GDPR regulations mandate any data processor - that handles user data - must provide two core functions:
- The data that they have about a user - what do you know about me?
- Deletion of user data - what I don’t want you to keep.
However, both these mandates are not easy for a data processor to comply with because they require the processor to have robust data management practices from day one of their operations. Making a company GDPR-compliant retrospectively is very hard since architects typically focus on designing for scalability, maintainability and data security in the early stages of a company.
We invite talks from practitioners who have gone through the journey of data engineering and how they have managed to balance the difficult goals of privacy, utility and scale within their organizations.
Who should participate:
- Data engineering architects
- Data Privacy Officers
- Data engineers
- Product managers
Protect the pie (PII)
Core to data-security is the user’s personally identifiable information. As Disney + Hotstar grows internationally, with increasing compliance restrictions, we’ve re-architected our entire data-platform to support differing compliance & security requirements. We make the user’s personally identifiable information impossible to access unless absolutely necessary. In this talk we discuss how we use masking & filtering while ingesting, storing and processing data, and how systems that access data for analytics, personalization, targeting, reporting were accommodated to fit this new world. We discuss the paradigm shift in approaching the data from a user’s point of view instead of a use-case point of view