Practical DATA PROTECTION – Avoidance? EU and US ?

From IIW

Session Topic: Data Protection (Avoidance?) in EU and US

Thursday 2E

Convener: Valter Nordh

Notes-taker(s): Valter Nordh


Background:


Transfer of Personal Identifiable Information (PII) within and out of EU is regulated.

How do we enable the transfer, for access to services needed attributes, of PII within an id-federation – WITHOUT the need for signing a full mesh of contracts between all IdPs and SPs?

This talk discussed how the GÉANT Code of Conduct solves transferring PII in order to ENABLE access to a service, such as e-mail, username, Name – primarily within the EU.


Full information about the Code of Conduct is found at:


https://refeds.terena.org/index.php/Data_protection_coc


The Code of Conduct is licensed as creative commons, meaning that this work can be reused for other purposes as well.