Category Archives: Privacy

[Podcast] More Dr. Ann Cavoukian: GDPR and Access Control

[Podcast] More Dr. Ann Cavoukian: GDPR and Access Control

We continue our discussion with Dr. Ann Cavoukian. She is currently Executive Director of Ryerson University’s Privacy and Big Data Institute and is best known for her leadership in the development of Privacy by Design (PbD). In this segment, Cavoukian tells us that once you’ve involved your customers in the decision making process, “You won’t believe the buy-in you will get under those conditions because then you’ve established trust and that you’re serious about their privacy.” We also…

[Podcast] Dr. Ann Cavoukian on Privacy By Design

[Podcast] Dr. Ann Cavoukian on Privacy By Design

I recently had the chance to speak with former Ontario Information and Privacy Commissioner Dr. Ann Cavoukian about big data and privacy. Dr. Cavoukian is currently Executive Director of Ryerson University’s Privacy and Big Data Institute and is best known for her leadership in the development of Privacy by Design (PbD). What’s more, she came up with PbD language that made its way into the GDPR, which will go into effect in 2018. First developed in the 1990s,…

[Podcast] Data Privacy Attorney Sheila FitzPatrick on GDPR

[Podcast] Data Privacy Attorney Sheila FitzPatrick on GDPR

We had a unique opportunity in talking with data privacy attorney Sheila FitzPatrick. She lives and breathes data security and is a recognized expert on EU and other international data protection laws. FitzPatrick has direct experience in representing companies in front of EU data protection authorities (DPAs). She also sits on various governmental data privacy advisory boards. During this first part of the interview with her, we focused on the new General Data Protection Regulation…

Are Wikileaks and ransomware the precursors to mass extortion?

Are Wikileaks and ransomware the precursors to mass extortion?

Despite Julian Assange’s promise not to let Wikileaks’ “radical transparency” hurt innocent people, an investigation found that the whistleblowing site has published hundreds of sensitive records belonging to ordinary citizens, including medical files of rape victims and sick children. The idea of having all your secrets exposed, as an individual or a business, can be terrifying. Whether you agree with Wikileaks or not, the world will be a very different place when nothing is safe.…

[Podcast] Attorney and Data Scientist Bennett Borden, Part I: Data Analysis...

[Podcast] Attorney and Data Scientist Bennett Borden, Part I: Data Analysis Techniques

Once we heard Bennett Borden, a partner at the Washington law firm of DrinkerBiddle, speak at the CDO Summit about data science, privacy, and metadata, we knew we had to reengage him to continue the conversation. His bio is quite interesting: in addition to being a litigator, he’s also a data scientist. He’s a sought after speaker on legal tech issues. Bennett has written law journal articles about the application of machine learning and document analysis to ediscovery and other legal…

Let’s Get More Serious About AR and Privacy

Let’s Get More Serious About AR and Privacy

Augmented Reality (AR) is the technology of the moment. While some of us have already experienced the thrill of catching a Dragonite in Pokemon Go, AR is not just all fun and games. In fact, depending on how an AR gadget is used, it can have significant privacy implications. Privacy in Public Augmented reality enhances real images with digital special effects — it’s reality assisted by coding.  These gadgets generally let you record a scene,…

Top Minds in PCI Compliance

Top Minds in PCI Compliance

With countless data breaches hitting the front page, many are turning to the Payment Card Industry Data Security Standard (PCI DSS) which is an invaluable controls list to guide, influence, and promote security. However, there are merchants who argue that these controls provide too much security while security professionals think they provide too little. So what do the experts think about PCI DSS? Here are five worth listening to: 1.Laura Johnson As Director of Communications…

Six Authentication Experts You Should Follow

Six Authentication Experts You Should Follow

Our recent ebook shows what’s wrong with current password-based authentication technology. But luckily, there are a few leading experts that are shaping the future of the post-password world. Here are six people you should follow: 1. Lorrie Cranor @lorrietweet Lorrie Cranor is a password researcher and is currently Chief Technologist at the US Federal Trade Commission. She is primarily responsible for advising the Commission on developing technology and policy matters. Cranor has authored over 150 research papers on…

Summer Reminder: Cloud Storage Ain’t All That Private

Summer Reminder: Cloud Storage Ain’t All That Private

I’ve written before about the lack of privacy protections for consumers storing content in the cloud. In looking back over my notes, I’d forgotten just how few cloud privacy rights we have in the real world. Using the typical terms of service (ToS) from some major providers as a benchmark, your rights to the uploaded cloud can be summarized by this common expression (often used in relationships by one party): “what’s yours is mine”. I’ve…

Data Privacy US-Style: Our National Privacy Research Strategy

Data Privacy US-Style: Our National Privacy Research Strategy

While the EU has been speeding ahead with its own digital privacy laws, the US has been taking its own steps. Did you know there’s a National Privacy Research Strategy (NPRS) white paper that lays out plans for federally funded research projects into data privacy? Sure, the Federal Trade Commission has taken up the data privacy mantle in the US, bringing actions against social media, hotels, and data brokers. But there’s still more to do. So…

Understanding Canada: Ontario’s New Medical Breach Notification Provision...

Understanding Canada: Ontario’s New Medical Breach Notification Provision (and Other Canadian Data Privacy Facts)

Remember Canada’s profusion of data privacy laws? The Personal Information Protection and Electronic Documents Act (PIPEDA) is the law that covers all commercial organizations across Canada. Canadian federal government agencies, though, are under a different law known as the Privacy Act. But then there are overriding laws at the provincial level. If a Canadian province adopts substantially similar data privacy legislation to PIPEDA, then a local organization would instead fall under the provincial law. To…