var _hmt = _hmt || ;
var hm = document.createElement("script");
hm.src = "https://hm.baidu.com/hm.js?d387e539c1f2d34f09a9afbac8032280";
var s = document.getElementsByTagName("script");
InformationWeek is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Top U.S. Businesses Call for More Government Regulation
So, what's the catch? There's a very real possibility that most states will develop their own data privacy laws, causing chaos that will benefit no one.
Image: md3d – stockadobe.com
A CEO of a major company asking for government regulation is not a common occurrence and not something that most of us are accustomed to seeing. So recently when CEOs of more than 50leading U.S. businesses, including Walmart, Amazon and AT&T, signed a urging the passage of a comprehensive federal data privacy law, it had some thinking: What’s the catch? Don’t most companies do all they can to avoid further regulation or oversight?
8号彩票注册网址Before this letter can be dismissed outright as an attempt by companies to write their own regulations, let’s not forget two significant factors U.S. companies currently face:
Congress has already drawn the line with data privacy by stating that any federal bill that represents a watered-down version of the California Consumer Protection Act will not pass with the needed votes.
The majority, if not all, of major U.S. based companies already must adhere to the very strict regulations found within the General Data Protection Regulation (GDPR). Adhering to data privacy is not something new for U.S. companies.
If the motive of these CEOs isn’t to dilute an imminent state law and data privacy on a large scale is something these companies are already dealing with, then why was the letter necessary? In two words: chaos avoidance. There is a very real possibility that most U.S. states will develop their own data privacy laws, causing chaos that will benefit no one.
8号彩票注册网址As this article points out, there are 13 different states currently in pursuit of data privacy laws. With amendments ranging from how to deal with automated decision making to the right to portability, each state seemingly is taking a different path to what they consider privacy rights.
Achieving proper data privacy practices at a company is in alignment with a well-run data governance program. The need for data stewards, access to data, data quality, metadata management, etc., are all similar, but 13 different privacy laws -- and the growing potential for more -- throws a wrench in all of it.
Imagine the complexity involved (some would say chaos) of having customer data from different states and needing to determine which ones need to opt-in as opposed to opt-out, which ones can’t have automated decision making applied and which ones prohibit the sale of personal information about the consumer to third parties.
Can these things be accomplished technically? Sure, they can. But is it a best practice that most benefits consumers the laws are trying to protect? Not even close. Data governance, and now the blending of privacy, are tough enough to do right: adding in the additional complexity of different state regulations is risky business.
Hope first, then act
8号彩票注册网址It is often said that hope is not a strategy, but in this case, we need to begin with it. Hope that one fair and strict data privacy law is enacted that covers all the aspects that are important to consumers. Hope that numerous state laws don’t make the prospect of data privacy unattainable.
But beyond hope, there are also actions that can be achieved today:
Build privacy by design into all processes. Start software development with privacy in mind – not after the fact.
Ensure that all individuals within a company know their role in keeping customer data secure and safe. It is often the rogue employee that causes companies to be in violation. Think of the numerous times that employees transitioning to a new company potentially bring “their records” with them that include the personal information of customers.
Treat data privacy as an extension of data governance, not separate. As mentioned, the requirements for proper data governance and privacy are interchangeable -- make the initiatives part of one big umbrella.
8号彩票注册网址We all want (or hope for) data privacy and protection. How we get there via regulation is still an open book in the U.S. Multiple state laws that could potentially cause chaos or one federal law that leads everyone in one cohesive direction, will make all the difference if the U.S. is successful in securing the data of its residents.
is Head of Data Privacy Solutions at SAS. He is a respected expert on data privacy and management. You’ll find his insights on the topic featured in publications like the Wall Street Journal, InformationWeek, Datanami, insideBIGDATA, Tech Republic and more.
The InformationWeek community brings together IT practitioners and industry experts with IT advice, education, and opinions. We strive to highlight technology executives and subject matter experts and use their knowledge and experiences to help our audience of IT ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
IT 2020: A Look AheadAre you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!