ISSUE HIGHLIGHTS
- Supermarkets Selling Customer Data
- Redacting Personal Data to Meet Privacy by Design
- A PII Data Breach at Pepsi Bottling
- The New Rules of Privacy
INDUSTRY NEWS
Forget Milk and Eggs: Supermarkets Are Having a Fire Sale on Data About You
A recent investigation by TheMarkup shows that swiping your supermarket discount card might share much more information than you realize, and not only with your grocer. Many stores infer information about you from your purchases and use third-party databases to enrich this information into detailed consumer profiles.
Then, they analyze and de-identify this data, and sell it to consumer brands that use it to target you with advertising.
How Personal Data Identification and Redaction Can Help Satisfy Privacy by Design
Privacy-enhancing technologies like personal data identification and redaction help companies to build privacy by design principles into the foundations of their systems. In fact, these principles were recently formalized when the International Standards Organization adopted ISO 31700:2023.
Learn more about how privacy by design principles help you ensure compliance with regulations like GDPR, and also gives your company the opportunity to strengthen customer relationships by signaling your trustworthiness. Read the article.
Gulp! Pepsi Hack Sees Personal Information Stolen by Data-stealing Malware
In late 2022, malicious actors compromised Pepsi Bottling Ventures by installing malware that secretly exfiltrated PII from the company’s network for nearly a month. After the attack was detected, it took nearly nine days to shut the attackers out of their system.
And while the details of this attack are worrisome – not only names and mailing addresses, but also social security and passport numbers were stolen – questions remain about the full scope of the breach.
Check out the full story here.
The competitive landscape around data privacy continues to evolve amid increasing consumer mistrust, new laws and enforcement actions worldwide, and privacy-focused market competition from influential companies like Apple.
How can your business meet these challenges, cultivate customer trust, and extract insights from sensitive data – all while protecting your users’ data privacy?
By following the new rules of data privacy.
Read more in the Harvard Business Review.
Credit Suisse Says Rogue Staffer Took Personnel, Salary Data
Is it OK for a coworker to access your sensitive personal data, including data about your salary and other compensation?
No.
A recent revelation from Credit Suisse shows why it’s important to safeguard employee data from unauthorized access – including access by other employees. Read the article.
DATA VAULTS
India's DPDP Bill: How Skyflow Eases Compliance
All businesses handle some degree of regulatory uncertainty, but uncertainty around the regulation of your customers’ personal data can be particularly worrisome – after all, such data is essential to most businesses. So, how can companies in India future-proof their handling of their customers’ personal data to better protect it, while easing compliance with pending laws like the draft Digital Personal Data Protection (DPDP) Bill, 2022?
Check out this blog to learn about the recent developments in India, and how a data privacy vault can help companies improve the privacy and security of sensitive data.
COMMUNITY
The Partially Redacted community is bringing together a group of professionals who want to learn, network, and share their knowledge around data privacy, security, compliance, and data governance.
Partially Redacted Slack Channel
Join the Slack community to participate in the conversation on challenges companies, engineers, and others face when it comes to managing and protecting customer data.
Check out the latest episode of the Partially Redacted podcast, Data Backup and Disaster Recovery with Druva’s W. Curtis Preston. Curtis has been working in backup and disaster recovery for nearly 30 years and has written five books on the subject. He joins the show to discuss backup and recovery missteps, best practices – and how Druva, the SaaS-based backup and recovery platform, helps businesses offload backup responsibility. Listen today.
EVENTS
APIsecure: March 14-15, Santa Clara, CA.
World Cyber Security Summit Jakarta: March 14-15, Jakarta, Indonesia
Fintech Meetup: March 19-22, Las Vegas, NV
IAPP Global Privacy Summit: April 2-5, Washington, DC
RSA Conference: April 24-27, San Francisco, CA
WE'RE GROWING, COME JOIN US!
Are you passionate about tackling the ever-growing data privacy problem? So are we. Check out our open roles, and if they aren't a fit for you, please share with your network!
- Senior Software Engineer, Developer Tooling (anywhere)
- Backend Software Engineer (anywhere)
- Product Marketing Manager (anywhere)