Privacy Issues Cannot Be Ignored

Privacy is a hot topic throughout the tech world these days. It featured prominently in this year’s Consumer Electronics Show, which is known as CES to industry insiders, and numerous organizations are hosting privacy-oriented events this year in Las Vegas and elsewhere. 

Privacy Issues Cannot Be Ignored

Why the sudden emphasis on online privacy and the need to protect the integrity of data? Experts believe that several factors are at play. This first of these is that the EU’s General Data Protection Regulation became law in 2018, thrusting privacy issues across Europe into sharp focus. Because companies that are located outside of that region but do business in Europe also must comply with the GDPR, compliance has become a major issue for executives the world over.

Another factor at play in the recent emphasis on privacy is the 2018 passage of the California Consumer Privacy Act. The new law provides individuals with the power to tell an organization that their personal information should not be shared or sold. Moreover, consumers have more control over what data companies collect about them, and the law also holds organizations accountable for protecting personal data. This new California law is bound to be followed by similar laws in the U.S. and elsewhere.

The other factor that makes privacy a topic that must be considered is the number and size of data breaches that have occurred in recent years. Statistics suggest that the number of breaches has risen exponentially, and this may continue unless more organizations start to focus on data protection.

What Happened at CES 2019?

Speakers at this year’s CES at the Mandalay Bay resort in Las Vegas put privacy concerns at the forefront of their presentations. Steve Koenig, Vice President of Market Research at the Consumer Technology Association, noted that an increasing number of decisions that are made by consumers and businesses are based on data.

Companies must pay attention to this, or risk losing business, as the below graph shows.

Koenig went on to state: “When we look around the world, different regions are addressing this matter in different ways. In Europe, we have the GDPR, where you have regulatory things around what you can do with data, and on the other side, you have China, where you have no expectation of privacy.”

Koenig’s speech highlights what those who have worked in the cybersecurity field have known for years. Data, and the protection of data, is a major concern for both organizations and consumers. However, it’s only now that the rest of the tech community is really starting to wake up to the fact that privacy must be a primary concern moving forward.

Demonstrating this importance was the fact that GDPR and other privacy regulations and laws were discussed and presented countless times at 2019’s CES. Compared with privacy issues hardly meriting any discussion at the 2018 convention, this represented a virtual tsunami of interest.

Data Privacy and Security Conferences on the Horizon

Just a few years ago, tech conferences that focused solely on data privacy and security were virtually unheard of. At least, that was the case until 2015 when the International Association of Privacy Professionals, or IAPP, and the Cloud Security Alliance, or CSA, got together to host the Privacy.Security.Risk 2015 conference.

Spanning two days, the conference featured events such as workshops, expert panels and well-known keynote speakers like investigative reporter Brian Krebs, Chief of Enforcement at the FCC Travis LeBlanc and the Director of the Bureau of Consumer Protection at the FTC.

In 2019, the latest edition of the Privacy. Security. Risk. conference will take place September 22 through the 25 in Las Vegas. Attendees may sign up for a range of certification training that will take place on September 22 and 23. The IAPP offers several certification programs that are designed to advance the knowledge and careers of IT professionals who are concerned about privacy. Available certification programs include the Certified Information Privacy Professional, the Certified Information Privacy Manager and the Certificate Information Privacy Technologist.

Several workshops will be presented on September 23. Sample topics may include GDPR compliance and responding to data breaches. Workshops relating to data ethics, artificial intelligence and privacy laws around the world also may be included.

The main conference will be held on September 24 through the 25. Speakers are being asked to submit their proposals so the lineup is not confirmed yet. However, the conference is likely to involve a broad cross-section of security and privacy experts. Keynote speakers can be heard on the main stage, and several breakout sessions will occur throughout the event so that privacy professionals can home in on the issues that most interest or affect them.

Looking Back at Privacy. Security. Risk. 2018

Last year’s event featured an exciting and varied list of speakers. These included a timely presentation by Alastair Mactaggart, who was the campaign Chair for the Californians for Consumer Privacy. Another noted speaker was Farhad Manjoo, who is a technology columnist for the New York Times. Manjoo took an in-depth look at business models and how successful each model was at protecting consumer data. Finally Lucas Johnson of Privacy Australia, a community based digital rights advocacy group discussed the rise of state mandated spying as we saw with this year’s Australian encryption laws debacle.

The fascinating breakout sessions in 2018 included “A Call to H(Arms): The Cry for Harmonization of Security and Privacy Laws.” The session explored why current privacy regulations are not effective and why it is vital for organizations to adopt a harmonized process that has been successful in other applications.

Another popular breakout session was entitled “Third Party Privacy Risk – Beyond Your Organization’s Bounds for GDPR.” Attendees were treated to a discussion of how GDPR compliance extends as far as third-party service providers who may engage with data that belongs to EU residents.