December 11th, 2020, 2-4 pm, PST
CISSP question time:
Which privacy law does differential privacy support?
a. British privacy law
b. Chinese privacy law
c. EU privacy law
d. US privacy law
Differential privacy is a relatively recent topic, although it is an amalgam of well-known, and long utilized, concepts. Oddly, outside of academic circles, it was almost unknown until Apple made a big deal of it in an announcement in 2016. Differential privacy is, however, the "quantitative risk analysis" of privacy, which is why it has such important points to make to the field of privacy, and why almost nobody is using it. (Including, mostly, Apple.)
You want a clue for the question? OK, some initial discussion, then:
a. British privacy law is still primarily based on the original privacy directives, and is mostly concerned with what data you can collect, and for how long, and how accurate you have to be.
b. Yeah, I needed a good laugh, too. But China does have a privacy law, and it pretends to be compatible with the original privacy directives.
c. Well, GDPR is mostly just the original privacy directives, but the new accountability directive might have to do with how well you protect what you have collected ...
d. OK, I often say the the US doesn't have any privacy laws, but they do. Those are primarily concerned with how much you can sue when people disclose your data.
For the final answer, attend the December 11th meeting on the topic of differential privacy.
Speaker: Rob Slade
For registration, see the link at the top of the post.
As usual, all are welcome to attend the meetings of the Vancouver Security SIG/ISC2 Chapter. There is no charge for membership or meeting attendance.
............
Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468