
© 2015 ePrivacy
2) user profiles
• Mentioned in § 15 Abs. 3 TMG, exceptional rule for Germany:
• Possible if pseudonymous and for Advertising (etc.)• opt-out needs to be offered• Information about profiles in data protection declaration
• but: this is German law and not relevant in other countries!
• IAB Europe OBA Framework with similar regulation
© 2015 ePrivacy
3) Cross device tracking - principle
• Anonymize data, e.g. via hashing email address with secure procedure
• if hash value cannot be de-anonymized -> no personally identifiable information
• if identical hash value is calculated somewhere else, e.g. using another device -> a matching of these anonymized values is possible
• nobody is allowed to de-anonymize data or to combine the hash values and original values (unless explicit optin)!
• the detailed technical processes need to be analyzed and evaluated
contact data
Prof. Dr. Christoph BauerGeschäftsführer
ePrivacy GmbH Große Bleichen 21, 20354 Hamburg
Tel +49 40 609 4518-10