#CyberFLASH: Eight tips to improve your organization’s data privacy

imageFor CISOs, every day is data privacy day. But every January 28th Data Privacy Day is officially observed by a number of countries and agencies.

It could be a good day for infosec pros to remind themselves that in addition to IT security, ensuring corporate privacy policies for personal data — of employees as well as customers and partners — are up to date and enforced.

This year’s observation comes at a sensitive time for chief security and privacy officers. Not only are data breaches increasing, the ability of customers to sue is also going up as well.

Just this week an Ontario judge recognized a new common law privacy tort of public disclosure of private facts. The case involved a man who posted a sexual video of an ex-girlfriend on the Internet without permission.

“In the electronic and Internet age in which we all now function, private information, private facts and private activities may be more and more rare, but they are no less worthy of protection,” the judge wrote in part.

The woman had entrusted the defendant with the images, he judge said, and the defendant had no right to publish them. The man was fined a total of $100,000 in damages, plus court costs.

This case doesn’t deal with a corporation. However, before this week no Canadian court recognized the right to sue for public disclosure of private facts. The point is organizations need to note the common law on privacy is expanding.

Read more here

About canux
© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.