YoVDO

Personal Information Leakage by Abusing the GDPR 'Right of Access'

Offered By: USENIX via YouTube

Tags

SOUPS (Symposium on Usable Privacy and Security) Courses Cybersecurity Courses GDPR Courses Social Engineering Courses Privacy Courses Data Protection Courses

Course Description

Overview

Explore a revealing conference talk that exposes vulnerabilities in the GDPR 'Right of Access' implementation. Delve into a study examining 55 organizations' identity verification processes for data access requests, uncovering alarming success rates in impersonating individuals using only forged or publicly available information. Learn about the varied policies and practices across different sectors, the types of sensitive data leaked, and the social engineering techniques exploited. Gain insights into practical policy improvements organizations can implement to enhance data protection and minimize unauthorized access risks. Understand the ethical implications and broader impact of these findings on personal data security in the context of GDPR compliance.

Syllabus

Intro
Resource Questions
How to Improve Identity Verification
What Credentials are Being Asked
Home address
ID card
Proof of identity
Leaked Data
Recommendations
Ethics
Questions


Taught by

USENIX

Related Courses

Cryptography II
Stanford University via Coursera Microsoft Enterprise Mobility Suite
Microsoft via edX Social Media - What No One has Told You about Privacy
openHPI Windows 10 Features for a Mobile Workforce: Identity Management and Data Access
Microsoft via edX Health Professional Teaching Skills – Level 3 - Professionalism
University of Toronto via edX