Data deletion concepts (Datenlöschkonzepte) – in German

Corresponding SDM-Baustein (in German):
https://www.datenschutz-mv.de/static/DS/Dateien/Datenschutzmodell/Bausteine/SDM-V1.1_60_L%C3%B6schen_V1.0_uagsdmbs_final.pdf

Context on DIN 66398
https://www.datenschutzbeauftragter-info.de/din-norm-66398-die-entwicklung-eines-loeschkonzepts/

Web site on the related German DIN 66398 standard
https://www.din-66398.de/inhalt/index.html

Link to the free preview version
https://www.secorvo.de/publikationen/din-leitlinie-loeschkonzept-hammer-schuler-2012.pdf

Article by the editor
https://www.secorvo.de/publikationen/din-66398-hammer-2016.pdf

Presentation
https://www.dfn-cert.de/dokumente/ds_workshops/Datenschutzkonferenz2017/Folien_Hammer.pdf

Example Vorlage Löschkonzept (googled..)
https://www.sage.com/de-de/-/media/files/sagedotcom/germany/documents/pdf/support-und-service/dsgvo/vorlagen/loeschkonzept_dsgvo.pdf?la=de-de&hash=7F44CEC682912EEBD950F276BA510CFD

A Day in the Life of an AI project (privacy design and AI phases)

Great presentation that breaks down what needs to be considered from a privacy point of view in the different phases of an AI project.

My hope is to turn these into a “checklist” for new AI experiments that are run on pre-assessed AI platforms. (I’m very interested in comments).

Full slides from DPC19 :

https://iapp.my.salesforce.com/sfc/p/#1a000000HSGV/a/1P000000XeTO/7xOqxD1UampJRpDFr37qKWaLBKb9Ge2ZHgUUFBoiP6g

Phases of an AI project

  • Scoping
    • Problem identification
    • Impact of the AI?
    • Purpose limitation
    • Planning of solution & resources
  • Identify Data Sources
    • Getting access, data transfer
    • Compliance requirements for the data
    • Data minimization & pseudonymization
  • Data Pre-Processing
    • Exploratory Data Analysis
    • Feature selection (data minimization)
    • Feature engineering
    • Anonymization/pseudonymization
  • Modeling
    • Training, validation, testing
    • Does the model generalize well? (Test for bias/variance)
    • Support explanation
  • Deployment
    • Re-identification risk: Will the analysis or model be published?
    • Explanation to domain experts and/or data subjects
    • Incremental learning
    • Human-in-the-loop
  • Request of data subjects
    • Rights to get an explanation
    • Right to be forgotten