The EU takes privacy seriously, but too many companies ignore the risk
Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and gain efficiencies by improving and scaling citizen developers. Watch now.
If you ask most techs the difference between security and privacy, they probably won't be able to tell you the difference unless their primary job is to work on one of these teams . Since so much of our lives are now online, this is an issue that can lead to corporate liability and multi-million dollar fines, especially from European regulators. With this increased focus, what is the difference between security and privacy, and how should employees think about these issues?
To get started, let's look at Twitter's announcement this summer that a hacker had been in its system for over six months and was offering to sell user data from 5.4 million accounts. (In 2020, a Florida teenager was also charged with taking over accounts.) Hackers breaking into Twitter's system pose a security problem. But since these hackers may have had access to millions or billions of records, this is also a privacy issue.
This summer, Meta was fined $403 million by Ireland's GDPR (General Data Protection Regulation) authority. Last year, European regulators fined Amazon $888 million. It's a big problem for big platforms, but it can affect almost any business today: California recently fined Sepora $1.2 million for violating the CCPA (California Consumer Privacy Act) .
If we want to reduce the impact of fines and violations, we need software vendors to focus as much on privacy as they do on security, and make sure their employees know the difference. If you go to the doctor, your doctor knows exactly what HIPAA regulations allow them to disclose. Any trucker on the road knows exactly how many hours they can drive based on DoT Hours of Service regulations. But if you ask techs what they can and can't do under the CCPA, most might not even recognize the acronym.
EventSmart Security Summit
Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies on December 8. Sign up for your free pass today.
Register nowConfidentiality is about creating trust in your organization. It's about how you handle personal information and ensuring that you treat that data responsibly and in the way that consumers expect of you.
TL; GDPR DRGDPR guidelines require data to be stored in a way that ensures users can request that their information be corrected, deleted as part of the "right to be forgotten", or viewed so that the user knows what data the company has collected about the user, as well as various other privacy rights claims. But when data is stored in multiple disconnected databases, staying compliant is much more difficult because requests require multiple steps and coordination between databases.
The rules also focus on where data is stored, aiming to regulate the flow of data between the US and European countries. Facebook fights this policy, but swears that "Meta is a
Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and gain efficiencies by improving and scaling citizen developers. Watch now.
If you ask most techs the difference between security and privacy, they probably won't be able to tell you the difference unless their primary job is to work on one of these teams . Since so much of our lives are now online, this is an issue that can lead to corporate liability and multi-million dollar fines, especially from European regulators. With this increased focus, what is the difference between security and privacy, and how should employees think about these issues?
To get started, let's look at Twitter's announcement this summer that a hacker had been in its system for over six months and was offering to sell user data from 5.4 million accounts. (In 2020, a Florida teenager was also charged with taking over accounts.) Hackers breaking into Twitter's system pose a security problem. But since these hackers may have had access to millions or billions of records, this is also a privacy issue.
This summer, Meta was fined $403 million by Ireland's GDPR (General Data Protection Regulation) authority. Last year, European regulators fined Amazon $888 million. It's a big problem for big platforms, but it can affect almost any business today: California recently fined Sepora $1.2 million for violating the CCPA (California Consumer Privacy Act) .
If we want to reduce the impact of fines and violations, we need software vendors to focus as much on privacy as they do on security, and make sure their employees know the difference. If you go to the doctor, your doctor knows exactly what HIPAA regulations allow them to disclose. Any trucker on the road knows exactly how many hours they can drive based on DoT Hours of Service regulations. But if you ask techs what they can and can't do under the CCPA, most might not even recognize the acronym.
EventSmart Security Summit
Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies on December 8. Sign up for your free pass today.
Register nowConfidentiality is about creating trust in your organization. It's about how you handle personal information and ensuring that you treat that data responsibly and in the way that consumers expect of you.
TL; GDPR DRGDPR guidelines require data to be stored in a way that ensures users can request that their information be corrected, deleted as part of the "right to be forgotten", or viewed so that the user knows what data the company has collected about the user, as well as various other privacy rights claims. But when data is stored in multiple disconnected databases, staying compliant is much more difficult because requests require multiple steps and coordination between databases.
The rules also focus on where data is stored, aiming to regulate the flow of data between the US and European countries. Facebook fights this policy, but swears that "Meta is a
What's Your Reaction?
