Cyber Security
Full house at the Beyond the GDPR: A Global Approach to Privacy and Data Leadership discussion between Stephen Deadman, DPO Facebook and Simon Chesterman, Dean, Faculty of Law, National University of Singapore. Photo Credit: IAPP Twitter.
Data Protection and Privacy:
Perspectives from Facebook, Google, Apple By Jane Lo, Singapore Correspondent
T
he digital era of the modern world means that there is a lot more data being collected, processed and stored by organisations. Where data relates to personal sensitive information, the loss or misuse can be devastating, as we can see from the July’s Sing Health data breach that led to the leak of 1.5 million patients' personal data, outpatient prescription information of 160,000 people, including Prime Minister Lee Hsien Loong and a few ministers. At the IAPP Asia Forum 2018 held on 23rd – 24th July, Mr Tan Kiat How (Commissioner of PDPC) highlighted in his speech: ”Progressive policies are key enablers of data-driven innovations. Stringent data protection laws may earn a country the reputation of consumer empowerment, but this may be at the expense of business friendliness and may stifle innovation. Too laisse faire an attitude is not conducive either. Consumer adoption of emerging technology may be slow, if silence from the data protection authority results in low public trust and confidence. Singapore believes that there is a viable middle ground. Our assessment is that AI
38 | Australian Cyber Security Magazine
as a technology is still developing but more importantly, businesses have only just begun to explore how AI can be used to enhance their products and services. We need to give both technology and businesses the room to explore and grow. However, consumer concerns must be acknowledged and addressed. The PDPC is not ignorant about these issues nor can we ignore consumer concerns.” Data protection principles devised to reflect these concerns include the US Privacy Shield, UK Data Protection Act, and EU General Data Protection Regulations (GDPR) which came into effect on 25th May 2018. GDPR famously grabbed headlines with heavy fines for non-compliance (up to €20 million, or 4% of the worldwide annual revenue of the prior financial year, whichever is higher). At the IAPP Asia Forum, we gathered some perspectives from Facebook, Google, Apple in the role of privacy in continuous innovations. The Cambridge Analytica Crisis Just weeks ahead of the new European Data Protection law (GDPR) came into effect on 25th
May 2018, Cambridge Analytica filed applications to commence insolvency proceedings, following wide spread media reports that it harvested personal data about Facebook users as far back as in 2014. Since the crisis, the priority, Facebook said, is making its privacy settings more accessible and providing clearer explanations about how data tools are used. Facebook CEO Mark Zuckerberg has since apologized and agreed to testify before Congress about the controversy. “We’ve heard loud and clear that privacy settings and other important tools are too hard to find and that we must do more to keep people informed. So in addition to Mark Zuckerberg’s announcements last week — cracking down on abuse of the Facebook platform, strengthening our policies, and making it easier for people to revoke apps’ ability to use your data — we’re taking additional steps in the coming weeks to put people more in control of their privacy,” ,” Facebook vice president and chief privacy officer, Erin Egan, and vice president and deputy general counsel, Ashlie Beringer, said in a statement. What changes have been made?