In the first part of this series, we have learned with which privacy issues we face as individuals browsing the internet. Now we will go a bit further, into the problems faced by organizations.
Impact of Privacy Issues on Organizations
Protecting Organizational Strategy and Proprietary Information
Organizations need to protect sensitive information, such as corporate strategy plans, or proprietary information (such as intellectual property), which could be utilized by competitors or malicious actors to undermine the organizations. This is not just only the case for organizations that manufacture cutting-edge technology in their respective field, but for all kinds of organizations. In 2016, hackers targeted the Democratic National Committee and released their internal e-mail communications, undermining the credibility of several Democratic Party candidates. Also in 2016, hackers acting as Bangladesh central bank officials sent instructions to the New York Federal Reserve in an effort to steal 951 million USD from the Bangladesh central bank’s account at the New York Federal Reserve. They succeeded in siphoning 101 million USD, most of which international authorities have still not managed to recover. These headline-grabbing hacks are an indication of the challenges organizations face in protecting their strategy and proprietary information from competitors and malicious actors alike.
Collecting Customer Information for Marketing and Other Purposes
Organizations collect customer information for marketing and other purposes. Grocery stores go through location information obtained from people’s phones to determine how much time they spend in specific aisles. Frequent flyer and other loyalty programs give benefits to people in exchange for their personal information, which can then be used for enhanced promotion of products and services. The majority of companies build customer profiles that help them make sales.
Customer information can be likewise used to help understand consumer preferences and produce better products and services in the future. In addition, an organization’s collection of customer information usually makes it more convenient for a customer to interact with that organization in the future.
When collecting such information, organizations must comply with applicable federal and state law. In some countries, health care companies or financial services companies are limited in different ways in the types of customer information they are allowed to collect. Sophisticated organizations are familiar with the legal frameworks governing their industries. As non-human actors increasingly perform data collection and analysis, legal and regulatory compliance is becoming significantly more difficult.
Protecting Customer Information
For all consumer-facing companies, and maybe particularly for technology companies such as Google, Apple, and Amazon, collecting personal information from consumers helps to provide more personalized service to each consumer. It also formulates a responsibility for the companies to safeguard that information. For example, syncing data across a person’s Mac, iPhone, and iPad allows for convenient access to information, but also creates an expectation that Apple will take measures to protect this information from outsiders.
Protecting Client Information
For organizations that serve other organizations (such as accounting or legal services organizations), protecting client information is similarly vital to maintaining client relationships. Hackers have earlier targeted professional service companies to obtain their clients’ data, in attempts to circumvent the clients’ sophisticated data protection measures. Understanding these risks, larger professional services firms have undertaken notable efforts to protect client information.
Current Measures to Protect Sensitive Information
Organizations have adopted numerous security measures to protect sensitive information: for example, hiring internal and external information security professionals, educating employees on how to protect the information, and vetting employees to protect against insider threats. Some organizations that have been targeted have additionally started using honeypots (fake, company-monitored data rooms implying to hold sensitive company information, which baits and deceive hackers and help companies learn about hackers’ motives). These measures are essential and necessary and need to evolve to meet new challenges.
So, this is what organizations face online. In the next part of this three-part series, we will explain how Blockchain aims to help us to solve these privacy issues for both individuals and organizations.
Join us in a discussion on social media, we would love to hear what you have to say. :)