European Identity & Cloud Conference 2015
05.05. – 08.05.2015, Munich, Germany


The track maps information risk and leverages landscapes for businesses.  The mapping is built on the recognition that interactions are ath the same time the source of risk and of value, and that entities and individuals seek to minimize risk in interactions (and to increase their value) by various means. The motivations, goals and limitations placed on various actors affects their relationships. The interrelationship of various actors’ agenda in interactions results in risk and leverage opportunities for individuals and companies involved in those interactions.  It sorts company relationships into functional categories based on the differences in information flows in each such community. 

Participants in this track will be provided with practical advice on steps that they can take today to gain control of their information flows and corresponding risks. We will explore together the various “Communities of Trust and Risk”, like insider risk and supply chain risk.

After attending this block of sessions you will be able to

  • Describe the proposed new European Union Data Protection Regulations
  • Describe how a Trust Frameworks and Registries mitigate risk in an information Supply Chain

This block qualifies for up to 2 Group Learning based CPEs depending on the number of sessions you attended.

EU Privacy Regulation

07.05.2015 11:00-12:00

The Proposed New European Union Data Protection Regulation – Status and Implications

The proposed new data protection regulation aims at European data protection standards which are better harmonized than the current legislation and also suit the technical standards in times of transformation. A unified data protection Regulation that is directly applicable as part of the EU’s Digital Single Market shall make it easier for all parties to understand what their rights and obligations are and what compliance risks they need to manage.  One of the main changes  foresees that EU data protection law is valid whenever the European market is targeted – whether from within or outside of the EU. Amongst other regulatory novelties, strict enforcement and data protection by design will mean a truly new data protection environment.


  • What is the proposed New European Data Protection Regulation all about?
  • Data Protection Compliance issues to come
  • Risk Implications for companies and groups

The Role of Privacy by Design in the New EU Data Protection Regulation

The upcoming EU privacy legislation demands for implementation of a “privacy by design” approach for organizational IT-systems and processes. To showcase technology embracing this principle for Identity, access and secure authentication EU funded the attribute-based Credentials for Trust project (ABC4Trust). ABC4Trust is an EU-funded research and development project advancing the federation and interchangeability of technologies supporting trustworthy and at the same time privacy-preserving Attribute-based Credentials (Privacy-ABCs).

  • What is ABC4Trust all about, what are benefits and shortcomings?
  • How can actual technology help to meet privacy and security requirements

Cloud Contracting Risks

07.05.2015 12:00-13:00

Reaching Compliance Across Jurisdictions: Fundamental Considerations Before Signing a Cloud Services Contract

SaaS Contracting: From Risk to Complaince

Although SaaS adoption is rapidly increasing, many organisations struggle to establish a sustainable process for SaaS contracting. The one-size-fits-all aspect of cloud computing is often reflected in the limited flexibility of cloud service providers during contract negotiations. More and more organizations are left with the choice of signing standard terms and conditions. This strongly increases the need for organizations to define their contract requirements prior to selecting a SaaS solution. The specific types of data (e.g. confidential data, privacy sensitive data) to be stored in the future SaaS solution, the related risks and applicable legal domains (e.g. data privacy, trade controls) should determine the contract requirements. These requirements have to be taken into account in order to ensure compliance with laws and regulations after accepting any terms and conditions. During this presentation the basics of data classification for SaaS, determining applicable legal domains and verifying the resulting contract requirements against the terms and conditions are discussed.

Key Takeaways:

  • Understanding how to define contracting requirements
  • Ability to determine applicable legal domains
  • Understanding and comparing terms and conditions
Seraphinite AcceleratorBannerText_Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.