A new book from ISACA, "Privacy by Design and Default: A Primer," provides a complete overview without losing the reader with extensive detail. In this review, Guy Pearce notes that the concept is about 25 years old and the book catches readers up quickly.
Almost two-thirds of businesses surveyed report they are not "completely compliant" with all regulations, such as the California Consumer Privacy Act and Europe's extensive laws, Pathwire reports. It costs money to comply, but "[n]on-compliant organizations face high penalties from data privacy regulators, regardless of where they're based," says Maylis de Bazelaire of Pathwire.
The overall weakness of US privacy laws hurts its standing in the world, argues Justin Sherman. The way sensitive data from citizens is handled hurts "the competitiveness of American technology firms, as many countries advance data regulations driven, in part, by Silicon Valley's unrestrained data practices," Sherman writes.
De-identifying medical data is an imperfect method of maintaining patients' privacy, says Nigam Shah, a professor of medicine at Stanford University. Shah argues that de-identified data can be reconnected to individuals through other datasets and "[t]here's a mismatch between what we think happens to our health data and what actually happens to it."
After an extensive investigation, the Office of the Australian Information Commissioner determined that Uber failed to properly protect the personal information of 1.2 million riders and drivers, leaving it vulnerable to a cyberattack in 2016. The company will be required to revamp its practices, overseen by an outside expert.
Five contributors to an article from law firm Kramer Levin Naftalis & Frankel analyzed a new New York City ordinance that restricts how businesses use biometric information. For starters, such businesses must post clear signage indicating they collect such information from customers.
Be the Benchmark, Validate Your Chops Certified Data Privacy Solutions Engineer™ (CDPSE™) is the only experience-based privacy certification. Beta test this exam in January 2021. Register now and save US $50 off your application, plus a FREE review manual to prep for the exam.
Technology experts and human rights groups oppose a plan in India to set up regional and national databases that would collect DNA from accused criminals, victims and persons reported missing. "There are privacy concerns because DNA discloses information about one's relatives and ancestors, as well," says Shambhavi Naik, a research fellow at the Takshashila Institution.