Thinking about International Data Privacy Day

Today is  International Data Privacy Day. Did you remember to send a card to the ones you love?

Seriously, let’s hear what experts from OneSpan have to say about data privacy best practices.  OneSpan today announced that it’s joined  the National Cyber Security Alliance, which is socially sharing events and education around today’s events – please use the hashtag #PrivacyAware on Twitter and other platforms to learn more.

According to Scott Clements, CEO, OneSpan, “Passwords and personal identifiable information are almost guaranteed to be exposed in ever increasingly sophisticated and frequent data breaches. It’s more important than ever to secure and protect the entire digital customer journey, and the data captured within, by taking a layered approach to security. This helps capture and analyze multiple complementary authentication factors and correlational data to establish trusted identities, devices and transactions. This is how we help our global banking customers – by making it harder for cybercriminals to capture data and commit fraud.”

Frederik Mennes, Senior Manager Market & Security Strategy, Security Competence Center, OneSpan, remarked, “2019 will be the year that Open Banking is formally introduced throughout the European Union. The revised Payment Services Directive (PSD2) requires financial institutions to provide Open Banking interfaces (e.g. APIs) to third-party companies, so that these companies can obtain financial information about the banks’ customers, and initiate payments via the customers’ bank accounts. Companies will need the consent of customers for this. As we approach International Privacy Day, Open Banking can bring many benefits to consumers, they need to be aware of the privacy implications of Open Banking and the possibility that that their financial data is shared with more companies than just their banks. For instance, social media companies could request consent from consumers to obtain their financial information, and combine this data with other personal data they already possess in order to build a more precise profile of their users. Hence, consumers need to be aware of the privacy implications of Open Banking and consciously decide whom they want to share their financial data with.”

Michael Magrath, Director of Global Regulations & Standards, OneSpan, weighed in with several comments: “The digital age has changed virtually all aspects of our lives from social interaction, commerce, education, etc.  It is expected that when 5G begins to rollout globally, Internet 3.0 will commence.  While social media platforms don’t typically charge a subscription, many realize billions of dollars through monetizing the data they collect from their users.”

“Concerns regarding the privacy of citizens and consumers have escalated over the past several years and have led to wide sweeping regulations with the European Union’s General Data Protection Regulation paving the way. Organizations violating GDPR face severe financial penalties of up to 4% of annual global turnover (revenue).

“In the U.S. all eyes will be on California next year when the California Consumer Privacy Act, the nation’s toughest privacy law which gives consumers control over their personal data.  The California law will likely lead other states to enact their own consumer privacy acts.  It is highly unlikely that every state’s law will be identical so complying with potentially 50 consumer privacy laws would be problematic for most companies.

“It’s also worth noting is that in the U.S., NIST is currently developing a Privacy Framework. Like the Cybersecurity Framework, the Privacy Framework will be a voluntary tool and will be available for “organizations to better identify, assess, manage, and communicate about privacy risks so that individuals can enjoy the benefits of innovative technologies with greater confidence and trust.

“Privacy enhancing technologies including modern, frictionless authenticators including advanced biometrics should be part of the solution to properly protect data and keep it private. In addition, web platforms and mobile applications must be architected and developed with privacy and security in mind to protect consumers.”

International Privacy Day Prediction:  “I expect that comprehensive, GDPR-like federal legislation will be passed in the 116^th Congress.  The legislation would hopefully leverage parts of GDPR, the California Consumer Privacy Act and the NIST Privacy Framework.”

Photo Credit: Book Catalog Flickr via Compfight cc