2 Understanding data and privacy

 

This chapter covers

  • Why privacy is hard, and what happens when it is overlooked
  • How data can help grow your business
  • How data can be a risk when you handle privacy incorrectly
  • The regulatory sentiment around privacy
  • How customers understand and assess data privacy
  • Building a privacy-first program and culture

In the last chapter, we started building a very high-level understanding of privacy and your business. In this chapter, we will go one level deeper; we will more directly connect privacy outcomes to how your business operates. More specifically, after reading this chapter, you will better understand how your business operations and privacy are connected in the context of the economy, the regulatory landscape, and customer sentiment. To this end, we will look at data.

2.1 Privacy and what it entails

Why do accomplished companies and brilliant engineers find privacy so hard? They have skills that lead to amazing products and growing profits—why can’t they plan for privacy success as well? I have heard these questions asked not in the abstract but in real-life situations where companies with no malicious intent and a proven record of successful products made serious privacy mistakes.

It is time to set some context. Let’s consider how modern engineering works, and how that poses privacy challenges.

2.1.1 Why privacy is hard

2.1.2 Privacy engineering on the ground: What you have to accomplish

2.1.3 Privacy, data systems, and policy enforcement

2.2 This could be your company

2.3 Data, your business growth strategy, and privacy

2.4 Examples: When privacy is violated

2.4.1 Equifax

2.4.2 The Office of Personnel Management (OPM) breach

2.4.3 LabCorp and Quest Diagnostics