Data Privacy Conference
Rootconf

Data Privacy Conference

On building privacy in engineering and product processes.

Make a submission

Accepting submissions till 18 Oct 2021, 01:20 PM

The first edition of the Data Privacy Conference was held between 23 and 29 April 2021.

The conference featured talks and discussions around:

  1. Processes for doing compliance and building privacy features in large and growing organizations.
  2. Case studies of compliance, mainly GDPR and related practices of data anonymization and data deletion.
  3. Using technology to handle processes for handling Personally Identifiable Information (PII); evaluation of developer tools that organizations use for governing access to PII and sensitive data - and whether to build, rent or buy these.
  4. End-to-end encryption - technology and policy debates; practical applications.
  5. Privacy preserving practices in consumer technology - netbanking and Android and mobile.
  6. Cloud security practices; multi-geography compliance with cloud.

Speakers from LinkedIn, Whatsapp, Hotstar, Mozilla, Zerodha, ThoughtWorks, Appsecco, Gojek and other organizations shared their experiences, and demonstrated how the combination of ‘intent, process, resources and technology’ come together to help companies build privacy-respecting products.

Watch the talks on https://hasgeek.com/rootconf/data-privacy-conference/videos

Participants in the conference included:

  1. SRE, DevSecOps and DevOps teams working with legal and compliance teams to heavy-lift operations around privacy and compliance.
  2. Product managers building secure and compliant systems.
  3. Business and engineering heads of organizations which deal with large volumes of consumer data on a regular basis.
  4. Representatives early to mid-stage fintech companies which are evolving systems to handle petabytes of data securely in compliance with larger governance laws.
  5. Consultants working on cloud and security; pricacy and compliance.

Contact information: Join the Rootconf Telegram group on https://t.me/rootconf or follow @rootconf on Twitter.
For inquiries, contact Rootconf on rootconf.editorial@hasgeek.com or call 7676332020.

Hosted by

Rootconf
Rootconf
Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more

Supported by

Zeta Suite
Zeta Suite
Zeta® is in the business of providing a full-stack, cloud-native, API first neo-banking platform including a digital core and a payment engine for issuance of credit, debit and prepaid products that enable legacy banks and new-age fintech institutions to launch modern retail and corporate fintech p… more

Promoted

AWS
AWS
We’re the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. As a hyperscale cloud service provider, AWS provides access to highly advanced computing tools on rent for startups and SMEs at affordable prices. We help t… more
Omidyar Network India
Omidyar Network India
Omidyar Network India invests in bold entrepreneurs who help create a meaningful life for every Indian, especially the hundreds of millions of Indians in low-income and lower-middle-income populations, ranging from the poorest among us to the existing middle class. To drive empowerment and social i… more
Meta
Meta
about.facebook.com/meta
Privacy Mode
Privacy Mode
Deep dives into privacy and security, and understanding needs of the Indian tech ecosystem through guides, research, collaboration, events and conferences. Sponsors: Privacy Mode’s programmes are sponsored by: more

The first edition of the Data Privacy Conference was held between 23 and 29 April 2021.

The conference featured talks and discussions around:

  1. Processes for doing compliance and building privacy features in large and growing organizations.
  2. Case studies of compliance, mainly GDPR and related practices of data anonymization and data deletion.
  3. Using technology to handle processes for handling Personally Identifiable Information (PII); evaluation of developer tools that organizations use for governing access to PII and sensitive data - and whether to build, rent or buy these.
  4. End-to-end encryption - technology and policy debates; practical applications.
  5. Privacy preserving practices in consumer technology - netbanking and Android and mobile.
  6. Cloud security practices; multi-geography compliance with cloud.

Speakers from LinkedIn, Whatsapp, Hotstar, Mozilla, Zerodha, ThoughtWorks, Appsecco, Gojek and other organizations shared their experiences, and demonstrated how the combination of ‘intent, process, resources and technology’ come together to help companies build privacy-respecting products.

Watch the talks on https://hasgeek.com/rootconf/data-privacy-conference/videos

Participants in the conference included:

  1. SRE, DevSecOps and DevOps teams working with legal and compliance teams to heavy-lift operations around privacy and compliance.
  2. Product managers building secure and compliant systems.
  3. Business and engineering heads of organizations which deal with large volumes of consumer data on a regular basis.
  4. Representatives early to mid-stage fintech companies which are evolving systems to handle petabytes of data securely in compliance with larger governance laws.
  5. Consultants working on cloud and security; pricacy and compliance.

Contact information: Join the Rootconf Telegram group on https://t.me/rootconf or follow @rootconf on Twitter.
For inquiries, contact Rootconf on rootconf.editorial@hasgeek.com or call 7676332020.

Featured submissions

See all

  • Kailash Nadh

    The life of personal data in heavily regulated environments

    The mainstream focus on personal and sensitive data generally tends to be on social media and communications platforms. The public understanding of how personal data flows through heavily regulated organisations such as banks and stock brokers is limited. In fact, such organisations are mandated by laws and regulations to share data with more parties than their unregulated counterparts. This talk… more

    04 Mar 2021

  • Matthew D. Green

    End-to-end encryption: State of the Technical and Policy Debate

    Over the past decade, end-to-end encryption (E2EE) has been widely deployed in electronic messaging applications, including WhatsApp, Signal, Apple iMessage and others. This form of messaging ensures that information is encrypted from an end-user device (such as a phone) and remains encrypted until it reaches the destination. A key benefit of E2EE is that it protects messages from server-side hac… more

    16 Apr 2021

  • Paul Vixie

    Closing keynote: Is NetworkOps Dead in the Age of Cloud?

    It’s been said that the number of clues remains constant even as some field of expertise expands. This may sometimes be the outgoing generation accusing the incoming generation of being soft or lazy, and indeed it has also been said that progress in most fields occurs one obituary at a time. What we know for certain is that skills for which demand is not growing, become less common. Maybe some ma… more

    14 Apr 2021

  • Suman Kar

    Netbanking fails

    Security is hard. Designing user experience (UX) around security is harder. Yet almost everyday, we are forced to make security related decisions across multiple connected devices we own. Sometimes we make these choices for ourselves, and sometime we impose our choices subtly on others with whom we share these devices. Proliferation of personal IoT devices exacerbates this problem, and in some ca… more

    08 Feb 2021

  • Chirayu Desai

    Case study of CalyxOS

    CalyxOS is an open source Android-based Operating System, sponsored by the Calyx Institute, a 501(c) non-profit dedicated to making privacy and security available for all. more

    03 Apr 2021

  • Kalusivalingam Thirugnanam

    Data Governance at Intuit

    There is an increased focus on data privacy and governance across the world. Intuit, offering products and services in the Financial Industry, operates worldwide in multiple countries. We needed to provide data privacy and compliance across multiple geographies. As part of enabling data privacy capabilities to our customers, we navigated through a number of challenges and built systems to support… more

    26 Feb 2021

  • Rohan Prabhu

    Our approach to PII/SPDI redaction

    Abstract By regulation and more so by a moral obligation, Jupiter is required to safeguard the privacy of its customers. As providers of financial services, we are often entrusted with information that could be extremely private to users, of a sensitive nature and at the same time can be used to personally identify them by a single data element. Dealing with an engineering stack that builds upon … more

    02 Mar 2021

  • Ayush Priya

    Masking Sensitive Data in Logs with LogStash

    ElasticSearch, LogStash and Kibana together create one of the most popular log ingestion and indexing solution. However, the logs being indexed and made available can potentially contain sensitive information such as PII. The talk will explain how to setup masking for such sensitive information(s) present in the logs in LogStash. This would enable any principal who wants to look at the logs to be… more

    16 Feb 2021

  • Zainab Bawa

    Security practices for mobile app development

    This submission is a summary of the Birds of Feather (BOF) session held on 28 April, 2021 with Chirayu Desai (CalyxOS), Madhusudhan Sambojhu (Able.do) and Apurva Jaiswal (Zeta) on security practices that individual developers and teams can undertake to ensure better data privacy. more

    25 Aug 2021

  • Michael W Lucas

    TLS in 2021

    Transport Layer Security: everybody needs it, but few of us understand it. TLS is not just about getting the lock icon in the browser address bar. It’s perhaps the most frequently misconfigured protocol on the Internet. more

    02 Apr 2021

  • Chirayu Desai

    Integrating privacy-preserving analytics into your application

    Analytics is an important part of application development, and adding them in a privacy preserving manner is challenging. more

    24 Mar 2021

  • Subhashis Banerjee

    Identity and biometrics

    India has deployed the world’s largest national digital identity system based on biometrics. In this session we will review the suitability of biometrics based identity definition for delivery of essential services. more

    27 Mar 2021

  • Pragya Misra Mehrishi

    Product design and usability for privacy

    As more of our conversations move online, privacy by design is becoming crucial in product development. In this session, Uzma Barlaskar, product manager at WhatsApp, will discuss “Product design and usability for privacy,” focusing on how WA features like ephemerality & live location as examples of how building e2ee into the system can be used for other things too. more

    14 Apr 2021

  • Atif Akhtar

    Data Governance - Strategies from experience

    A lot of organizations have recently started taking Data Governance seriously given the different laws now coming up in countries regarding the use of data and heavy penalties on leaks which is further exacerbated by how much more data each of these orgs are now generating compared to before.With these accelerated motives a lot of Data Governance strategies are a make or break based on the toolin… more

    28 Feb 2021

  • Nneka Soyinka

    How to Use Lean Data Practices to Build Trust with Customers

    Lean Data Practices (LDP) is a flexible framework that anyone handling personal data can use to build in privacy, security, and transparency in ways that can build trust and reduce risk. This talk is a follow up to the November 2020 LDP presentation to dive deeper into the methodology, specifically how to apply it from the product management and development lens. We will discuss how to implement … more

    13 Apr 2021

  • Bhupendra Jain

    Data deletion practices @ Offline Data lake

    LinkedIn works at exabyte data scale and respecting the privacy of its Members is the top most priority as part of LinkedIn culture and the core value “Members first”. This talk will briefly touch upon some of the practices, tools & technologies used in offline data lake for adherence to GDPR “Right to erasure”. Talk will also cover the lessons learned and challenges faced while talking in detail… more

    01 Apr 2021

  • Anwesha Sen

    Nadika N Editor

    Summary of session: Birds of Feather (BOF) discussion on investors' views of privacy and security; proactive measures and compliance for existing and future investees

    Date of event: April 24, 2021 Moderators: Subhashish Bhadra (ONI), Anand V (Hasgeek) Discussants: Sharda Balaji (Novo Juris), Samuel Mani (Mani Chengappa Mathur), KK Mookhey (NII Consulting), Kailash Nadh (Zerodha) more

    18 Oct 2021

  • Anuradha Lipare

    Leveraging existing Information Security practises to address data privacy requirements OR How Data Security and Data privacy can work together

    Data privacy and cybersecurity practices are becoming increasingly important in view of new legislation, such as the General Data Protection Regulation (GDPR), Personal Data protection Act (PDPA) as well as increasing sophisticated cyber attacks.Many organization spends most of their cybersecurity budgets on addressing technical, financial and reputational risks and It is often noted that an insu… more

    30 Mar 2021

  • Sandeep Joshi

    Synthetic data generation

    At Needl, our mission is to organize and stitch your information to make it universally accessible and useful. Knowledge workers today are inundated with massive amounts of data via multiple communication apps and devices resulting in huge efforts to save, organise, retrieve, and make sense of data leading to productivity loss. Needl aims to unbundle your data across apps & devices into a single … more

    18 Mar 2021

  • Biju Nair

    Best practices in FOSS compliance can help improve security.

    Privacy and security are closely tied together in the form of legal requirements for “data protection” in laws across the world, such as under Article 32 of EU’s General Data Protection Regulation, and India’s Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. more

    16 Mar 2021

  • Vijayendran Sridharan

    Round table: Security Incident analysis and reporting

    Hard Questions: Security Incident Analysis, Reporting and Management more

    18 Mar 2021

  • Pratap Kudupudi

    Data Anonymization @ Offline Data Lake

    LinkedIn works at exabyte data scale and respecting the privacy of its Members is the top most priority as part of LinkedIn culture and the core value “Members first”. In this talk we will walk through the tools & technologies used in creating a PII-free anonymized data warehouse for allowing GDPR compliant access to data. We will look at the challenges involved in various approaches and design f… more

    01 Apr 2021

Sessions

See all

Videos

See all
Keynote: End-to-end encryption: state of technical and policy debates

Keynote: End-to-end encryption: state of technical and policy debates

Matthew D. Green, Associate Professor at the Johns Hopkins Information Security Institute

1 hour14 May 2021
Enabling customers' security and privacy journey in the AWS/Cloud

Enabling customers' security and privacy journey in the AWS/Cloud

Swati Sharma, Helping financial organizations to achieve Cyber Security and Regulatory Compliance in the Cloud

42 minutes17 May 2021
Fireside chat: Can small-sized startups build privacy in products? The journey of RedCarpetUp.com

Fireside chat: Can small-sized startups build privacy in products? The journey of RedCarpetUp.com

Shadab Siddiqui (CISO at Hotstar) in conversation with Sandeep Srinivasa, founder and head of product and tech at RedCarpetUp.com

50 minutes 3 May 2021
Keynote: Personal data in heavily regulated environments - Zerodha's case study

Keynote: Personal data in heavily regulated environments - Zerodha's case study

Kailash Nadh, CTO at Zerodha

38 minutes 3 May 2021
Jupiter's approach to PII/SPDI redaction

Jupiter's approach to PII/SPDI redaction

Rohan Prabhu, Senior Technical Architect at Jupiter

25 minutes13 May 2021
Make a submission

Accepting submissions till 18 Oct 2021, 01:20 PM

Hosted by

Rootconf
Rootconf
Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more

Supported by

Zeta Suite
Zeta Suite
Zeta® is in the business of providing a full-stack, cloud-native, API first neo-banking platform including a digital core and a payment engine for issuance of credit, debit and prepaid products that enable legacy banks and new-age fintech institutions to launch modern retail and corporate fintech p… more

Promoted

AWS
AWS
We’re the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. As a hyperscale cloud service provider, AWS provides access to highly advanced computing tools on rent for startups and SMEs at affordable prices. We help t… more
Omidyar Network India
Omidyar Network India
Omidyar Network India invests in bold entrepreneurs who help create a meaningful life for every Indian, especially the hundreds of millions of Indians in low-income and lower-middle-income populations, ranging from the poorest among us to the existing middle class. To drive empowerment and social i… more
Meta
Meta
about.facebook.com/meta
Privacy Mode
Privacy Mode
Deep dives into privacy and security, and understanding needs of the Indian tech ecosystem through guides, research, collaboration, events and conferences. Sponsors: Privacy Mode’s programmes are sponsored by: more