Hush! It’s Data Privacy Day
Perhaps the worst-kept secret of the week is that today is Data Privacy Day. Although you don’t get a day off, you get an insightful discussion on the importance of privacy in an ultra-connected digital society like the one we find ourselves in.
In hopes of sparking discussion and perhaps making a little headway in the area of data privacy, datanami collected the thoughts of 10 data privacy experts. While they share a diversity of opinions, an underlying trend is emerging: the tables are turning in the data privacy arena and consumers are taking control.
“Data has the power to help us make the right decisions, grow and drive innovation,” says Stijn Christiaens, Founder and Chief Data Citizen at Collibra. “But with great power comes great responsibility: we need to ensure that the data we use is reliable and that it is used in the right way. Especially as new legislative requirements emerge, companies need to look at compliance proactively rather than reactively to avoid reinventing the wheel each time.
The discussion of data privacy is often focused on ticking boxes to demonstrate compliance with GDPR, CCPA, and any new privacy regulations that a state or country has adopted that day. But instead of ticking boxes, it’s time for companies to take responsibility for maintaining privacy — or consumers will do it for them, says Christiaens.
“We need to reframe the conversation around data privacy to be less complacent and more proactive, and we need to act faster to bring as many people as possible to the table to have real impact,” says Christiaens. “Invest now in building sustainable processes to be ahead of the market and the competition.”
According to Cindi Howson, chief data strategist at ThoughtSpot, organizations that recognize that data privacy, governance, and business success are all intertwined and intertwined will have the edge over those that don’t.
“Those who work with data should feel responsible as if they were guarding their best friend’s most vulnerable secret,” she says. “In a digital world, data refers to real people – where they went in that Uber, what store they visited before shopping at a lingerie store, and what movie they streamed on their phone. Data enables personalized digital interactions and more efficient movement of goods.
“But failing to maintain the privacy of customer data risks losing trust, revenue, and brand value,” Howson continues. “With more digital data, companies need to be more transparent about what data they collect and how it is used. Increased regulation is one approach to ensuring privacy, but the best companies design privacy policies with a customer-centric mindset, instead of exploiting customers for their data.
Making data privacy a core feature is a great way to increase market share, says Carolyn Duby, field CTO and cybersecurity lead for Cloudera.
“From our perspective, we see companies using privacy as a selling point, i.e. Apple’s decision to limit other companies’ access to data on their devices,” Duby writes. “It continues to grow within the company. Going forward, it will be very important for businesses to think carefully about what they do with data and how it affects their customers. And it can’t be one-sided: it has to be a partnership about what they collect, how they keep it safe, and how they use it ethically. »
We are becoming increasingly aware of the levels of risk inherent in managing data and conducting commerce on the open web, but industry regulations are at least guiding us in the right direction, according to Adrian Moir, technology strategist and engineer. Principal at Quest Software.
“With Microsoft Exchange, Kaseya, and even Log4j coming to the end of the year, organizations are recognizing the business need for data privacy,” says Moir. “Looking to the future, we will likely see how data is viewed, used and regulated increase and become more refined. Regulatory elements such as the privacy of the data itself and the levels of intrusion, data recovery and ransomware events seem to continue unabated. However, we have seen traction in the right direction this year, including the emergence of several new policies affecting privacy in different parts of the world, such as CPRA, China Personal Information Protection Act, ColPA, etc. .
Consumers will have more control over their data this year, says Lewis Carr, senior director of product marketing at Actian.
“In 2022, expect to see all personal information and data sharing options become more granular in how we control it – both on our devices and in the cloud – specific to each business, school or government agency,” Carr says. “We will also start to have some visibility and control over how our data is shared between organizations without us being involved.”
Gone are the days of lengthy privacy statements that no one reads and binary choices (you opt-in or opt-out). Instead, Carr says, we’ll see the rise of “data management and cybersecurity platforms with granular permission over parts of your personal data, such as where it’s stored, for how long of time and under what circumstances they may be used”. You can also expect new service companies to emerge and offer intermediate support to monitor and manage your data privacy.
It’s a veritable assortment of digital rights for individuals, according to Andy Teichholz, senior industry strategist for compliance and legal at OpenText.
“People are more empowered than ever to exercise their rights, submit Object Rights Requests (SRRs), and take back control of their information,” Teichholz writes. “They want to understand how their data is being used and to access, correct, delete and restrict use. To meet these data-intensive demands and overcome a shortage of resources to support key business activities, organizations must embrace data automation. process for SRR response and apply case management tools that best track its performance and effectiveness.
Jimmy Chang, chief product officer at Workspot, fears the “big resignation” has exposed many of the technology challenges companies face when transitioning to a remote work environment. Treating the cloud as a data centralizing force can help alleviate these worries.
“Over the past year, IT organizations have struggled to onboard people and make them productive, often creating longer-term security and data privacy issues in the process,” he says. “But these solutions were often untenable for employees, who felt disconnected and unproductive. Organizations that successfully balance productivity and comply with data and security requirements are those that have embraced the cloud as a unifying global “data center” – the public cloud. »
The ransomware epidemic of 2021 has compromised the privacy of many people. This should be a lesson for us, says Pritesh Parekh, Head of Trust and Safety at Delphix.
“Last year’s onslaught of attacks demonstrated the impact it can have not just on a particular person or business, but on the population as a whole,” Parekh said. “Whether it’s a shortage in the food supply chain or the inability to access essential health services, people around the world are realizing that successful cyberattacks could have serious consequences. for all of us.”
We secure much of our private information behind passwords. But that’s a mistake, says Brian Pagano, Axway’s chief catalyst and vice president, who says we should give up our faith in passwords.
“You can tell if an IT service isn’t scaling if you need to change your password frequently (this practice has been shown to decrease security and has been largely discontinued),” Pagano says. “Data privacy involves data at rest and data in motion, as it primarily ensures that anyone trying to access the information has the appropriate rights over that data. If confidentiality is a major concern, the organization should adopt a need-to-know check for any document. Prove that you need this information. Keep logs and audit them randomly. This is similar to Apple’s posture. For new businesses, open and timely communication is often more important than absolute confidentiality. Just remind team members that anything written may appear in public, so think before you type.
While the cloud has made IT environments cheaper, more flexible, and more scalable, it has also caused their data to be dispersed across dozens of SaaS applications and multiple cloud services, in addition to their existing on-premises systems and many terminals. That’s not a recipe for success, says Indu Peddibhotla, senior director of product and strategy at Metallic, Commvault’s SaaS business.
“This proliferation of data makes it difficult for IT and compliance teams to implement robust data management strategies that enable their organizations to cost-effectively comply with data privacy regulations,” he said. declared. “However, a new class of data management solutions as a service (DMaaS) makes it easier for these IT and compliance professionals to manage this proliferation of data in ways that enable them to meet these data challenges. data privacy.”
Security, privacy and governance at the crossroads of data in 22
A patchwork of data privacy laws is confusing
Data privacy in the crosshairs