YoVDO

Personal Information Leakage by Abusing the GDPR 'Right of Access'

Offered By: USENIX via YouTube

Tags

SOUPS (Symposium on Usable Privacy and Security) Courses Cybersecurity Courses GDPR Courses Social Engineering Courses Privacy Courses Data Protection Courses

Course Description

Overview

Explore a revealing conference talk that exposes vulnerabilities in the GDPR 'Right of Access' implementation. Delve into a study examining 55 organizations' identity verification processes for data access requests, uncovering alarming success rates in impersonating individuals using only forged or publicly available information. Learn about the varied policies and practices across different sectors, the types of sensitive data leaked, and the social engineering techniques exploited. Gain insights into practical policy improvements organizations can implement to enhance data protection and minimize unauthorized access risks. Understand the ethical implications and broader impact of these findings on personal data security in the context of GDPR compliance.

Syllabus

Intro
Resource Questions
How to Improve Identity Verification
What Credentials are Being Asked
Home address
ID card
Proof of identity
Leaked Data
Recommendations
Ethics
Questions


Taught by

USENIX

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network