As the rock band “Europe” might say: it’s the final countdown to EU’s General Data Protection Regulation (GDPR). At least that’s how I’ve been singing their song. The GDPR is the biggest change in data privacy law in more than 20 years, and businesses around the world have been gearing up for it since it was published in May of 2016. We’re now only about 200 days away from the GDPR being enforced on May 25, 2018, and many businesses in the US that will need to comply with it still have their work cut out for them (the GDPR is over 200 pages long!).
Perhaps the easiest way for a business to find itself on a collision course with the Federal Trade Commission (FTC) is to make deceptive claims about its privacy and cybersecurity practices. Earlier this month, Uber agreed to a settlement with the FTC for doing just that.
Businesses that adhere to sound privacy principles are not only more likely to stay off the FTC’s radar, but will also be making a sound business decision. While consumer data can be valuable to your business, it is also valued by consumers. And, with today’s constant news of privacy mishaps, privacy has become a competitive differentiator upon which businesses can easily capitalize.
Earlier this month, the United States Supreme Court agreed to review whether people have a reasonable expectation of privacy in their cell phone location data that is shared with cell phone service providers. While the case, Carpenter v. United States, is a criminal case, its outcome could have a significant impact on broader privacy issues.
Over the weekend a massive ransomware cyberattack hit over 200,000 victims in more than 150 countries. As I’ve said before, I believe that the frequency of these attacks will increase, and the ransom demands will grow. Given that many experts believe that the scope of this latest attack may continue to spread on Monday as people return to work, here are some basic tips.
Star Wars is in many ways a story about a data breach of the Empire’s plans for its most valuable IP- the Death Star plans, and the Empire’s poor response to the breach. On this Star Wars Day (May the Fourth), let’s look at some of the cybersecurity lessons learned.