fbpx

Download free GDPR compliance checklist!

Tag Archives for " study "

Researchers Find ‘Anonymized’ Data Is Even Less Anonymous Than We Thought

Corporations love to pretend that ‘anonymization’ of the data they collect protects consumers. Studies keep showing that’s not really true.

When it was revealed that Avast is using its popular antivirus software to collect and sell user data, Avast CEO Ondrej Vlcek first downplayed the scandal, assuring the public the collected data had been “anonymized”—or stripped of any obvious identifiers like names or phone numbers.

But analysis from students at Harvard University shows that anonymization isn’t the magic bullet companies like to pretend it is. Previous studies have shown that even within independent individual anonymized datasets, identifying users isn’t all that difficult. But when data from different leaks are combined, identifying actual users isn’t all that difficult.

Source: Researchers Find ‘Anonymized’ Data Is Even Less Anonymous Than We Thought – VICE

GDPR Subverted by Cookie Consent Tools

New study suggests that many websites are navigating around GDPR by tailoring the design of their cookie consent tools and using dark patterns to provide a misleading veneer of a consent agreement.

According to the researchers, the study illustrates “the extent to which illegal practices prevail, with vendors of CMPs turning a blind eye to — or worse, incentivising — clearly illegal configurations of their systems.”

Source: GDPR Subverted by Cookie Consent Tools, Study Reveals – CPO Magazine

Privacy investments get positive ROI

Cisco’s 2020 data privacy benchmark study provide strong evidence that privacy has become an attractive investment even beyond any compliance requirements. Organizations that get privacy right improve their customer relationships, operational efficiency, and bottom-line results.

The data in this report is derived from the Cisco Annual Cybersecurity Benchmark Study, a double-blind survey of 2800 security professionals in 13 countries. Survey respondents represent all major industries and a mix of company sizes.

Source: From Privacy to Profit: Achieving Positive Returns on Privacy Investments

Consumers want personalisation and expect a cost benefit for their data

A study by Dassault Systèmes has revealed that younger consumers are leading the push for personalization that improves products and services, quality of life and personal safety, and are more willing to pay and share their data to get it.

Study confirmed that nearly all consumers already value the importance of personalization, in particular for health and personal safety, and share concerns about how data is collected and managed to achieve it.

Source: #Privacy: Consumers want personalisation and expect a cost benefit for their data

Study Finds Rampant Lapses in Securing Access to Sensitive Information

Sila Solutions Group, a North American technology and management consulting firm, in partnership with the Ponemon Institute, a leading research organization on data protection and emerging information technologies, today released the results of The 2019 Study on Privileged Access Security.

70 percent think it likely that privileged users within their organizations are accessing sensitive or confidential data for no discernible business need and more than half expect privilege user abuse to increase in next 12-24 months.

According to respondents, privileged access rights also regularly remain active even after a role change (30 percent). 62 percent of participants felt it likely that their organization assigns privileged access rights that go beyond an individual’s role or responsibilities. This proliferation of access is emphasized with more than 75 percent of respondents having privileged access to three or more IT resources.

Source: Sila and Ponemon Institute Study Finds Rampant Lapses in Securing Access to Sensitive Information

Non-disclosure of Data Breaches Negatively Affects Acquisitions and Mergers

A recent study has shown that a company’s cybersecurity program, and how it has handled any history of data breaches, has a significant impact on its monetary sales value.

The report, by (ISC)2, asked 250 US-based mergers and acquisitions experts looking at the importance of a company’s cybersecurity program, and how much of an impact its breach history has on its valuation ahead of a potential acquisition.

Their findings revealed that 49% of those experts have seen deals completely derailed after due diligence brought an undisclosed breach to light. Furthermore, 86% of respondents said that if a company publicly reported a breach of customer or other critical data in its past, it would detract from the allocated acquisition price.

Source: #SECURITY: Non-disclosure of Data Breaches Negatively Affects Acquisitions and Mergers

EU Parliament publishes study on Blockchain and GDPR

In recent times, there has been much discussion in policy circles, academia and the private sector regarding the tension between blockchains and the European Union’s General Data Protection Regulation (‘GDPR’).

Whereas, the GDPR is based on an underlying assumption that in relation to each personal data point there is at least one the data controller, blockchains make the allocation of responsibility and accountability burdensome.

Further, although the GDPR is based on the assumption that data can be modified or erased where necessary to comply with legal requirements, blockchains, however, render the unilateral modification of data purposefully onerous in order to ensure data integrity and to increase trust in the network.

Source: Blockchain and the General Data Protection Regulation – Think Tank

European Commission Releases Study on GDPR Data Protection Certification Mechanisms

European Commission has published a final report “Data Protection Certification Mechanisms: Study on Articles 42 and 43 of the Regulation
(EU) 2016/679”.

The overall aim of the study is to support the establishment of data protection certification mechanisms and of data protection seals and marks pursuant to Articles 42 and 43 GDPR.

More specific the purpose of the assignment is to: i) accompany the establishment of data protection certification mechanisms and of data protection seals and marks pursuant to Art. 42 and 43 GDPR and ii) collect all relevant information for the Commission in view of the possible implementation of Art. 43(8) GDPR on the requirements for the data protection certification mechanisms and of Article 43(9) GDPR on the technical standards for certification mechanisms and data protection seals and marks, and for mechanisms to promote and recognise those certification mechanisms, seals and marks.

Read report: Data Protection Certification Mechanisms: Study on Articles 42 and 43 of the Regulation (EU) 2016/679

Even if you’re off social media, your friends could be ruining your privacy

Social networks could use friends to predict what a person would post, researchers find.

A new study from researchers at the University of Vermont and the University of Adelaide found that they could predict a person’s posts on social media with 95 percent accuracy — even if they never had an account to begin with.

Full article: Even if you’re off social media, your friends could be ruining your privacy – CNET

On Facebook and Twitter your privacy is at risk

Individual choice has long been considered a bedrock principle of online privacy. If you don’t want to be on Facebook, you can leave or not sign up in the first place. Then your behavior will be your own private business, right?

The new study presents powerful evidence that the answer to that question is no. It shows that privacy on social media is like second-hand smoke. It’s controlled by the people around you.

Full article: Study: On Facebook and Twitter your privacy is at risk—even if you don’t have an account

1 2 3
>