DLT is a decentralised ledger of transactions with identical copies maintained on multiple independent computer systems. This means the transaction ledger is maintained simultaneously across a network of unrelated computers or servers called “nodes”, like a spreadsheet that is duplicated thousands of times across a network of computers.
Christine N. Czuprynski, a Detroit attorney in the firm’s national Data Privacy and Cybersecurity Practice Group, sits down with host Mike Witzke to discuss GDPR, the European Union’s new data protection regulation, which takes effect on May 25, 2018. Christine informs listeners why U.S. businesses must have the GDPR on their radar and steps they can take to prepare to be compliant.
Have you added data privacy and cybersecurity employee awareness training to your 2018 training matrix? When it comes to data privacy and cybersecurity, employees can be your greatest asset and your greatest weakness.
On March 2, 2017, Davis Malm shareholder Lawrence J. Casey will moderate a panel at the Smaller Business Association of New England (SBANE) Cybersecurity and Data Privacy Best Practices program. Mr. Casey will guide panelists through a discussion on cybersecurity and privacy best practices, planning and risk management trends, and responses to breaches and attacks. The session is designed to educate small businesses on the importance of cybersecurity and provide a foundation for them to build their own data security plans.
Florida Grants Fiduciaries Access to Digital InformationFor anyone who has dealt with the death or incapacity of a loved one in recent years, one of the most perplexing and fraught questions has been how to access their electronic or digital records. Whether we realize it or not, most of us own digital assets. These could be photographs or videos on your smartphone, documents in the cloud, iTunes music collections, email accounts, social media accounts, banking records, online shopping or travel memberships, stock trading accounts – anything that can be created, transmitted, accessed or stored on any electronic or digital medium.
While 2015 saw the Federal Trade Commission (FTC) increase its focus on social media campaigns, native advertising, and data security and privacy, marketers should remember that the FTC continues to police traditional advertising issues of claims and substantiation.
This past year, the FTC settled with two companies over allegations that they could not substantiate claims touting the efficacy of their dietary supplements. In one case, a marketer of a supplement aimed at increasing cognitive ability settled with the FTC for allegedly making multiple false claims, including that a scientific study validated its claim that its product would reverse cognitive decline and memory loss.
Data privacy is making headlines — for all the wrong reasons. Data privacy breaches are becoming regular events, while federal and state governments are imposing costly penalties on businesses that fail to take adequate steps to protect consumer data. A comprehensive data protection audit can improve how a company safeguards sensitive information, ranging from a company’s proprietary intellectual capital to its customers’ social security numbers. But how do you know if you need to hire a consultant to help you with these initiatives?
Labor and employment and data privacy attorney
DETROIT (January 22, 2016) – Sherri A. Krause, an experienced labor and employment and data privacy attorney, has joined the Detroit office of McDonald Hopkins LLC, a business advisory and advocacy law firm. Krause works with clients in the firm’s Data Privacy and Cybersecurity and Labor and Employment Practice Groups.
It’s not fair to say traditional media no longer have consumer appeal; after all the John Lewis Christmas ad makes its own headlines each year!
However, new technologies are creating ways for fashion retailers to connect with shoppers in a cheaper, more immediate manner.
Last year, Regent Street was the first street in Europe to adopt Beacon technology in each of its stores. Retailers, airports and shopping centres are increasingly adopting this evolving technology.
What is Beacon?
Beacons are small wireless devices which can be placed around stores to send electronic content to shoppers’ smartphones, using the shopper’s location in store and information on their buying preferences.
While the technology is still in fairly early stages, the possibilities seem endless.
As studies show, data are now considered primary elements for generating “business” and to them a significant economic and social value is assigned.
Today, this phenomenon, commonly known as big data, has become a fundamental tool for a growing number of subjects who, due to the large quantities of data, can pursue an objective with subsequent and more or less foreseeable legal consequences.
Essentially, the protection described in this article is achievable through various ways, some ostensible, other real but it is universally acknowledged that whoever wants to achieve a goal must minimize the “regulatory” and “normative” impacts in favor of the maximization of the data processing effects on their activity (be aware: we are not only referring to the profits).
From the massive use of data and sophisticated analysis emerges one of the most “decisive” threats to the fundamental rights of individuals foreseen by article 8 of the Charter of Fundamental Rights of the European Union, that triggers the so-called bureaucratic overcharge phenomenon, tackled with standard formulas, software and applications that computerize ways of thinking which fall far short of banal and lead to results of questionable compliance.
As for any other topic with legal impacts, in order to understand the ramifications of the phenomenon and to better face it, we need to start with evaluating the following variables: the legitimacy of the acquisition of information, the congruence between the purposes for which the data were collected and those for which the data will be processed, the security measures applied to the information.
Furthermore, we must resist the temptation to start from the end: from the data anonymization.
According to various position papers, the anonymization, as it is only logic, is considered an “additional processing”, namely that in the presence of the big data, the anonymization is just a passage of a more complex process.
The analysis activity must allow to evaluate the consequences of the “merge” of databases of different sources. It must be considered that in the “reuse era”, the opportunity to gather large quantity of information of different sources has increased exponentially. In addition to that, individuals and public administrations that release “open-data”, have not the opportunity or the competences to anticipate the possible data exploitation in a business point of view.
Finally, let us not forget that the results of the activities on the big data can, in turn, create innovative services and as such they should be protected.
Therefore is the big data an unmanageable phenomenon?
No, as all phenomena the big data can be managed. The legislative framework in which they evolved is not methodologically ready to protect the individuals without “compromising the uses and the applications of the big data”. It is however possible to balance the bureaucratic hypertrophy with an approach that takes into consideration the necessary effectiveness of the processes.
Our previous experience tells us that, as of today, we resort to a “fictional” approach, we tried to demonstrate the security and the compliance of the processing, making the users feel “safe”, regardless from the effectiveness of this security. It is proven that when the data security mechanisms “crashed” or during a control check carried out by the Data Protection Authority, the “security” was largely compromised and the risk evaluations were out of focus, revealing a depressive and neglected outline of most of the basic data protection principles.
Viceversa, using a rational approach, pointed towards the privacy by design and following some precious instructions on best practices, we can reduce the risk. In particular, once the legal acquisition of information and relative consensus and the coherence with the specified purpose has been ascertained, we must find a way to reduce the risk of recognition of the individuals.
In this sense, an initial and repeated analysis of the context, events and changes that can affect it, can prevent abusive control phenomena as the reidentification of individuals, introducing for example higher levels of uncertainty for which certain records can be attributed to more than one person, at least 3 according to the principles of statistic deontology, or eliminating the requirements that cause the groups with similar characteristics to be atomistic or drowning the profile of the individual in a high number of others for which the characteristics of the analysis do not allow the isolation of a determined subject. This last activity can be carried out leaving intact the requirements that refer to a large number of people.
According what has been stated so far, it must be taken into consideration that these and other measures can allow the cohabitation of the big data with the current data protection frame but the methodical approach is by far more effective than other measures adopted thus far.