SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Tougher Privacy Laws


Tougher Privacy Laws

Author
Message
Steve Jones
Steve Jones
SSC Guru
SSC Guru (619K reputation)SSC Guru (619K reputation)SSC Guru (619K reputation)SSC Guru (619K reputation)SSC Guru (619K reputation)SSC Guru (619K reputation)SSC Guru (619K reputation)SSC Guru (619K reputation)

Group: Administrators
Points: 619994 Visits: 21261
Comments posted to this topic are about the item Tougher Privacy Laws

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
peter.row
peter.row
Hall of Fame
Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)

Group: General Forum Members
Points: 3644 Visits: 584
The bit about tech employees having to prove they requested resources etc... when the shit hits the fan, hmmmm, I wonder how that will go.
Mark Dalley
Mark Dalley
SSCrazy
SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)

Group: General Forum Members
Points: 2242 Visits: 1933
I have to say, I know that the US of A is a great place. Some of your scenery is just awesome. But this whole business makes me glad I don't live there. And it's not that I have anything to hide either.

Not that things are necessarily that much better in the UK. But at least, with GDPR, we have a piece of legislation that was created to empower the individual data subject.

From where I sit, my impression is that the system in the USA is government of the people. by big business, for big business. Not exactly what it says in the Constitution. I don't in the least want to be unfair, and I know that big business gets stuff done, but in this case, it is not the right stuff.

If big business was serious about privacy, there is absolutely no way that Mark Zuckerberg would heve been absent from the nine-nation data privacy hearing the other day, after having been specifically invited.

MarkD
billp 37934
billp 37934
SSC-Enthusiastic
SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)

Group: General Forum Members
Points: 194 Visits: 30
SSCrazy, don't believe everything you hear about big business in America. There are criticism's of businesses large and small and that is as it should be. But business's, at least the one's that don't work primarily on Government contracts, only remain in business by providing products or services that people want enough to voluntarily spend the money they earn. When a breach happens the effect on the value and revenue of the business is typically huge as is the effect on the executives that let it happen. Go review Target. Every "big business" over here and most medium and small businesses are working to comply with GDPR already. Yes, sometimes tech people don't get all the money they would like to enhanced security. But many tech people want to do EVERYTHING possible no mater the cost and then bitch if they don't get everything they want. More laws are not the best solution in my opinion. Already just a little under 1/2 of the economy and therefor power is in the hands of politicians who have to be perfectly alright spending other peoples money, and now future generations money, on what they think is right. More importantly on things that keep them in power. In the mean time big companies still manage to produce some amazing things even while being castigated by politicians whose purpose is to drum up more support for more laws to get more power. It is absolutely not "government of the people. by big business, for big business." Regardless of what you hear.
GeorgeCopeland
GeorgeCopeland
SSCertifiable
SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)

Group: General Forum Members
Points: 6036 Visits: 1159
Mark Dalley - Thursday, November 29, 2018 4:15 AM
the system in the USA is government of the people. by big business, for big business. Not exactly what it says in the Constitution. I don't in the least want to be unfair, and I know that big business gets stuff done, but in this case, it is not the right stuff.

I hear this complaint a lot. Half of the workers in the US work for big business, including me. So the way you frame your statement doesn't exactly capture reality.

GeorgeCopeland
GeorgeCopeland
SSCertifiable
SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)SSCertifiable (6K reputation)

Group: General Forum Members
Points: 6036 Visits: 1159
Steve, I have always liked your editorials, but I think you hit this one out of the ballpark. I agree with every point you made.

The amount of resources you expend on security should be based on the value of the data. This is a business decision, not one that you can specify in legislation. The business concept is due diligence. All entities should exercise due diligence in protecting their data and systems. If they do not, they should be hammered into the ground. My preference is for this punishment to be provided by clients and shareholders. Any government regulation in this area should go toward strengthening the punishment for failure of diligence. Legislation that specifies the bits and bytes of security is the wrong way to go.
Jeff Mlakar
Jeff Mlakar
SSCrazy
SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)SSCrazy (2.3K reputation)

Group: General Forum Members
Points: 2313 Visits: 662
The key question surrounding privacy laws is: "who owns the data?". This is an important distinction to make.

As I understand it, in the US the *collector* of the data owns the data. Whereas in the EU, for example, the person who is the subject of the data owns it. This is big business too - why do you think Gmail is free and constantly available with as much storage as you want? Entire industries make their money with the procurement, analysis, distribution, and usage of personal data about people. Not judging - just saying it is how things currently are.

There is no silver bullet here. I would love to have more control over my data along with increasing privacy for everyone. I think the "let's throw the execs in jail" feels good to say but would not happen and IMO should not happen. We place enough people in prison already. Instead I think the liability landscape should be changed. Ex. when there are major breaches the company usually does not even know until the news reports it. They always claim "they were caught with their pants down" and surprised by super-powerful nation state hackers. That's not the case nor does it accurately depict the threat landscape.

I am excited to learn how GDPR ultimately turns out. I like Ron Wyden because he is one of the few in Congress that advocates for privacy.
Eric M Russell
Eric M Russell
SSC Guru
SSC Guru (111K reputation)SSC Guru (111K reputation)SSC Guru (111K reputation)SSC Guru (111K reputation)SSC Guru (111K reputation)SSC Guru (111K reputation)SSC Guru (111K reputation)SSC Guru (111K reputation)

Group: General Forum Members
Points: 111692 Visits: 14932
So, it's one thing to talk about data privacy in terms of how it impacts the lives regular folks in "flyover country". Ask any politician and they'll acknowledge it's an important issue, even if they then do nothing about it. But consider this: how hard would it be for someone, just one lone hacker, to get their hands on the personal phone records and internet search data for prominent members of Congress? Perhaps the hacker isn't it for financial gain at all and their goal even more diabolical: leaking that VIP data on the web in the weeks leading up to an election or a vote on a key piece of data privacy legislation. That's pretty scary, right? I don't think our political representatives understand the full scope of how important data privacy is.


"The universe is complicated and for the most part beyond your control, but your life is only as complicated as you choose it to be."
billp 37934
billp 37934
SSC-Enthusiastic
SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)

Group: General Forum Members
Points: 194 Visits: 30
SSCrazy, well said. I think your point about Gmail is especially good. Have you ever read Google's terms and conditions? At least here in the US if you put something on Google Drive even they have the right to redistribute, publish, create derivative works, perform it, and a host of other rights that essentially give them every right of an author without actually saying you turn over the copyright. But...we don't have to use Google. Gmail is free and uses all the data any way they want and tell you they do, if you don't like it then you can get office 365 which is much more restrictive in how they can use your data. Perhaps not as restrictive as some people might like but I don't see anyone coming out with an email system that charges enough so that the operators would not need to use the private data. At least if they are out there I haven't heard of them and apparently they can't get enough to advertise well and if they did would enough people use them?
You can have privacy, it just means things are a lot less convenient. So what I think the real desire is many people want the privacy AND get all the free stuff.
Question, do you think HIPAA has really given us control of our health care data or just made it more difficult and costly to get it where it needs to go? Actually that's probably a continuum not an either or. I think it's made it much more costly and inconvenient for very little actual privacy.
billp 37934
billp 37934
SSC-Enthusiastic
SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)SSC-Enthusiastic (194 reputation)

Group: General Forum Members
Points: 194 Visits: 30
Eric M Russell - Thursday, November 29, 2018 7:45 AM
So, it's one thing to talk about data privacy in terms of how it impacts the lives regular folks in "flyover country". Ask any politician and they'll acknowledge it's an important issue, even if they then do nothing about it. But consider this: how hard would it be for someone, just one lone hacker, to get their hands on the personal phone records and internet search data for prominent members of Congress? Perhaps the hacker isn't it for financial gain at all and their goal even more diabolical: leaking that VIP data on the web in the weeks leading up to an election or a vote on a key piece of data privacy legislation. That's pretty scary, right? I don't think our political representatives understand the full scope of how important data privacy is.


If it was really that easy it's hard to believe that there are not a very large number of people out there who would be motivated to, and actually, doing it.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum









































































































































































SQLServerCentral


Search