Applying GDRP/CCPA to CDC events using a pseudonymic Kafka Connect architecture

Do you face the challenge of abiding to the compliancy rules set by a regulator that you need to apply to your data sets? At Essent (a Dutch energy company), we faced this issue the moment we started ingesting CDC(change data capture) events from SAP into our data lake. Initially, we used the medallion architecture(bronze, silver, gold). We started by processing the raw data into the bronze layer, gave it structure in the silver layer, after which we anonymised the data and placed it in the gold layer, ready for business purposes. Although complying with the GDPR rules, it was cumbersome and hard to maintain. What if we could do this in a generic and standardised manner?

After looking for solutions we choose to implement the highly recommended pseudonymization process as soon as possible. The implementation we created is based on Kafka Connect architecture which gave us a data structure to provide a generic format, allowing us to handle our data in a generic manner.

This talk will provide insight on how we implemented our solution:

Use a Sink as the base, using the standard Kafka Connect structure transformation.
Utilizing a specific configuration object, we dynamically build a “lookup record” and the pseudonized version of the original.
Once done, both of the records are placed on specific target topics. This leaves us with a topic containing pseudonized records for anyone to use.
The second topic, containing the lookup data is shielded from non-authorized users.

Decoding the Cosmos: Voyager's 1970s Algorithms Meet Today's Cutting-Edge Tech

In the 1970s, disco ruled, slide rules guided engineers, and pocket calculators were cutting-edge. Amid this, NASA built Voyager’s data systems—designed to transmit signals across billions of miles and survive deep space noise.

Today, we’re still decoding those signals. This talk dives into how Voyager’s 1970s-era coding—crafted without modern tools—intersects with today’s tech. We’ll explore the Viterbi algorithm, a marvel of its time, and contrast it with modern machine learning.

This isn’t just history—it’s a journey into the evolution of algorithms. Expect real examples and live demos of encoding and decoding using both vintage and cutting-edge methods. Whether you’re a developer, data scientist, or space tech fan, you’ll leave with new insights, big “wow” moments, and a deeper appreciation for the fusion of retro engineering and next-gen innovation.

Lightning Talk: The dyslexic programmer, creativity did not kill the cat

Dyslexia is generally considered a disability, prejudices are always in place (they are slow and can not read or write). To be honest some of it is true but they have other qualities that make them excellent developers. There are lot of misconceptions about dyslexia. Did you know that 40% of all the self made millionaires are dyslexic. Approximately 2 out of 10 persons are dyslexic and 6 out of 10 do not even know it or are trying to hide it and that ? After a short introduction on what dyslexia actually is I will present you with some interesting facts that you probably did not know. From there on I take you on a ride into the mind of a dyslexic. His reading skills, the problems he faces and more important their perception of the world. The way that we perceive the world allows us to have a different look at anything we encounter. This different look is sometimes referred to as thinking outside the box. At the end of the presentation, I hope that I reframed this perceived weakness as being a powerful tool. And some pointers on how to interact with us, it is not that different from any other person.

Certificates and encryption; All you need to know, but...

Certificates are everywhere: in between; on the server; and even on your own devices. Even the people who don't know what a certificate is, still look for the lock in the address bar. And if they don't, they should. For people working with certificates daily, "Zero Trust" is something that is a standard that has been around since TLS 1.0, not a new buzzword. 
When explaining to someone what that lock in the address bar actually means is something you probably need to be working with certificates daily, just to know what that lock actually portrays. For getting from a simple unsecured http connection to a https connections using a certificate that is not self signed used to be a lot harder than it is now. Or is it?
Do you know the difference between TLS and SSL, http and https or even mTLS. Not to mention async vs sync encryption with RSA, DES? If yes no need to join this talk, all others are invited to explore the wonderful world of security and encryption.

Agentic AI: From the Trenches — What Most Talks Skip

Large language models (LLMs) increasingly power sophisticated agents that extract information, orchestrate tools, and solve tasks autonomously. Most AI talks focus on LLM reasoning or tool use, skipping the crucial orchestration layer that actually makes agentic systems reliable.

In this session, we dive into the trenches. We’ll introduce the MCP Protocol (Model-Control-Process), the orchestration engine driving agentic solutions, then walk through the architecture and key code patterns of a lightweight MCP Server implementation. You’ll see how the server routes reasoning, triggers tools, handles errors, and enforces guardrails. Along the way, we’ll cover real-world engineering trade-offs, common pitfalls, and best practices. By the end, you will not only understand why agentic AI works, but also how to implement it yourself, bridging the gap that most talks skip. If you’re responsible for creating autonomous assistants, orchestrated pipelines, or next-gen AI agents, this session gives you both the concept and the code to get started.

Is Pseudonymization The Answer To Your GDPR Problems?

Like many businesses, we've faced an uphill battle dealing with GDPR compliance in a simple, repeatable way. Pseudonymization is a technique to replace identifiable data with artificial artifacts that still enable analysis and processing. It complies with EU regulations and it is possible to get back to the original data when using additional information!
In order to have a scalable solution we are using the standard Kafka connect architecture with a sink as the base. Records that are received by this sink are pseudonymized and in the meantime, a second record is created. This second record contains the additional information that is required to get back to the original data.
The resulting records are placed on two separate output topics and further processing is performed just as we would normally do. For security reasons (and compliance), the topic with the additional information is only available to those that are allowed to see and or processes that information.

This approach, allows us to process GDRP-related information in a standardized and simplified manner, by simply creating a configuration file that specifies fields and the type of processing we are compliant with the rules. A second benefit is that we can scale easily. We just have to create a new rule set and if needed spin up an additional worker.

Have you been struggling to find a scalable approach to comply with the GDPR rules, join this session to learn about how we implemented a scaleable solution.

Datalake and Data mesh: a math in heaven?

“Data mesh” and “Data lakes” are the new buzzwords in Data processing. Both define a framework on how to set up and organize your data. Is it the new holy grail in data management? The data lake is more technology-focused whilst Data mesh is more towards the organization, but where do they meet?

In the old days, organizations attempted to store all their data in a corporate Data warehouse with a canonical model which, to be fair, did not work. We more or less created a data labyrinth instead of a warehouse. As everybody knows: collecting vast amounts of data is the easiest step in creating a data repository. But then, what’s the next step to get value from the data? That is the hardest part, which it should not be! By pointing out some of the strengths and weak points you will get a better understanding of what both are. This will help you to structure and organize the ingestion and processing of data in your organization. During the presentation, I will provide some practical examples to illustrate this.

CUPID, did you fall in love with the code?

Cupid (Composable, Unix-like, Predictable, Idiomatic, and Domain-based) is flying around with its bow and arrows. Now he’s not looking for people to fall in love with each other, but to fall in love with the code they make. You’ve probably experienced that feeling, you see the code they made is beautiful, elegant, and easy to read. When you read it, you fall in love with it and can’t wait to work with it.

It happens every once in a while, but shouldn’t that always be the case? Forget SOLID and make your code loved with CUPID. a new paradigm has arrived. In this talk, we’ll look at the principles of CUPID, and instead of hard rules as described in “the clean code” book by Uncle Bob you’ll see that CUPID is way more lenient in its usage. Some of the clean code rules are debunked, and some are even more fine-tuned. After this talk, you should have a different view on how you look at code and with this new mindset, you’ll create your code.

Needs audio connection