Last week, indeed Friday the 13th, President Obama convened a “Cyber Summit” of business, technology and government leaders to address mounting digital security concerns. While data breaches, hackers and national security interests were top-of-mind for the White House and many in attendance at the Stanford University conclave, Apple CEO Tim Cook took the occasion to reinforce his view (and Apple’s) that security at the expense of privacy is an unacceptable tradeoff: “So much of our information now is digital: photos, medical information, financial transactions, our most private conversations. It comes with great benefits; it makes our lives better, easier and healthier.” Cook further stated, importantly:
“People have trusted us [Apple, and other tech giants, presumably] with their most personal and private information and we must give them the best technology we can to secure it. . . . Sacrificing our right to privacy can have dire consequences. We live in a world where people are not treated equally. There are people who don’t feel free to practice their religion, express their opinion, to love who they choose.”
February 20, 2015
I’ve been working in privacy for about 12 years now, and it truly is a profession where nothing can really surprise you. You would think in 2015, in the throws of the greatest information privacy and security storms we have seen in years (Sony, Snowden, Target, celebrity hacks, etc.) that companies have worked to get their information privacy and security plans together, to include a data governance program that keeps up with changes to state and federal law. Of course, if new legislation comes out or if one state implements a law with some uncertainty as to its impact or enforceability, a company would not be wise to jump and rearrange it programs prematurely. But when a law has been on the books for years, even the biggest ships can make the turn. Yet, there is news that another company is being sued for one of the lowest of lowly hanging fruits in data protection: printing credit card numbers on consumer receipts. Seriously? This is still a thing?
February 3, 2015
On January 1, 2015, California Senate Bill 568, titled “Privacy Rights for California Minors in the Digital World,” (the “Privacy Law”) took effect. Among other provisions, the new Privacy Law includes the “Eraser Law,” which gives California minors a right to delete content that they posted to a website, social media profile, or online service while under the age of 18. S.B. 568. In other words, the new law protects minors who post content online from later dealing with the consequences of what they post. Its proponents are hailing the first-in-the-country law as a good step toward giving under-18 Internet users a chance to remove regrettable postings and preserve their reputation. The problem, however, is that the new law is focused on remedying the wrong issue. Internet users already have the ability to remove their own embarrassing content, and the new Privacy Law does not change that. The real issue is harmful content posted online about others (i.e., defamatory texts, embarrassing pictures, etc.).
January 22, 2015