The Divided States of America(n Data)

The Divided States of America(n Data)

This Is Why We Can’t Have Nice Things – Like Our Own Version of GDPR. The American Data Divide Across the ocean, a much-publicized piece of holistic privacy legislation called the GDPR has transformed the relationship between citizens, businesses, and personal data. In 2019 it’s time to ask: why can’t the USA produce its own unified piece of federal data privacy regulation? Data regulation in the United States is still a work in progress. At present it’s a patchwork quilt split along state and industrial sector lines, and for most consumers, it’s impossible to penetrate. Businesses are similarly hamstrung by the lack of harmonious regulation. Those that decide to play by the rules burn copious resources and frustrating man-hours just …

What’s the Difference Between Data Security & Data Privacy?

What’s the Difference Between Data Security & Data Privacy?

“Data Privacy” and “Data Security” are two terms that can sometimes be used interchangeably. Especially by those who aren’t in the field of data protection. However, in this particular sector of the industry, they mean two very different things. Understanding the relationship between them is essential for grasping the complexity of regulatory compliance. This article is a quick primer that illustrates how privacy and security differ and how they work together as building blocks of regular data operation. Data Security vs Data Privacy In simple terms, security means securing data against unauthorized access. Privacy is about managing and defining authorized access. Data security is a technical issue that involves building robust defense mechanisms in your digital infrastructure. Data privacy is …

An Overview of States Passing Privacy Laws

An Overview of States Passing Privacy Laws

Any Intro to Civics course teaches that lawmakers exist to enact the will of the people. Moreover, since “the people” have recently become very concerned with the security of their data and the privacy of their online activity, it’s perhaps reassuring to see the recent nationwide bloom of state-based digital privacy legislation. California’s CCPA got the headlines because of the size of the market and the easy comparison to Europe’s GDPR. However, in other states across the country, legislators have quietly passed, or are in the late stages of passing bills that parallel California’s Privacy Law. In some cases, the measures are even more far-reaching. This article examines recent legislative updates in Nevada, New York, Vermont, South Carolina, and Colorado. …

Governments & Privacy

Governments & Privacy

When the words “government” and “privacy” get put side-by-side, the knee-jerk reaction is usually harmful. Since the days of Orwell, governments have been poking their noses into citizens’ business. History suggests the association is not without merit. Protectors of Privacy Rights In the last decade, whistleblowers like Edward Snowden have shown the communication boom of the internet era accompanied by an increase in government monitoring and privacy abuses. For example, by the likes of the NSA, the Department of Homeland Security, and other bureaus. A charitable explanation of these practices is that, like many during the era, these actors didn’t fully grasp the full cost and legal implications of the shiny new toys they could access. The less charitable explanation …

How Online Experience Varies by Purchasing Power

How Online Experience Varies by Purchasing Power

When people discuss issues with data privacy, class ranking is rarely part of the conversation. Even though the internet has been a markedly business-driven project for some years now, the old perception endures that URL life isn’t getting marked by the same dividing lines that mark IRL society. However, this is false. The realization that data privacy gets inextricably tied to economic status is becoming more widely accepted. Predatory Advertising As the old technology adage goes: when the product is free, you are the product. Nowhere is this truer than online. Those with less disposable income are prone to having data leveraged in a more aggressive and potentially predatory fashion. Moreso than those who are affluent. Under previous lax data …

A Framework for Privacy Risk Self-assessment

A Framework for Privacy Risk Self-assessment

With the recent raft of worldwide privacy legislation and much more to come, organizations of all shapes and sizes are becoming forced to evolve the way they do business. Those SMEs that can’t bring their operations into compliance with the GDPR, CCPA and other data privacy laws worldwide will be at a significant competitive disadvantage, and may even find that continued non-compliant operation merely is unsustainable. In this “adapt or die” scenario, the essential first step to getting compliant is for SMEs to perform a rigorous self-assessment of their present-state data operation. There are three basic formats to self-assessment: Business units can analyze their practices. Different groups within the agency can review and analyze each other. A single appointed party …

Ethics & Trust in Tech: Thought Leadership

Ethics & Trust in Tech: Thought Leadership

Across the tech sector, there’s widespread consensus that a trust deficit threatens to undermine the current business model of quality, ad-supported content. This mistrust exists between data subjects, data controllers, and data processors (to use GDPR parlance). Users don’t trust that the sites they visit are behaving responsibly with their data. In turn, those sites can’t be sure that the infrastructure which allows them to monetize are doing the same. A Pain Point / An Opportunity A recent AdWeek interview with Chetna Bindra, Google Senior Product Manager for User Trust, Privacy, and Transparency, gives fresh insight into how one of the world’s biggest data brokers sees the future of privacy. Bindra’s interview is chock-full of interesting nuggets. To her, data …

How To Assess Vendors For Data Privacy Compliance

How To Assess Vendors For Data Privacy Compliance

When small-to-medium enterprise (SME) team members begin to consider how the business landscape is changing to increased data privacy regulation, the procurement process is not usually high up on their list of answers. However, SMEs focusing too purely on in-house practices miss a key point. Both the GDPR and CCPA place new responsibilities on data controllers. In other words, the company or another body determines the purpose and means of personal data processing. They need to ensure all third-party vendors who touch their data are behaving in a compliant manner. In short, the controller continues to hold responsibilities for compliance, even when outsourcing processing duties. The in-house compliance will not suffice. It’s now incumbent on SMEs to ensure that the …

How Does Data Privacy Affect My Job?

In technology, change is constant. Professionals working in tech are called on to integrate new processes and ways of thinking to stay abreast of their field. A case in point is data privacy. If you entered the workforce a decade ago in any number of tech-related tracks, privacy, and processes to protect users was a topic of passing interest. Today, the emergence of GDPR, CCPA, and other landmark pieces of legislation has increased data privacy concerns and has become a pivotal part of the development space and beyond. This article provides a quick-hit synopsis of how the renewed focus on user data privacy impacts different roles in technology organizations in jurisdictions around the world. DevOps Teams that stay compliant incorporate …

What is the CCPA? A Guide to California Privacy Law

Introduction: What is the CCPA? The California Consumer Privacy Act will come into effect on January 1, 2020. This fact may have a significant impact on your business. California is the crown jewel in the United States economy. If it were a standalone country, its $2.7 trillion GDP would be the fifth-largest in the world, sitting ahead of the United Kingdom. Combined with the state’s status as an incubator for tech innovation and consumer culture, California gives outsized importance for all kinds of businesses operating at local, national, and multinational levels. The CCPA forces enterprises reaching a particular scale to contend. Other states will soon follow suit with similar legislative pieces of their own. California has long been a bellwether …