Guest blog: Three data privacy threats to tackle in 2019

Artificial intelligence, social media, and VPN networks have all greatly enhanced business operation, efficiency and profitability.

From marketing, to transactions, and customer relations, smart technology has been endlessly beneficial in enabling companies to grow and seamlessly expand within their own markets and beyond.

But what happens when the technology you rely on to support your business exposes you to serious data privacy breaches?

To mark Data Privacy Day, which aims to promote international data protection best practice, leading experts at CJCH Consulting and Solicitors, Ana Kocmut-Saunders, a specialist in anti-piracy and licence compliance; and Myles Thomas, a GDPR Liaison and anti-piracy specialist, are offering their advice on the three most common data privacy threats to watch out for in 2019.

International data sharing post-Brexit

Brexit is likely to be one of the most frequently used words in 2019, and we’re only in February!

With the UK’s position post-Brexit currently unclear, it is difficult to predict the full consequences that the UK’s withdrawal from the EU will have in relation to data privacy.

However, data sharing could become a problematic area in 2019.

In particular, Privacy Shield could become the focus of particular concern as the year progresses. This framework for regulation exchanges data between Europe and America and ensures the safe transaction of personal data between the two, reducing any risk for EU citizens.

However, with the UK set to leave the EU, this could have serious implications for UK businesses looking to trade and exchange data with America post-Brexit.

Mrs Kocmut-Saunders said: “The framework has successfully protected the data security of European Union Citizens since its inception, and enabled the EU and US to trade successfully.

“However, the UK’s withdrawal poses security and data issues for future dealings with the US. Our exclusion from Privacy Shield could leave vast amounts of data vulnerable to exposure and exploitation daily, and could impact businesses between the UK and US if precautionary security measures are not put in place.

“It is worth thoroughly assessing and discussing all Brexit eventualities with any overseas trading partners and putting contingency plans in place now to ensure the safe transmission of data in the near future.”

Unsecured removable media

USB drives are a common sight within most office settings. Whether you’re transferring files, storing information, or images, they are used in every professional setting worldwide.

But while their usage is routine, best practices surrounding them, such as responsibly and safety, are not.

The obvious risks associated with removable media is the physical loss or theft of property, which could expose businesses to data leaks. However, another more common issue in this area is the mixing of professional and personal data by staff members.

Mr Thomas said: “Alongside the risks of loss, mobile devices are also highly likely to be used in unsecured networks, such as WiFi hotspots, which could be easily accessed by outside and untrustworthy sources.

“There is also the increasing worry that staff may casually use a device to store both confidential work data and personal images and documents, and share these using the same device, exposing business information to unreliable sources.

“While this may seem like an obvious issue to highlight, it is something that we as legal experts see time and time again, and is often overlooked when regarding data privacy.

“When it comes to mobile devices it is crucial that clear guidelines regarding storage and usage are drawn up and issued to staff, to prevent inadvertent breaches which could be easily avoided.”

Social media and social engineering

The data security risks associated with social media are endless.

Most people, routinely, and excessively share personal information across platforms including Facebook, Twitter, Instagram and beyond – some even divulging information about work.

It is this oversharing of private information, and potentially work-related data, that cybercriminals rely on in order to access security systems and exploit personal and business information.

Mr Thomas said, a lack of staff awareness in relation to oversharing company information across social media, is one of the greatest threats to data privacy.

He said: “Many people would not consider the amount of information that they post online to be a danger to them, however, it can be the simplest way to obtain information about someone.

“This information can then be used as part of social engineering to put personally identifiable information at risk.

“The most alarming point about these risks, is that individuals often given up their information willingly, without even realising it.

“As well as this, social media sites are becoming increasingly less secure, with high levels of spam and possible malware.

Image credit