Regardless of the technology you put in place, the safeguards you have implemented, and the training you have provided, ultimately the success of your privacy program relies on the individuals in your organization. The most recent example of this came at the expense of the US National Women’s Soccer Team (USWNT). Continue reading this post…Posted on February 8, 2016 by Bob Siegel - No Comments
Does your US organization do business in Europe? If so, the rules for collecting and moving the personal data of EU citizens across borders and into the US are about to change. A new EU regulation is taking shape under a tight deadline and intense pressure that will force changes to some common practices in the digital age which are regarded very differently by the two regions.
There seems to be a light at the end of the tunnel for organizations previously exporting personal information from the EU to the US under Safe Harbor, the EU-US Privacy Shield. Unfortunately the details of Privacy Shield are not yet available, so what is a privacy officer to do to prepare for utilizing the new agreement? Continue reading this post…Posted on by Bob Siegel - No Comments
Earlier this month, Valve experienced an issue with data caching and what some call a data breach. Valve is a gaming company famous for many titles, but also for their virtual storefront, Steam. The short story is that Valve’s virtual storefront, known as Steam, had a glitch that allowed someone logged in to potentially see another user’s personal information. The personal information included names, digital identities, emails, and possibly credit card information. For a more complete summary, check out this video.
Over the past few days I have been pondering everything that has happened in privacy in 2015 and the impact on organizations. My intent was to write a retrospective blog entry, but this morning I decided to look ahead and not in the rear-view mirror. So here are three thoughts to kickoff 2016. Continue reading this post…Posted on December 31, 2015 by Bob Siegel - No Comments
I recently had a conversation with a colleague about privacy impact assessments, PIAs, and the tools available to administer them. We quickly became philosophical, trying to weigh whether a generic tool would work or if something that is organization specific is necessary.
Continue reading this post…
For the holidays, I bought my wife a Samsung Gear Fit. She is training for a 10k run and a half marathon next year, so she wants to track her progress prepare for these events. When the Gear Fit arrived in the mail, my wife asked that I set it up for her while she was putting our son to sleep. I got right to work playing with yet another piece of wearable tech, fumbling with it as I got it ready. It was at the first stages that I was face to face with a crazy scenario.
In the recent past a local police officer was involved in a shooting resulting in a citizen’s death. Soon after, the cry of “if only there was a body camera we would know what happened” was heard. I agree. However any police department needs to put policies in place to protect citizens’ privacy when cameras are used. Similarly, businesses using monitoring technologies need to put policies in place as well.
Continue reading this post…
Data breaches seem almost ubiquitous in the past few years. Companies such as Target, Home Depot, and recently Experian experienced breaches resulting in tens of millions of records being leaked. There is more to these than just hackers or a single point of failure. Many times, breaches are can be a perfect storm of conditions that could have been handled individually, greatly reducing the risk of a breach, and lessening their impact should they occur.
It has been a very exciting and tumultuous October for privacy professionals. The IAPP Privacy, Security, and Risk Conference in Las Vegas started the month, we had a breach of 15 million individuals, and Safe Harbor was struck down by the EU Court of Justice after the protest of an Austrian student. With the loss of Safe Harbor as a means for US organizations to transport data between nations, there are some big implications for many of us.
February 9, 2015
February 8, 2016Continue reading this post...
February 5, 2016Continue reading this post...