Encryption. Cybersecurity. Privacy. Password protection. Those are just a few keywords from the headlines of one recent report of a leading US newspaper this year debating security and privacy in our modern world. The topic is everywhere in the news, of course. Data breaches of major impact have become routine occurrences: Target in 2013, Sony in 2014, Equifax, Uber, and Yahoo in 2017, and who can forget Facebook in 2018? But, how much do you really know about cybersecurity? And, perhaps more importantly, how much do you know about who has access to your personal information and for what purpose are they using it? Should the data-collection genie be put back in the bottle? Is it even possible?
While the issues raised above have personal resonance, they are also ones that companies are wrestling with. At Cantina, we’ve launched a “Data Privacy and Security” working group [^1] in order to consolidate Cantina's efforts in these areas and provide guidance when it comes to current security-related trends in tech. We’re also contemplating the ethical implications that go along with the work we do in innovation, digital strategy, and design, and how best to share our work through education and outreach.
Part of the reason that private companies find themselves in the business of crafting their own path forward in this arena is a lack of government policy and oversight of these issues in the States. Though Senator Ron Wyden is at the fore in trying to create a national-level oversight framework, the fact is that most Americans aren’t tuned in to the need for one, because:
- they don’t know what data is being collected from them, or how;
- they know data is being collected, but don’t understand why they should care;
- they know that their data is being collected and don’t like it, but don’t know what to do about it.
This scenario is a perfect storm for undercutting the process to evoke legislative or economic pressure to rein in invasive, data-grabbing corporations. It hampers any meaningful momentum to create something on this side of the Atlantic similar to GDPR.
At Cantina, we have a general concern about privacy and security in the tech sector--thinking in terms of individual employees, our company, and clients--and how we're using this opportunity to crystallize our thoughts and actions. Our members have already made contributions to the company blog on the topics of Zoom and Apple, and we are intent on using insights from ongoing internal interviews we’re holding as fodder for future installments.
Here are some of those interview insights from our leadership team:
Our Data Privacy and Security Working Group has already begun to form a general action plan and a set of guiding principles arising from the broad consensus among our leadership, to provide continuous exploration, content creation, and internal education within the security space. Privacy and security are important aspects of the work Cantina does and the services we provide. The working group will help inform the company’s evolving perspective on associated relevant topics.
Our working group would love to hear your thoughts and challenges around data privacy and security. Please reach out and keep the conversation going.