January 28 is Data Privacy Day, celebrated across the United States, Canada, India and 47 countries in the European Union. This year’s Data Privacy Day is especially significant for tech industry leaders given a tumultuous 2018 with numerous data misuse cases and massive data breaches. A year data privacy came into public consciousness.
It all began in Jan 28, 1981 when the first international treaty for personal data protection was signed. Known as the “Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data” or generally referred to as Convention 108, the agreement seeks to protect the privacy rights of individuals, given the increasing personal data flow in the digital economy.
The first Data Protection Day (as it is known in Europe) was initiated by the Council of Europe in 2007, followed by the United States two years later with a National Data Privacy Day.
In the United States, the National Cyber Security Alliance (NCSA) leads Data Privacy Day 2019 with the theme “Respecting Privacy, Safeguarding Data and Enabling Trust.” As part of the international effort to raise awareness, NCSA will be hosting an event, “A New Era in Privacy,” with a gathering of experts from industry, government and nonprofits.
So what do tech industry leaders have to say about Data Privacy Day 2019?
Stephen Gailey, Solutions Architect at Exabeam:
“Data privacy was a hot topic in 2018, and that trend is expected to continue in the coming months. Over the next year, I believe we will see the first sign of government control over large internet service companies. Organizations such as Google and Facebook still don’t seem to understand what privacy means. I think we will actually see some form of legislative control being put forward or even break-ups considered.”
Setu Kulkarni, VP, Corporate Strategy at WhiteHat Security:
“Trust and privacy are the cornerstones of security. Security does not necessarily imply obscurity and withholding – a society just won’t work in such a world. For society to work, physical entities need to trust each other and ensure privacy. You can’t go to a doctor and not tell the doctor about what is bothering you because you fear the doctor will not respect your privacy. You trust the doctor. Now phase shift to today, where a doctor is using a digital assistant to capture notes, and you are using web and mobile interfaces to interact with the doctor. Now there are digital representations of physical entities in play (digital assistants, web and mobile apps) that need to afford the same (if not higher) levels of trust and privacy to you and the doctor. Systems will need to change soon to accommodate this status change of digital entities. Digital entities will become at-par with physical entities, and as such, the social contracts as we know them will need to change to ensure the trust and privacy boundaries across humans, systems and data are upheld.”
Scott Parker, Director of Product Marketing at Sinequa:
“As enterprise data continues growing at exponential rates, artificial intelligence and machine learning capabilities have emerged as the primary means for enterprises to respond and become Information-Driven. While this evolution raises the efficiency and innovation of organizations and individual employees to unprecedented levels, it also introduces new data privacy risks and regulations. AI systems now exist that can analyze regulations across the world using multilingual natural language processing capabilities and determine whether a new regulation impacts specific organizations. Furthermore, these systems can identify who within an organization (R&D, legal, sales, marketing, etc.) should be informed and push the relevant information to these people. With this in mind, we should view data regulations like GDPR not as costly burdens but rather as opportunities to ensure compliance and data privacy while reaping the business benefits of accelerated innovation, increased productivity and optimized customer service.”
Neil Barton, CTO at WhereScape:
“Data Privacy Day serves as a reminder to remain proactive in protecting and managing your data. The only way to ensure that your business and customers are protected, and remain compliant with any regulations is to know where each piece of data sits and who can access it, as well as tag it and track its lineage in order to understand its usage. In addition, to further data protection and comply with subject access requests, data must be stored in a location with fast and adaptable extract capabilities.
“This is particularly challenging for organizations with a large number of data sets, where manually processing all of this information effectively can be time intensive, and error-prone. This is where automation comes in – data infrastructure automation can help companies ensure all data is adequately tagged, ensuring data is identifiable, auditable and quickly retrievable. This can help companies prove their level of data privacy compliance to regulators and customers.”