YoVDO

Personal Information Leakage by Abusing the GDPR 'Right of Access'

Offered By: USENIX via YouTube

Tags

SOUPS (Symposium on Usable Privacy and Security) Courses Cybersecurity Courses GDPR Courses Social Engineering Courses Privacy Courses Data Protection Courses

Course Description

Overview

Explore a revealing conference talk that exposes vulnerabilities in the GDPR 'Right of Access' implementation. Delve into a study examining 55 organizations' identity verification processes for data access requests, uncovering alarming success rates in impersonating individuals using only forged or publicly available information. Learn about the varied policies and practices across different sectors, the types of sensitive data leaked, and the social engineering techniques exploited. Gain insights into practical policy improvements organizations can implement to enhance data protection and minimize unauthorized access risks. Understand the ethical implications and broader impact of these findings on personal data security in the context of GDPR compliance.

Syllabus

Intro
Resource Questions
How to Improve Identity Verification
What Credentials are Being Asked
Home address
ID card
Proof of identity
Leaked Data
Recommendations
Ethics
Questions


Taught by

USENIX

Related Courses

Understanding the GDPR
University of Groningen via FutureLearn Protecting Health Data in the Modern Age: Getting to Grips with the GDPR
University of Groningen via FutureLearn Introduction to GDPR: General Data Protection Regulation
University College London via FutureLearn The European Charter of Fundamental Rights and Data Protection in the European legal framework
Global Campus of Human Rights via Independent Privacy in Europe
EIT Digital via Coursera