9 Ways To Bulletproof Your Privacy Policy - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Data Management // Big Data Analytics
News
10/23/2015
12:05 PM
Lisa Morgan
Lisa Morgan
Slideshows
Connect Directly
Twitter
RSS
E-Mail
100%
0%

9 Ways To Bulletproof Your Privacy Policy

Is your privacy policy rock solid, or could it use some work? Mistakes can mean lawsuits, regulatory fines, and damage to corporate reputations. Here's how to protect your company.
Previous
1 of 10
Next

(Image: tigerlily713 via Pixabay

(Image: tigerlily713 via Pixabay

Any company that collects, stores, and uses personal information should have a privacy policy. However, not all privacy policies are created equal.

Although many privacy policies may look the same, the riskiest ones fail to reflect what the company actually does. These can expose the organization to potential regulatory audits, fines, lawsuits, and reputational harm. To reduce the risks associated with such disconnects, businesses should spend more time thinking about -- and operationalizing -- their protection of sensitive data.

However, many organizations don't take their privacy policies seriously enough, as evidenced by the growing number of data breaches and the increasing amount of regulatory oversight.

[ What's your disaster response plan? Read Crisis Response: 6 Ways Big Data Can Help. ]

"If the regulators fined everyone for failing to follow certain regulated procedures, they'd have to fine everybody because nobody does it right," said Walter O'Brien, in an interview. He's founder and CEO of Scorpion Computer Services, the real-life company (with a real live person) upon which CBS's Scorpion TV show is based. "They'd be fining 99% of the industry, and there would be an uproar," said O'Brien. "There should be an uproar. You don't sue Wells Fargo every time it gets hacked."

Toothless privacy policies are common. In June 2015, the Online Trust Alliance (OTA) audited the security, privacy, and consumer protection practices of approximately 1,000 companies, all of which are the leading organizations in their respective industries. They included the top Internet retailers, banks, US federal government sites, social networking and sharing sites, news and media companies, Internet of Things providers, and OTA members. Forty-five percent failed to protect consumers and their data from harm and online threats. Forty-four percent made OTA's "Honor Roll" because they achieved a weighted score of 80 or better on a scale of 1–100, based on 50 different data points. When the OTA audited the top 23 presidential candidates in September 2015, it found that 74% failed because of their privacy policies.

"The FTC has been very aggressively prosecuting companies that don't really do what they say or say what they do," said Jim Adler, in an interview. "Where companies go sideways is not so much what they say, but whether they can live up to what they're saying." Adler is chief security officer at big data analytics company Metanautix and member of The Department of Homeland Security Data Privacy and Integrity Advisory Committee.

To minimize your own company's risks, consider these nine pointers.

Lisa Morgan is a freelance writer who covers big data and BI for InformationWeek. She has contributed articles, reports, and other types of content to various publications and sites ranging from SD Times to the Economist Intelligent Unit. Frequent areas of coverage include ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
nomii
50%
50%
nomii,
User Rank: Ninja
10/24/2015 | 1:30:08 AM
Re: Pending Review

The privacy breaches is most of the time authorized by the ill informed users and companys just use it with no worries. Like in many apps in smart phones once you try to install it, it asks you terms and conditions. The terms mentioning many aspects which people even do not understand but the eagerness of downloading the app make them go for downloading it without knowing the consquences. Once privacy breaches occurs people start to blame the companys but in actual they have themselves given that permission.

nomii
50%
50%
nomii,
User Rank: Ninja
10/24/2015 | 1:33:41 AM
Re: Pending Review

I believe that to stop this kind of secret breaches of privacy by companys there must be a regulatory authority looking after these companys and devising a single terms of conditions keeping in mind the privacy aspects of the users. Otherwise its only we who will be suffering and only users to be blamed.

Ashu001
50%
50%
Ashu001,
User Rank: Ninja
10/24/2015 | 11:48:56 AM
Re: Pending Review
Nomii,

The Big Problem with that issue is when one needs to decide whether or not one can trust the Regulatory authority in Question.

In the case of America,I can tell you with 100% Certainty you can't trust the Regulatory Authorities concerned simply because of the "Revolving Door" in place between Corporations and the Government in America without a Cooling-off period in place.

Its the same story in the FDA or the Federal Reserve.

One has to eventually trust the invisible hand of the market.

No one else can be trusted to deliver 100% transparent Governance here.

The Market and also the fact that thanks to EFF and the Big Snowden Leaks as well as those on the Great-Great Newspaper -The Intercept(editor is Glenn Greenwald who first broke the Snowden Story) has put most ordinary consumers on guard regarding the most blatant examples and cases of Privacy Violations out today.

 
Ashu001
50%
50%
Ashu001,
User Rank: Ninja
10/24/2015 | 12:00:02 PM
Re: Pending Review
Nomii,

The smartphone app fact you mentioned is particularly pertinent here.

When someone wants to download a Game of Sudoku or freecell or solitaire;Why does the app-maker want to know whether the phone has a working wi-fi connection or not?

Don't get me started on the constant demands for Location??

Unfortunately,not everyone is educated and/or willing to appreciate the extent to which they have lost or are losing their Privacy today.

Sad but true reality currently.

 

 
LisaMorgan
50%
50%
LisaMorgan,
User Rank: Moderator
10/26/2015 | 1:12:09 PM
Re: Pending Review
The internal threat is very real and not often addressed as well as it should be.  
LisaMorgan
50%
50%
LisaMorgan,
User Rank: Moderator
10/26/2015 | 1:16:16 PM
Re: Pending Review
Capgemini recently did some sentiment research concerning retailers.  80% of the consumers surveyed were positive about personalization and 93% were negative about privacy.  I don't think the relationship between the two is well-understood.
Ashu001
50%
50%
Ashu001,
User Rank: Ninja
10/26/2015 | 1:26:34 PM
Re: Pending Review
Lisa,

Capgemini covered this issue very well here.

Forget about being well-understood IMHO,the relationship is barely if at all understood currently.

Consumers for sure want relevant and customized Ads for their day to day needs.

BUt they also want the re-assurance that all the Data on them is not getting sold indiscriminately to the Highest bidder going around.

That would definitely be a massive disaster.

Would'nt it?

 
nomii
50%
50%
nomii,
User Rank: Ninja
10/29/2015 | 10:45:18 AM
Re: Pending Review
@Ashu001 I agree with you there that we need to thank snowden as he is the one who highlighted the backdoor privacy lose. I think whatever anyone says about NSA and PRISM I believe that these kind of programms need to be controlled and personal privacy is in no way to be violated. But I am not sure what damage is already done or what else we will hear infuture.
nomii
50%
50%
nomii,
User Rank: Ninja
10/29/2015 | 10:49:50 AM
Re: Pending Review
@Ashu001 very true. Thats what I wanted to highlight that without reading the terms and conditions we will give all undesired rights to the company. For time being I think that the best solution is to read and understood the terms first. If we do that sensibly I am 100% sure we will not be able to download anything ever  :)
Ashu001
50%
50%
Ashu001,
User Rank: Ninja
11/16/2015 | 10:54:26 PM
Snowden gives me hope for the Future
Nomii,

More than anything else the Edward Snowden Revealations gives me hope for the future.

Why would anyone who had a nice,cushy job with a Government Contractor(with every hope of actually getting a full-time Govt Job) go ahead and uproot himself entirely from his home and family for the sake of something as abstract as Online Privacy?

There are many such individuals out there today who will do whatever it takes to keep other decent folks anonymous and safe today.

More Power to them!

The Battle we fight against Corporation controlled Governments for Online Privacy is a multi-faceted one with immense ups and downs.

I don't think fate of this battle will be decided immediately.

 
Page 1 / 2   >   >>
News
Rethinking IT: Tech Investments that Drive Business Growth
Jessica Davis, Senior Editor, Enterprise Apps,  10/3/2019
Slideshows
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
Commentary
Six Inevitable Technologies and the Milestones They Unlock
Guest Commentary, Guest Commentary,  10/3/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Slideshows
Flash Poll