Recently, I participated in a Cloud Security Alliance (CSA) webinar “New Opportunities for Data Privacy and Data Protection Harmonization.” This webinar – moderated by Evelyn De Souza, Chair, CSA Data Privacy and Governance Group – showcased the results of a Data Protection Heat Index Survey (registration required)
I encourage everyone to check out the survey report and/or the recorded Data Privacy and Data Protection Harmonization webcast to get the real heat index map produced by Avisen, Inc. (also represented by Mary Beth Borgwing on the webcast). The full map has specific numbers and rates the data protection practices of many other countries besides just the U.S. and European ones.
However, I found even the bare bones fact that Avisen found over 11,000 privacy incidents in the U.S. and only a few hundred in all of Europe over some period intriguing. Does this mean that privacy permissiveness is the root cause of so many incidents? Does the fact that the U.S. began to implement breach disclosure laws 8 years earlier than Europe skew the results beyond knowing? Or – considering the preponderance of economic activity in the U.S. – do cyber-attacks and privacy incidents just “follow the money” regardless of regulatory factors?
We also had a long discussion on Privacy By Design and whether privacy constraints facilitate or impede progress in cloud computing, big data, Internet of Things and other technology trends. The survey found many respondents giving both favorable and unfavorable answers on privacy vs. innovation. In my view, this is a false dilemma. One always has to ask: What kind of world do we want to live in? Privacy has to be part of a positive sum solution along with profits, protection and progress.