Easy-to-use GDPR guide for Data Scientist. Part 1/2

As successful Data Scientist, what can I do and what cannot to be GDPR compliant? Amazon Web Services (AWS) vs on-premise. De-identification vs Anonymization. Anonymization: removing, masking or suppression, generalization, k-anonymization, scrambling, blurring. Pseudonymization: tokenization, hashing, encryption, key deletion or crypto-shredding.

Image for post
Image for post

Disclaimer: I do not represent my current/previous employers on my personal Medium blog.

Guide below covers main steps for data processor, not data controller.

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller
Source: http://bit.ly/2OYpwVA

I can strongly recommend store data in cloud like AWS or GCP. Do not use storage services like Google Drive, Dropbox, Box, and OneDrive. Store only encrypted data on your USB flash drives and external HDD/SSD.

Amazon S3 is object storage built to store and retrieve any amount of data. I’ll show you how looks S3 GDPR compliant bucket in next section.

Step is not required. As successful Data Scientist, I can use Amazon S3 bucket encryption.

Navigate to https://console.aws.amazon.com/kms/ and click Create a key button:

Image for post
Image for post

Enter Alias (e.g. medium) and Description (e.g. Key for Amazon S3 bucket encryption). Click Next button:

Image for post
Image for post

Provide tags like Team, Owner, and Impact. Click Next button:

Image for post
Image for post

Click Next button. Click Next button. Review policy and click Finish button:

Image for post
Image for post

Navigate to https://console.aws.amazon.com/s3/ and select your bucket. Select Properties tab. Click Default encryption button:

Image for post
Image for post

Select AWS-KMS option. Select KMS key (e.g. medium) and click Save button:

Image for post
Image for post

Amazon S3 automatically encrypting objects stored in bucket now.

Step is required! Navigate to https://console.aws.amazon.com/s3/ and find your bucket (e.g. korniichuk.enc). Verify Bucket and objects not public access settings:

Image for post
Image for post

If you need fix access settings, select your bucket (e.g. korniichuk.enc) and click Edit public access settings button:

Image for post
Image for post

Summary: Amazon S3 bucket and object are not public. You can use Amazon S3 bucket encryption as extra option.

Navigate to Part 2

Written by

Python Developer and Artificial Intelligence Engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store