Read Bennett Gold LLP's privacy policies and practices regarding this web site.
LINK TO: Bennett Gold LLP's Privacy Policies and Practices. E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


BUILD PRIVACY INTO THE PRODUCTS

Source: IT Business.ca

Posted on June 2, 2004

      Although the new federal law governing the commercial use of consumer data in the country has been in full effect since January, Ontario's privacy commissioner said many businesses still fail to understand the differences between security and privacy.

      Speaking at the Infosecurity Canada conference in Toronto on June 1, Ann Cavoukian said it was important to distinguish privacy, which relates to personal control of the use and disclosure of information, from security, which controls access to information that's used in a business context.

      "They sort of have an idea about what security means, but I don't think that most businesses . . . still comprehend what privacy really means," added Constantine Karbaliotis, an executive consultant in the privacy practice of CGI in Toronto.

      "Security's an important part of privacy. Without security, you can't have privacy. But you can certainly have security without privacy."

      In a security-centric world, "the biggest challenge is limiting the use of information for the purposes stated," Cavoukian said. She said people are not only concerned about the growth of a huge database of their personal information, but this private information may be subverted by attackers.

      If privacy of health-related data is affected online by hackers, for instance, "you're talking about life and death consequences."

      After Sept. 11, 2001, individuals grew more trusting of government and tolerant of a spate of new security measures that arguably contravened privacy, but more insistent that businesses protect their online privacy, she said. "Therefore there was a clear distinction between public safety and business issues."

      Going forward, Cavoukian said it's up to Canadian business to "create a culture of privacy" by ensuring solution developers introduce privacy into the concept, design and implementation of technology products.

      This, however, adds costs to creating technologies, cautioned Karbaliotis. If companies are looking only for the cheapest solution rather than the best investment, solution providers will continue not to address these privacy concerns from the start, he explained.

      He said good solution providers, though, will recognize the need to promote technologies that satisfy today's privacy regulations because ulitmately it "keeps their clients out of trouble."

      Cavoukian added the technology community should also recognize and promote security and privacy mechanisms in the same technologies. For example, she noted a 3-D holographic scanner that respects physical privacy while enhancing security by looking only for concealed weapons that people may be carrying.

      As North America witnesses the rise of chief privacy officers, one of the fastest growing designations, companies must decide who within an organization will be responsible for this job, Cavoukian said. Ideally, the function should rest with a "customer-friendly" department like marketing or business development, she said.

      Karbaliotis predicted chief privacy officers will grow in importance because these will be individuals "willing to stand for the company and say 'We're doing this right.'

      "Maybe it shouldn't be the security officer. Maybe it shouldn't be the chief technology officer."

      Instead the right candidate should understand technology, business processes, the legislative environment and be involved in business planning, he said.

      The 9/11 crisis allowed an increasing degree of security to marginalize privacy, but now "we need a new paradigm," urged Cavoukian, and added security and privacy are necessary for freedom to prevail.




CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.


ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.