GOTO Nights welcomes you to a meetup of Legal tech. We look forward to seeing you.
– 17:00 Doors open
– 17:20 Welcome by GOTO CPH
– 18:30 Food and Drinks
– 19:00 Talk 2 – Uniprocess, Developing applications that comply with the GDPR by technical means, by Ramón Soto Mathiesen
– 20:00 Networking
– 20:30 Thanks for today
DANIEL KIIL (SYNCH)
When working with personal data, the GDPR sets the bar. Its requirements for a risk-based approach, privacy by design and the need for a legal basis for processing limits the scope for use of big data and AI. Further, its general principles about fairness, transparency, purpose limitation and data minimization narrow it even more, so does its stance towards profiling. So, what can you really do if you want to be compliant?
As an attorney, Daniel has mainly worked with IT, data protection and corporate/commercial law. After obtaining his law degree in 2009, he’s worked both as a practicing lawyer and an in-house counsel, inter alia for a large American IT company. He spends the most of his working hours dealing with IT contracts and privacy related issues.
RAMÓN SOTO MATHIESEN (SPISE MISU ApS)
ABSTRACT: Uniprocess, Developing applications that comply with the GDPR by technical means
The General Data Protection Regulation (GDPR) landed the 25th of May last year (2018). As a result of this, many companies have emerged providing services to help us comply with the GDPR.
What is obvious is that very few, if any, provide tools that will help us develop applications that comply with the regulation from a technical point of view. Law firms provide legal services, at a relatively high price as usual, while other consultancies, provide a lot of paperwork and words that, probably, will be “Gone with the Wind”.
This is the reason why the concept of “uniprocess” was researched. An “uniprocess” encapsulates a process, seen from a commercial point of view, where it is known at all times what data enter and leave the process. Being developed in “Haskell”, a functional programming language that has a clear separation between code that makes effects and the one that doesn’t, it is very easy to ensure these claims by using “granulation” and “restriction” of side-effects. Therefore, it is obvious to see that the development itself has to meet with the design of the process.
The concept is closely linked to stateless “microservices”, since the binaries are distributed with minimalistic “Docker” containers.
Finally, to facilitate the work of the Data Protection Agencies (DPAs) of the European Union, both “Haskell” binaries as well as “Docker” images/containers, will have a “Reproducible Build Hash” (RBH). With this RBH, you can mathematically show, that the software, which is currently executed, comes from the source code.
Ramón Soto Mathiesen, is a passionate computer scientist, with talent for business, who advocates for: correctness, code quality and high standards, but always with the customer in focus.
He currently works at SPISE MISU ApS, a company founded by him, which is dedicated mainly to solve the problems arising from the application of the General Data Protection Regulation (GDPR) with a scientific approach (Computer Science and Mathematics).