Who’s Afraid of a Data Breach?

One curious effect of the commonness of data breaches is that we’ve become inured against shock.  It used to be that a sizeable data breach was big news, certainly if the data lost or accessed was of a sensitive nature.  Remember the Target data breach in 2013?  It dominated news cycles for weeks, largely because… Read More

Thinking About Data Partnership Contracts – From Data Leverage

We’ve know a number of clients or friends whose businesses are going through the initial phases of a data partnership lately.  These relationships are often mission-critical, because without the added benefits of the data partnership, sometimes entire business strategies fall apart.  At the same time, if you don’t take a thoughtful approach to establishing the… Read More

Predictions, Lists, and Complete Wild Guesses

Now that it’s January and everyone is finally returning to the reality where things don’t always taste like peppermint or eggnog (or both, which is just….no), it’s a good time to think about how you’re going to approach 2019.  This time of year is rife with predictions and, more often, guesses about what privacy, tech,… Read More

There Definitely Won’t be a Federal Data Privacy Law. (Maybe. We’ll See.)

“There’s no way the federal government is going to create a federal privacy law.”  “It’s just not going to happen.”  “Not a chance, no way, forget it.”  “There isn’t a political will in Washington to get it done, and so we can all just assume that it’ll all be only the states issuing regulations for… Read More

GDPR Three Month Checkup (And Three Issues to Watch)

It’s been just about three months since the GPDR went into effect, it’s what makes sense for many people right now to be wondering just how the whole process is going. After all, it was all anyone in the media wanted to talk about for months leading up to May 25. Now? There doesn’t seem… Read More

An American (Well, Californian) GDPR

You’ve taken all the steps – shut down EU operations, turned off German language translation, and ceased taking Euros.  You canned the entire PR department in Dublin and moved your cloud storage from Charleroi to Sheboygan. You’ve even put up a giant American flag on the website. And just when you thought it was safe… Read More

The Scariest Data Breach So Far This Year

I could do a blog exclusively on data breaches because they happen so frequently that I’d never run out of material. Eight hours ago, the Supreme Court of India’s website was hacked, apparently by “HighTech Brazil Hackteam.” I imagine that they’re either a group of highly motivated lawyers or, given their logo, a group of very high teenagers. Read More

GDPR Countdown – Six Weeks to Go

It’s easy to think about data as a depersonalized set of information that we can use for whatever purpose we want. But complying with GDPR will require a change of mind and a change of approach to data, and especially data subjects. Businesses that cannot navigate between unrestrained use of information and the lofty — and potentially unachievable — goals of the GDPR will struggle after May 25. How will you chart your course? Read More

Recognizing the Risks of a Malicious Insider

Data security is a complicated thing, and it’s made much more complicated by the human element. The vast majority of breaches are a result of error, negligence, or intentional misconduct. And that misconduct isn’t always a hacker (invariably, he’s wearing a hoodie) – many times, it’s a malicious insider in your own company who steals or facilitates the theft of your crucial data. Understanding the risks of malicious insiders is a vital part of avoiding a breach, and being #datasmart. Read More