GDPR Compliance by Design

  • By Ishara Naotunna
  • 15 May, 2018

GDPR Compliance by Design

Tuesday, May 15, 2018
10:00 a.m. - 11:00 a.m. (GMT)

GDPR compliance by design encompasses a number of privacy concerns. One aspect is how and for what purpose personal information collected from EU citizens is being used, which is governed by the feature set a software provides. The other aspect is about the storage of personal or personally identifiable information. Software developers need to adhere to proper and acceptable design when storing this data.

In this session you will learn privacy by design principles applicable when designing and developing a system. It covers the advantages of using pseudo-anonymous user names throughout the system and having centralized mapping to the real name. It also covers privacy annotations that a software developer can use so that sensitive information is masked in logs or any analytical/business reports.

This also gives an overview of how to retrofit a legacy production system with the WSO2 Privacy Toolkit so that it can be GDPR compliant when storing data.


Ruwan Abeykoon Associate Director/Architect, WSO2

Ruwan is a member of the WSO2 Identity Server team where he currently focuses on improving the usability and analytical aspects of the product. He has previously been a member of WSO2's analytics team. He has a diverse working knowledge on a number of popular languages and frameworks, and advocates applying mathematical models in designing. Ruwan has been working on designing and developing systems for diverse sectors including telecom, retail and customer care. He also holds a diploma in Robotics and Automation, is a BSc holder in Engineering and a member of IEEE.

Jayanga Kaushalya Senior Software Engineer, WSO2

Jayanga is a member of WSO2 Identity Server team. He is one of the key members who spearheaded the WSO2 effort in making products GDPR complaint. As a tech enthusiast, he has contributed to multiple open source projects. His interests are in enterprise application development, application security, and distributed computing.