Data Protection: keeping important data from corruption, leak out, or loss
Personal Data: data about a particular person, especially sensitive information regarding their finances, medical history, family,...
Consent: the agreement that users can research for data with full information voluntarily and freely
Transparency: the openness and accountability of the media in exchange of information
Accountability: refers to good journalism, revealing accurate information, democratic initiative and allow opinions exchange
Security: measures and practices to protect personal data from unauthorized access
Anonymization: process of removing personal identifiers, both direct and indirect, lead to one individual to be identified
Encryption: a form of data security in which information is converted to ciphertext. Only authorized people who have the key can decipher the code and access the original plaintext information
Blockchain: a decentralized and distributed digital ledger technology. Ensuring transparency, security, and immutability in the recording and sharing of information, including transactions and content distribution.
Case studies on Data and Privacy
The Target Data Breach: A Case Study in Security Failures
Businesses of all sizes should take note of the 2013 Target data leak as a lesson in data protection. Here is a closer examination of the event and the knowledge gained:
The Breach: Using a compromised vendor, hackers gained access to Target's network around the end of 2013. Over 40 million consumers' credit and debit card numbers were stolen by hackers who gained access to point-of-sale networks. Subsequently, it was discovered that up to 70 million consumers' names, addresses, and phone numbers had also been compromised.
The Outcomes: Target lost money and came under intense public criticism. Consumers who had their identities taken were victims of fraud and identity theft. Target was required to pay hefty fines in addition to millions of dollars in settlements from litigation.
Learnings:
- Third-Party Risk: Dependence on outside vendors with shoddy security procedures is vulnerable, as demonstrated by the incident. Businesses must evaluate and control the security threats that their suppliers provide.
- Investment in Data Security: The incident made clear how important it is to make significant investments in data security measures. This covers personnel training, intrusion detection systems, firewalls, and encryption.
- Data Minimization: The impact of the hack was made worse by Target's storage of pointless customer information, such as names and addresses, during periods of high transaction volume. Companies should only gather and retain the data necessary for their intended uses.
- Quick Reaction: The public's confidence was further damaged by Target's tardy reaction to the incident. To rapidly locate, contain, and fix security breaches, businesses must have a well-defined incident response strategy.
The Aftermath: Tighter data security laws, such as increased obligations for data breach notification, were imposed as a result of the Target hack. Chip-and-pin technology was introduced by payment card firms as an added layer of security. Companies started to realize how important data privacy and cybersecurity are.
Beyond the Headlines: There was more to the Target hack than just credit card theft. With millions of people at risk of identity theft and financial hardship, it brought attention to the human cost of data breaches. The incident also emphasized how crucial customer trust is. Companies who don't sufficiently secure client data run the danger of losing the trust and loyalty of their customers.
Apple vs FBI Encryption Case:
A turning point in the ongoing discussion in the digital era between user privacy and national security was the Apple v. FBI encryption case. Here is a closer examination of the case and its ramifications:
The Incident: Fourteen people were killed in a terrorist incident that occurred in San Bernardino, California, in December 2015.
One of the assailants' work-issued iPhone 5Cs was found by the FBI.
The FBI lacked the tools to retrieve the data because the phone was secured with robust encryption.
The Argument: The FBI requested a court order requiring Apple to develop proprietary software that would get beyond the security measures on the iPhone, effectively making the encryption easier to hack.
Apple declined, claiming that complying would make all iPhones less secure, opening them up to hacking and endangering user data. The matter turned into a conflict between two crucial ideas: user privacy and national security.
The Result: With the assistance of a third-party vendor, the FBI was able to unlock the phone prior to a final court ruling, making the matter largely irrelevant. But the fundamental problems were still unsolved.
What We Learned: The case brought to light how crucial data encryption is becoming to our online existence. It made the possible conflict between user privacy rights and national security requirements clear. The controversy around the development of encryption technologies "backdoors" rages on. Backdoors may help law enforcement, but they may also leave gaps that hackers and other criminals could exploit. The case also demonstrated how private corporations, such as Apple, can withstand political pressure.
The Aftermath: There are no simple solutions to the ongoing encryption issue. Tech companies are always trying to enhance security features, which frequently results in making encrypted data even more difficult for law enforcement to access. Governments everywhere are trying to figure out how to strike a balance between the right to privacy and security requirements.
Additional points: There was more to this case than one phone. It sparked debate about the efficacy of encryption in the digital era and the responsibility of internet corporations in safeguarding user data. Discussions on what constitutes "reasonable" help from tech companies to law enforcement in their investigations were also spurred by this case.
Link : https://www.cnet.com/tech/services-and-software/how-did-the-apple-vs-fbi-fight-end/
No comments:
Post a Comment