Security Bytes

Apr 5 2012   12:32PM GMT

Prepare now for more stringent U.S. data privacy laws

Jane Wright Jane Wright Profile: Jane Wright

BOSTON — Privacy is a fog rolling in over the land. That’s how Jeff Northrup, IT director of the International Association of Privacy, described personal information privacy during his presentation at the SecureWorld conference last week. The fog is thick over some countries, especially in Europe, and rather light over the U.S., but that will change soon. Northrup advised IT professionals in the U.S. to draw a map through the fog now to avoid crashing into problems and penalties later. 

 

Evidence of a rapidly changing data privacy landscape is plentiful. The Obama administration just released its U.S. Privacy Bill of Rights, which would grant individuals more control over how their information is collected and managed, and increase transparency in privacy policies. Many observers believe it has a good chance of becoming law. Also, the FTC recently slapped Google and Facebook with penalties after users complained of privacy abuses; Google will now undergo 20 years of independent privacy audits, and Facebook may face similar chastisement from the FTC.

 

These incidents are just a few of the signs that security professionals need to amp up privacy projects before their organizations run afoul of current or future U.S. data privacy laws. Where to start? Northrup suggested organizations take an inventory of every piece of personal information it collects, and note why it is collected and where it is stored. This can be a daunting task, but many organizations already have some of the pieces in place as part of their compliance programs or DLP projects. Any information that does not have a clear business purpose (and the marketing team’s desire to send email blasts to a million relative strangers does not count as a “business purpose”) should be deleted or stored only on an as-needed, transient basis.

 

By taking steps toward greater transparency and giving users more control over how their information is used, organizations will be better prepared to navigate out of the fog.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: