Dinis Cruz
James Bore
David ClarkeSession Description
In preparation for the Security Labels & Schrems II session that is happening on Thursday, in this session we will be executing a Threat Model exercise aimed at mapping out the multiple Threat Modeling components of the scenarios affected by “Schrems II” (Threat Actors, Data Flows, Use Cases, Security Boundaries, Vulnerabilities and Risks)
Schrems II
As per the Schrems II ruling, the US is no longer an adequate country for EU personal data. BCS recently did a recent webinar on the legal aspects which you can see here
So far, the ICO guidance in the UK is to map your data flows in preparation for further guidance.
See also:
- Webinar: What do you need to know about Schrems II?
- Updated ICO statement on the judgment of the European Court of Justice in the Schrems II case.
- JUDGMENT OF THE COURT (Grand Chamber)