Some of the biggest names in Big Tech may be considering pulling out of Hong Kong. The reason is a recently-implemented "doxxing" privacy law developed in the wake of the 2019 pro-democracy protests.
Data Protection
Certain types of personal data are very valuable to criminals, and can be very damaging to an individual or business if it falls into the wrong hands. As the world becomes more digital and more connected, more of this sort of data is generated and passed between various sources on a regular basis.
Government regulations and supervisory authorities aren’t just about keeping irresponsible parties in line. They also provide vital security guidance to every type of organization that handles sensitive personal, business or government information.
Data protection regulations also ensure that the end user has a transparent view of and a say in the processing of personal data. These safeguards play a significant role in everything from the preservation of civil rights to ensuring that democratic institutions function properly.
Some types of personal data are clear candidates for regulation: medical records, banking information, national ID numbers and so on. But some of these regulations also cover items that might seem relatively innocuous at first glance: home addresses, email addresses, website profile information and so on. For example, the European Union General Data Protection Regulation (GDPR) has stipulations about anything that is unique to an individual to include phone numbers and social media accounts. People have varying levels of privacy preference with these items, but they are often protected by regulation because they can be used for targeted scams and attempts at identity theft.
Given that regulations often take the size and customer count of businesses into consideration in terms of penalties and the scope of protection of personal data, compliance is particularly important for enterprise-scale organizations. You do not necessarily have to have an active business presence in a country or region; simply storing data on or moving it through servers there may subject you to their data protection rules.
Big tech companies are pushing for watered-down privacy regulations that would largely permit them to continue doing business as usual. There is reason to suspect that these tech companies now view federal privacy regulations as a way to construct barriers and moats around their core business.
How organizations can maintain a strong security and compliance posture during the ‘new normal’ of remote working?
Since the GDPR went into effect in 2018, Meta has done nearly everything possible to claim legitimate interest to avoid user consent for collecting personal information for targeted ads. The company appears to have finally reached the end of its rope in this area, though a recently announced changeover to a consent basis.
The features that make blockchain so attractive to enterprises are also the very features that could lead to headaches like “blockchain privacy poisoning", which Gartner has named as one of the biggest risks facing organizations over the next few years.
Recently released IAPP-EY Annual Privacy Governance Report 2017 shows that privacy governance is outpacing data breach reporting as a board-level concern.
In this article, we examine how regulators in Asia are mandating the appointment of Data Protection Officers and how these appointees form only one part of a team that must be tasked with not only ensuring the integrity of data, but also in responding to breaches of security. We also touch on the consequences of team members not familiarising themselves with their individual roles and responsibilities.
At a proposed value of £183 million, British Airways is facing the highest record of GDPR fines, Britain's DPA is making it clear that companies should protect customers’ data or be ready to pay.
California’s $1.35 million penalty against Tractor Supply marks a turning point in retail privacy enforcement. Until now, many retailers assumed regulators were more interested in tech giants than store chains. That assumption is over.
ICO had a busy 2018 with the ten largest fines totaling about £5,000,000 and also the first ICO fines levied at the maximum amount for Facebook and Equifax.










