Data Privacy Day: Searching for the Lost Trust

Posted on: January 28, 2019 by Zeina Zakhour

A commemoration of what could have been? Or a celebration of trust reborn?

Today, the 28th of January, is International Data Privacy Day. 11 years after its creation, countries and organizations have come together to put trust back at the core of the digital revolution.

2018 was indeed the year where personal data protection moved at the top of the board’s agenda for most organizations. Driven by the adoption of new regional data protection laws starting with GDPR to China’s cybersecurity law, India’s data protection bill, California’s Consumer Privacy Law and more… and replete with increasingly high profile data breaches.

Since the GDPR came into force in May 2018, the EU National Data Protection Authorities (DPAs) have examined thousands of complaints and recorded an increasing number of data breach notifications. DPAs in countries like Austria, Portugal, Germany, UK and France have even issued hefty fines for companies violating the GDPR regulation.

Just last week, the French DPA (CNIL) issued a 50 million euro fine against Google for their failure to inform people of how they are processing data and a lack of valid consent regarding the personalization of their ads.

A shift in public perception

Following the public outcry after the Facebook/Cambridge Analytica debacle in March 2018, consumers are more concerned about their digital footprint and how their personal data are harvested and used by corporations.

Even if Facebook did not lose millions of users (FOMO – Fear of Missing Out - is still going strong!), 54% of surveyed US, UK, German and French citizens stated that they are more wary of sharing personal data online andan 78% are more likely to turn their back on a brand if it had recently been breached.

The changing approach to privacy

Despite this strengthened regulatory framework and citizens’ heightened sensitivity to privacy issues, many organizations are still lagging in terms of data protection and data privacy governance.

50% of organizations still believe that they are far from being compliant with GDPR and many believe that they will never be fully compliant with the regulation.

GDPR is considered as a challenge by organizations because it is an afterthought. In their race for digitization, most organizations did not bother with data protection and privacy considerations. Therefore, organizations have now to review how their digital environment has been built and how it has evolved. They need to understand where personal data is stored, duplicated and used to put in place the necessary foundation for proper data governance and data management as per the various regulations.

Even if these key steps seem tedious, by assessing their current security measures and overall data protection and privacy maturity, organizations can identify the path to Privacy and Trust.

When organizations measure the risk of personal data misuse, they can identify the proper privacy risk mitigation approach. Such an approach will rely on technologies, processes and governance to:

  • Embed privacy by design in the digital transformation process
  • Enhance data discovery and classification
  • Enable control over personal data usage
  • Create transparency by adopting global privacy, ethics and accountability policies and practice
  • Implement privacy controls to protect data (data encryption solutions)
  • Implement the necessary controls to demonstrate compliance through Security Operation Center monitoring and reporting

You can check our approach to GDPR compliance spanning from GDPR readiness, to customer rights management, to data breach notification and privacy by design.

We have always encouraged organizations to adopt data privacy regulations as enabler of Trust. In the blog articles posted on our platform, we have highlighted that consumers are warier of none transparent data handling policies and are savvier in terms of protecting their digital footprint.

We have long believed that ethical and transparent personal data management will be a business differentiator in this pivotal next phase of the digital revolution. And we have the figures to prove it!

In Gartner’s report on privacy vendors, they noted that by 2020 organizations that have adopted best practices for protecting their customers' privacy will gain 10% more in revenue over competitors that are caught lagging.

So, what are you waiting for?

Share this blog article

  • Share on Linked In

About Zeina Zakhour
Fellow, Global Chief Technical Officer, Digital security, Atos and member of the Scientific Community
Zeina Zakhour is Vice-president, Global CTO for Digital Security in Atos. Zeina has twenty years of experience in the Cybersecurity field covering the end-to-end spectrum of cybersecurity from security advisory, to security integration, Managed security services/Managed Detection and Response, to securing digital innovations (Cloud, IoT, Edge, AI etc…) as well as risk management, compliance and privacy. She holds a Bachelor of Engineering in C.C.E from Notre Dame University Lebanon, a M. Sc. From Telecom SudParis and an Executive MBA focused on Innovation & Entrepreneurship from HEC School of Management. Zeina is a member of the Atos Scientific community and a Fellow in cybersecurity. She is also a Certified Information Systems Security Professional (CISSP) and a certified ISO 27005 Risk Manager. She was the recipient of Atos Innovation trophy in 2013, was named in 2019 among the “100 fascinating Females Fighting cybercrime”, was listed in the CTO/CIO/CDO French top 10 influencers and was recognized as 2020 Cyber security leader by the Cyber Security Observatory.

Follow or contact Zeina