New Year, New Host, New Start

It’s been over a year since I last blogged. I was burned out. I needed a break, and if there was ever a year to skip I think 2013 was that year. While the topic of privacy certainly exploded in the news last year, so much so that Dictionary.com deemed “privacy” word of the year, I’m not sure I would have added much to the conversation.

The stream of revelations from the NSA breach orchestrated by Edward Snowden was undoubtedly the driving force launching privacy to prominence, and while it is of significant historical importance and worth writing about, everyone was covering the story, from every conceivable angle. What more could I have added?

But here I am again, ready to start fresh on the Svbtle platform. I’ll be posting intermittently including my first topical post shortly after this post: I’m going to post a transcript of a presentation I prepared for Dreamforce last November.

If you’ve read my past posts or have seen me speak, you’ll notice in that transcript that my thinking has shifted. I’ve moved from thinking of IT professionals (developers, security pros, admins, etc.) as only playing an ancillary role in assisting the privacy office in an organization, to someone who should have central privacy responsibilities.

Advances in technology are evolving at such an incredible pace, with data driving so much of the innovation, that those who aren’t directly involved in the development and/or management of the technology are not likely to be equipped with the knowledge necessary to fully mitigate risks of a privacy violation. At the same time the general public has become so sensitive to this issue – thanks to years of stories on data brokers, social media and now the NSA – that ignoring it, or putting someone who doesn’t fully understand data in a modern context in control, is creating unnecessary risk.

Add this to an environment where regulations are steadily falling behind advances and regulators struggle to keep pace with the change. Significantly it has become apparent that notice and choice, the foundation for most laws and regulations, no longer work and regulators are unsure on where to go next.

I’ll flesh this out in more detail over the coming months. It should be fun.

As a side note, I’d also like to thank Zohan Nur Muchlis for the avatar at the top of this blog.

 
0
Kudos
 
0
Kudos

Now read this

Privacy, GRCs Blind Spot

Governance, risk management and compliance (GRC), the functions within the organization that ensure it stays on the straight and narrow, are structured in variety of ways, but it generally breaks down into the following areas: Audit and... Continue →