Every year, 28 January marks the International Data Protection Day in Europe and around the world.
Explaining the world of OSINT
This year, the CNPD organised a conference entitled ‘Understanding the challenges of Open-Source Intelligence (OSINT) - When the use of public information sources meets the protection of personal data’ (« Comprendre les enjeux de l'Open-Source Intelligence (OSINT) - Quand l'utilisation des sources d'information publiques rencontre la protection des données personnelles »). The aim was to explain what OSINT is and the extent of the current possibilities offered by these technologies and methodologies thanks to the abundance of data available online.
After a welcoming address from CNPD Chair Tine A. Larsen, Pierre-Alberic Trouplin, cybersecurity consultant at CBTW, introduced the subject of OSINT before showing how a person's entire identity can be reconstructed from the data traces they have left online.
Vincent Legeleux, IT expert at the CNPD, spoke about the risks that individuals may encounter in relation to OSINT. Sadia Berdaï, legal expert at the CNPD, then detailed the implications of OSINT for businesses, as well as the best practices to adopt to ensure that technology is used in compliance with data protection regulations.
Regina Becker, ELSI Fellow (Ethical, Legal and Social Implications) at the Luxembourg National Data Service (LNDS), discussed the benefits and risks of using public data. Her presentation examined the issues at stake for public bodies, employers, journalists, and anyone who publishes information on the Internet.
The programme ended with a round table discussion between the speakers, who were joined by Thomas Dominique, Director of the Inspection générale de la sécurité sociale (IGSS). They discussed and clarified issues relating to OSINT as well as trustworthy methods for using public personal data, before answering questions from the audience.
An ideal day to share knowledge and raise awareness
CNPD Commissioner Alain Herrmann was invited by the European Investment Bank (EIB) to present the interactions between data protection, AI and the AI Act at a Data Protection Day event focusing specifically on artificial intelligence.
As in previous years, the CNPD took part in the Data Privacy Day event organised by the Restena Foundation and the University of Luxembourg, under the aegis of Cybersecurity Luxembourg. This year, the National Commission presented its activities and tools for raising awareness and guiding entrepreneurs and individuals in matters of data protection.
Furthermore, the CNPD was proud to announce the online release of the German version of DAAZ, a virtual training tool for GDPR compliance that addresses the challenges faced by entrepreneurs, start-ups and SMEs established in the Grand Duchy of Luxembourg.
Finally, the National Commission has also published its fifth factsheet entitled ‘The right to portability’ as part of its ‘Your data? Your rights!’ campaign.
The origins of the Data Protection Day
In 2006, the Committee of Ministers of the Council of Europe decided to designate the 28th of January as International Data Protection Day. This day is now celebrated all over the world. It marks the anniversary of the opening for signature of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data on 28 January 1981.
The aim of the International Data Protection Day is to raise awareness of the challenges of data protection and privacy, and to inform people of their rights and how they can exercise them. It responds to the growing challenges of an increasingly globalised and digitised world to build a space for the free transfer of data while preserving the human right to privacy and data protection.