Subscribe to DSC Newsletter

In order to detect intrusion, bots, spammers, scammers, and fight Internet crime in general, you need to store and monitor a number of metrics for a certain amount of time, at the individual level (not just aggregates): IP addresses, details about all HTTP requests from all users (and cross-correlate them), including country of origin, timestamp and much more, and perform advanced statistical analysis. The NSA does that all the time, it is actually what they are supposed to do. 

How can you perform these tasks, and yet comply with GDPR? GDPR forces you to comply with some regulations to protect privacy. But maintaining security, forces you to comply with some opposite regulations. It seems impossible to be compliant with both. How do you do it?

Views: 322

Reply to This

Replies to This Discussion

In essence the GDPR enforces regulations on personally identifying information.

If you de-couple the individual-machine level data from the user's data (name, username etc) then you will be left with the data needed for security analysis and monitoring, but you won't be able to link this data to an actual person. This allows you to continue monitoring your infrastructure whilst adhering to the regulations.       

I don't know that they are technically incompatible, but the question makes me think about the NSA's ThinThread project and the story of Bill Binney.


A Good American



  • Add Videos
  • View All

© 2020   Data Science Central ®   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service