Opinion

The Risk of the “Risk-Based Approach”

By Stuart S. Shapiro, CIPP/US, CIPP/G

At this year’s IAPP Global Privacy Summit, I repeatedly encountered references to and quasi-explanations of the “risk-based approach” to privacy. The risk-based approach is, apparently, the new black now that accountability is no longer quite so chic. With its focus on the privacy risks incurred by individuals, the risk-based approach is, I was informed, a bold new direction for the privacy profession.

Taken at face value, it’s rather difficult to imagine a more damning indictment of the privacy profession. It’s 2014 and we’ve only just started worrying about risks to individuals?

More from Stuart S. Shapiro

Practical Privacy

Automating Privacy Impact Assessments with the IAPP and AvePoint

By Dana Simberkoff, CIPP/US

Working for a global software company, the compliance team at AvePoint has an opportunity to work with privacy officers, CISOs and CIOs around the world and across many industries. Many of our customers believe that their compliance challenges are specific to their company, and subsequently have very little opportunity to collaborate with peers within their own companies—much less opportunities to collaborate with peers within or across industries.

Posted in Accountability
More from Dana Simberkoff

Privacy Profession

Which Drives Leadership: Compliance or Strategy?

Leadership is crucial to a successful privacy program. It is leadership that engages senior executives, inspires an extended team and provides hope to advocates and confidence to regulators.

But what drives leadership in 2014? Is it the need to have a highly compliant organization in an era where compliance is very complex? Or is a strategic approach to information governance when data moves from being a business facilitator to the driver of innovation?

More from Martin Abrams

Big Data

How To Solve the President’s Big Data Challenge

In his recent remarks on the NSA and surveillance, President Barack Obama grabbed the Big Data bull by the horns. We commend the president’s decision to task the Council of Advisors on Science and Technology (PCAST) to reach out to privacy experts, technologists and business leaders to examine the challenges inherent in Big Data. Government surveillance raises distinct civil liberties concerns that commercial and scientific use of Big Data does not; still, it is appropriate to address the profound impact of new technologies on Big Data business opportunities.

Big Data was all the rage in privacy circles in 2013, and now it is achieving appropriate broad policy attention. It implicates modern day dilemmas, which transcend privacy and impact a variety of delicate balancing acts at the core of free market democracy. The examination requires engagement not only by privacy professionals but also by ethicists, scientists and philosophers to address what may very well be the biggest public policy challenge of our time.

Trending

Was This a Week of “Tangible” Privacy Harm?

By Jedidiah Bracy, CIPP/US, CIPP/E
Photo taken from Ukranian protests in Kiev

Two events this week got me thinking of privacy harms. Now, I know the mere mention of “privacy harms” brings with it a lot of baggage and a ton of research, legal uncertainty, opinion and, well…ambiguity. I couldn’t possibly link to all the countless scholars, lawyers and activists who have tackled the question of what does, or does not, count as a harm, but I couldn’t help think that we may have seen some tangible harms we can all agree on this week.

More from Jedidiah Bracy