France’s data protection watchdog CNIL has published a set of guidelines to provide GDPR guidance on web scraping for direct marketing and recommended actions to businesses. Read More
Data Privacy
Technological development has always outpaced privacy concerns, but never more so than in the past decade. Collection and centralization of personally identifiable information (PII), tracking of movements and digital surveillance are all at unprecedented levels. Regulations and laws are only just beginning to catch up to the ability of both governments and private entities to deploy these capabilities.
What exactly is there to worry about? The mass collection and centralization of data by giant multinationals such as Facebook and Google is as good of a place to start as any. Two decades of vacuuming up the personal data of users of various online services has created the most impressive marketing capabilities in history, but these profiles have astounding potential for damage when they are used the wrong way or fall into the wrong hands.
Unauthorized information that is captured in data breaches tends to find its way to massive “combo lists” that are sold and traded on the dark web. Social security numbers are added from this breach, home addresses and phone numbers from that one, personal health information from yet another. Soon, a frighteningly complete profile of millions of individuals is available to anyone willing to pay the asking price.
These are just the established data privacy issues. The emerging ones are even worse. High-quality facial recognition technology is just beginning to roll out across the public places of some countries. Artificial intelligence is not only making mass facial recognition possible, but magnifies the power and reach of any application that involves capturing and sorting information: scanning pictures, analyzing speech, sifting through text and location data. This threatens to not only shatter anonymity and privacy, but allow for highly advanced impersonation and take the concept of “identity theft” to new levels.
Some businesses chafe at the trouble and added expense of new and emerging data privacy regulations, but they are vital to both protecting rights and privacy and instilling confidence in end users. Customers want to be able to submit their payment information without worry about data breaches and identity theft, use services without wondering what is being done with their personal information and use devices without fear of surveillance or having location data tracked. The need for meaningful safeguards only grows greater as technological capabilities increase.
European Commission is deliberating whether to adopt a three to five-year facial recognition ban that will give them some time to figure out how best to regulate the new technology. Read More
Annual calls for what would effectively be the end of hardware encryption have been renewed by the "Five Eyes" nations along with India and Japan, as they press for universal encryption backdoors. Read More
The ongoing battle royal between Apple and the FBI, which is trying to force the Cupertino based company to disable the built-in protections of an iPhone formerly owned by a terrorist has long term implications for privacy across the globe. Whether Apple wins or loses privacy advocates are watching the events extremely carefully. Data Privacy Asia reached out to some experts across Asia for their opinion on the ongoing legal battle. Read More
Do we need to protect the privacy of the deceased? Let’s look at the two kingpins of privacy regulation mentioned earlier – HIPAA and GDPR. We then take a brief view at a few of the literally hundreds of other personal information protection laws with regard to if and how they relate to the protection of the deceased. Read More
Data protection laws that demand explicit consent, right to be forgotten and algorithm transparency may have a chilling effect on artificial intelligence. Read More
Most technology start-up companies lack the experience and resources needed to manage the plethora of security, privacy, and compliance issues inherent in a growing technology business. Nevertheless, the legal and business implications of poorly managed privacy and data security practices are too important to ignore. A single error can undermine the trust of investors and customers, attract unwanted regulatory attention or litigation, and ultimately, derail a start-up’s success.
In this first instalment of a two part article Francoise Gilbert from Greenberg Traurig LLP talks about the first 5 common privacy and data security mistakes that start-ups must avoid. Read More
Facebook’s lack of strong privacy policies, compliance due diligence and commitment has led to fine after fine. What actions can the social media giant take to salvage their reputation? Read More
Companies that want to thrive in an increasingly regulated privacy environment must focus more on data transparency for customer loyalty, which consumers have now come to not only value, but expect. Read More
Surveillance capitalism as a revenue model through the observation and recording of as much personal data as possible to create highly effective targeted advertisements is growing unchecked. Can regulation level the playing field? Read More