Dear Mr Schrems,
Privacy lawyers are very excited, the European Court of Justice has ruled. And you have won, sort of. The UK supervisory authority has sprung into action and declared it wants to ensure that UK businesses aren’t disrupted by the US Privacy Shield being declared an invalid basis for transfers.
Any idea who really cares? I wonder if anyone felt concerned after the judgement when they logged into Netflix and tranferred their personal information to the US, making it potentially available to the people in Langley and Fort Meade without sufficient oversight?
Well people should pay attention. Lots of effort could be spent “re-papering” to put in place Standard Contractual Clauses as a stop gap and that’s investment that could be better spent protecting data, in this context our personal information.
While contractual obligations are important, technical and organisational measures are the underlying safeguarding mechanisms that provide appropriate levels of security for information. The risks are increasing with the frequency and complexity of attacks growing. Organisations and their ecosystems are more elaborate and even more reliant on digital. #twitter #insiderthreat
We need to remind ourselves about the reasons behind the regulations. They have come about as an interpretation of the fundamental rights to privacy and given teeth in the light of a series of data breaches.
While the situation arising from the judgement gets clarified let’s look at having proper processes, the right responsibilities and good technical & organisational measures to actually safeguard our personal information.
A great place to focus is on the business and information architecture to better understand what information is handled, minimise it and make sure the right controls are in place to keep it secure. Certainly ensure the documentation is in place for accountability reasons.
Afterall, it might be my personal information or maybe yours, Mr Schrems.
If you want to know about how data is handled in your organisation, we’d like to help.