Do we understand the legal definition of PII and what our legal obligations are, and have we clearly communicated this to our employees?
Companies that hold any amount of data on their customers must now -- today -- begin thinking very seriously about what will happen to their reputations and their businesses if they do not take immediate steps to reassure customers their data is safe and private. Questions about who actually owns, and therefore controls the rights to, customer data are bound to surface very quickly as the world realizes privacy, as it was once defined and understood, is gone. To guide IT professionals in thinking about Big Data privacy challenges, ICC, a nationally recognized enterprise technology, has defined five questions every company must ask about its data and offers a new white paper about Big Data and privacy issues, “Big Data: Big Brother or Guardian Angel?”
When news broke of the U.S. government's massive spying program called PRISM, two things became immediately clear: The era of Big Brother had dawned and Big Data had just erased everything we thought we knew about privacy. The news worsened as large companies with terabytes of customer data came under fire for supplying the National Security Agency (NSA) with information about their customers. While those companies have denied direct involvement in the program, millions of people who thought their data was safe learned very quickly that was an illusion.
At the heart of this issue is trust, or loss of trust, and questions about customer privacy. Already, U.S. cloud services providers are losing overseas business due to potential customer fears that their data will fall into the hands of U.S. spy agencies.
To avoid this fate, U.S. companies must begin to ask very hard questions about the information contained in their data stores: What is the definition of private or personally identifiable information (PII) in a post-PRISM world? A customer's name? Their address? These used to be considered public information but if they can be connected (and they can be via Big Data) to other data about that individual or company, such as Social Security numbers, overseas bank accounts, or medical records, does that mean this data should now be sacrosanct?
Data privacy and ownership will become legal battlegrounds in this new hyper-connected era. Until new laws are passed, it's going to be up to individual organizations to show customers that they are protecting their data.
Here are five questions every CIO, CEO and chief counsel needs to be asking about their company's data.
An eWEEK Property
Copyright 2019 Quinstreet Inc. All Rights Reserved.
Advertiser Disclosure: Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.