the second highest year since the Identity Theft Resource Center began tracking them in 2005. [1] Between this influx of breaches and rapidly evolving and emerging privacy laws, it is no wonder enterprises are struggling to protect and effectively manage personally identifiable information (PII)
What happens when thousands of people break privacy laws and a court injunction while tweeting?
Many users do not consider records retention, national privacy laws nor disaster recovery when they are looking for a content solution
Privacy laws are more common and carry stricter requirements and penalties
Many European countries have strict privacy laws that include things like the protection of personal emails even in business email accounts
In Canada, privacy law exists at the federal, provincial, and municipal levels, and applies to both the public and private sector
The cloud services do not “know” the type of data being stored and therefore may violate local laws – or worse – cause their customers to violate local privacy laws
This can potentially break privacy laws, be seen as slander or defamation and leave a company open to public judgment, as well as private litigation
The Georgetown panel on eDiscovery in the EU (1) told us that as you move east and south across the EU, the privacy laws become more stringent and the penalties for violation more dramatic
Sometimes IG programs are led by an organization’s general counsel, and they may be well-versed in privacy law, but they typically don’t have the technology chops to understand exactly how to apply complex new IG-enabling technologies, and they may not be up to speed on records management best practices