Mobile technology. Cloud computing. Big data analytics. The Internet of things. All four technologies are essential to business (and personal) progress. Unfortunately, they are also a threat to our privacy—and to the trust that should exist between businesses and consumers, employers and employees.
Privacy of Personal Data is a Top Issue
According to research conducted by the Boston Consulting Group, privacy of personal data is a top issue for 76 percent of global consumers and 83 percent of U.S. consumers. Yet, a massive, seemingly endless series of highly publicized breaches has eroded both our privacy and our trust. It feels as if we’re holding our breath while we wait for the next theft of personal information to be reported, analyzed and condemned by the citizens of the Web.
A PwC report, “10 Minutes on Data Privacy,” points out that the lack of privacy and trust creates problems on a number of levels. It states that “89 percent of consumers surveyed avoid doing business with companies they believe do not protect their privacy online, and 85 percent of investors said boards should be involved in overseeing the risk of compromising customer data.”
Certainly, it’s time for business to step up. Most IT organizations are hobbled by limited budgets and staff. They need the type of cash infusion—and corporate mandate—that only top management and the board can provide.
Securing Customer and Employee Privacy is Your Responsibility
Another problem is that many companies have not clearly placed the responsibility for securing customer and employee privacy on a particular person or department. Admittedly, it’s a thorny issue that requires finding answers to a number of questions.
Here are just a few of those questions: Does a company have a chief privacy officer, or a chief security officer who’s also responsible for privacy? Has the task been assigned to the CIO, CFO or CMO—or some combination of the three? Is HR or the legal department involved? What role does the board play, if any?
Has a privacy policy been created and circulated to all employees and business partners? Will that policy discuss enforcement of breaches by internal stakeholders? Has a liaison with appropriate law enforcement authorities been chosen to deal with hackers?
Currently, many, if not most, companies have not yet defined privacy policies and procedures. What is clear, however, is that privacy concerns are not going away. In fact, they are going to get worse.
Personal health information is the latest target of hackers, who are no longer content with stealing credit card information. An eWEEK article titled “Chinese Hackers Breach 4.5 Million Health Care Records” reports that Community Health Systems suffered a cyber-attack that affected about 4.5 million individuals.
Emerging Technologies Can Jeopardize Privacy
Even new and emerging technologies that can make our lives easier, safer and healthier can jeopardize our privacy. Smart phones can give us directions—and access to coupons for stores near our location—but they also let others know where we are, which could put us or our belongings at risk.
Small devices we link to our cars may help lower insurance premiums, but individuals who tend to drive faster than the speed limit may end up paying more for the privilege of owning a car. And let’s not forget the fitness devices we wear on our wrists. They can help us live healthier lives, but could potentially let our insurance company know about late nights and too little exercise.
And let’s not forget the potential privacy risks posed by the Internet of things. As billions of devices get connected—linking to unimaginable quantities of information—the IoT will become a hacker’s paradise.
Before that happens, businesses, governments and individuals need to take action—and they need to start working together now to build strong fortifications around our personal information. Tomorrow may be too late.
Eileen Feretic is editor in chief of Baseline and editorial director of eWEEK, CIO Insight and Channel Insider. She has more than 30 years of experience as a writer and editor in the technology industry, working at QuinStreet, Ziff Davis, IBM and Hearst.
This article was originally published on October 02, 2014
