Workshop: Information Infrastructuring for Disaster Risk Management Lawful conduct in CIS Workshop: Information Infrastructuring for Disaster Risk Management

…but what if the partners don‘t use the same language and codes? The Problem …but what if the partners don‘t use the same language and codes? ELSI Workshop 2017 www.episecc.eu

The EPISECC Solution Goal: information systems from different DM stakeholders, domains and vendors shall exchange information. CIS: central place where services get in touch to exchange data Adaptors reduce complexity (one CIS adaptor instead of x interfaces per legacy systems) Semantic IO: Adaptors transform proprietary data to standard messages adopted in CIS (CAP, EMSI, MLP; EDXL DE message envelope) Syntactic IO: Mapping proprietary key concepts to standardised EPISCECC taxonomy and vice versa ELSI Workshop 2017 www.episecc.eu

Decentralised architecture Data ownership: information is fully controlled by the owning tools Tool owners are responsible for sharing what with whom no central data store no data processing encrypted messages ELSI Workshop 2017 www.episecc.eu

ELSI – Confidentiality & trust Cooperation Group Online Room (CGOR) – closed group within CIS invite CGOR member join CGOR CGOR-A create CGOR invite CGOR contract (invite-join) exchanges key Symmetric encryption inside a CGOR Sender’s adaptor selects CGOR dependent on message properties join CGOR-B ELSI Workshop 2017 www.episecc.eu

ELSI questions Defining (Joint) data controllership Logging (28 & 30 GDPR) Data breach (33 GDPR) Analogy with intermediary liability? Data subject rights Who do I turn to? Data retention (storage limitation 4 GDPR) More difficult to manage in a decentralised architecture ELSI Workshop 2017 www.episecc.eu

Other (L)ELSI‘s ELSI Workshop 2017 www.episecc.eu Design Use Ensure that the collection of personal data is lawful and you hold it long enough to fulfil your purpose in relation to this data. There is a need to be clear about the true purpose for which the data is being held. The rules can apply to a group but only if they share the same relevant characteristic/s Once the information is no longer necessary for its original purposes it should be deleted. When collating and analysing data do you take steps to ensure that you only access and store the minimum needed to achieve your purpose? When creating fields for data input or search the need to include the lowest possible level of data should be flagged within the system. Particular attention should be taken when the relevant data could be classified as sensitive.   When making choices about the data you need to access and collate to achieve your goal, what systems do you have in place to ensure that you are effectively paying attention to the nature of this data and whether or not it could be sensitive? Different rules may apply to different actors and different kinds of data. Map out all the possible data flows in order to identify which data about which persons are being communicated to who. Can information be exchanged between agencies of different Member States? While developing a CIS, attention should be paid to the existing bi- or multilateral cooperation agreements that authorise the such trans-border information exchange. ELSI Workshop 2017 www.episecc.eu

www.episecc.eu