Sessions on data protection measures, threat actors and legal access to data and information classification

​UNICC participated in a two-day workshop called ‘Data Protection within International Organisations’ in Geneva in early May, with Shashank Rai, UNICC’s Senior Strategic Technology Specialist presenting and taking part in a discussion on data protection issues in cloud computing. The workshop took place at IOM in Geneva with Dharam and Milena in attendance.

Initiated by the EDPS over ten years ago, the workshop aims at bringing together international organisations to:

• Share experience and best practices in the field of data protection and analyse its impact as part of good governance within international organisations (including a number of UN organizations)
• Summarise the most recent regulatory developments at international level in the area of privacy and data protection and analyse the potential implications of such developments for international organisations
• Analyse state of play of data protection within international organisations.

The two-day workshop was organized by the International Organization for Migration and the European Data Protection Supervisor (EDPS) and included topics such as:

• Recent developments from the Humanitarian Action Working Group
• UN Global Pulse presentation on the UN Privacy Policy Group
• Personal health data current practices and challenges from IOM, WFP and European Centre for Disease Prevention and Control
• The role of the Data Protection Officer (DPO) from EDPS, Eurojust and Interpol
• The EU General Data Protection Regulation (GDPR): data transfers to international organisations.

Shashank Rai gave an introduction to UNICC and its services, defining a number of cloud concepts (including infrastructure, platform and software) and strategies, with an emphasis on the market deviations in characteristics like on-demand self-service, resource pooling, rapid elasticity, broad network access and measured service.

Shashank discussed threats to cloud computing and mitigating actions, with an emphasis on UN privileges and immunities that are often not honored in public cloud solutions.

Other speakers in Shashank’s session included Ricardo Guilherme Filho, Director, Legal Affairs Directorate, Universal Postal Union and Nikos Volanis, Legal Officer, International Telecommunications Union.

UPU’s presentation included a shout-out to UNICC for its hosting services and cloud support! ITU, discussed the ongoing debate within the UN system, from the UN Special Interest Group on Information Security, joint cloud services procurement engagement by 13 UN entities, UN System Internal Coordination Plan on Cybersecurity and Cybercrime and JIU’s Review of ERP Systems in the UN.

Other topics included protection measures, threat actors and legal access to data, with classification and encryption being potential residual risks.

Please also see the EDPS website on the conference.

Many international organisations were in attendance, as a partial list of participants reflects:

• European Organization for Nuclear Research (CERN)
• European Patent Office (EPO)
• European Space Agency (ESA)
• Global Fund to Fight AIDS, Tuberculosis and Malaria
• International Committee of the Red Cross (ICRC)
• International Federation of the Red Cross and Red Crescent Societies (IFRC)
• International Finance Corporation (IFC)
• International Labour Organization (ILO)
• International Monetary Fund (IMF)
• International Trade Centre (ITC)
• Interpol
• North Atlantic Treaty Organization (NATO)
• Organisation for the Prohibition of Chemical Weapons (OPCW)
• Organization for Security and Co-operation in Europe (OSCE)
• United Nations Children’s Fund (UNICEF)
• United Nations Global Pulse
• United Nations High Commissioner for Refugees (UNHCR)
• World Food Programme (WFP)
• World Health Organization (WHO)
• World Intellectual Property Organization (WIPO).