Who says data privacy is a dull subject?

Privacy invasion is now one of our biggest knowledge industries. Marshall McLuhan (1911-1980)

I would update McLuhan’s observation to say that privacy invasion is our biggest knowledge industry, period. The struggle to preserve some core of privacy will likely continue through the lives of all people now living, and will result in changes to every aspect of human life.

We who work at the forefront of privacy regulation have a front-row seat on this epic drama. We will see the early results, whether it is GDPR slowing the currently-uncontrolled traffic in data and creating a walled privacy garden within the EU, or whether the rising tide of data, like rising sea levels, simply swamps the defenses. Continue reading “Who says data privacy is a dull subject?”

Considering an end-to-end GDPR solution: Oracle

In this post I will discuss an Oracle presentation on how its product line provides the technical means for GDPR compliance (link). Although I am impressed with the presentation, my main reason for introducing it here is to be able to refer to it when discussing different stages of GDPR measures. Simply reading through this document will give you an idea of the range of technical measures necessary for good compliance at the database level.

In particular, I like the 3-page Appendix at the end of the document, which lists various GDPR articles and the Oracle feature that helps you to comply with each one. If you’re considering a packaged solution, your vendor should be able to present a similar mapping of GDPR requirements to product features. Continue reading “Considering an end-to-end GDPR solution: Oracle”

Sensitive data combinations

This post is my first attempt to tackle the thorny issue of data which is not core personally-identifiable information (PII) but which, in some combinations, is enough to identify an individual. I’ll call this type of data combination-PII (or combo-PII), and such a combination in a specific search a ‘profile’, for this purpose of this discussion.

Combo-PII is reference data that describes living persons

This type of data is usually called ‘reference’ data by database specialists. This is the background data that structures our picture of a person using categories, such as the city and country we live in, our age range, consumer choices (e.g., electricity provider), and similar data. Each of these values, taken by itself, is not enough to identify a person. Many such values taken together can, in some cases, either identify the data subject with certainty, or narrow the number of possibilities enough for subject to be guessed, or combined with other data to produce a match. Continue reading “Sensitive data combinations”

Unrestricted email plus full PII access: recipe for trouble

Storage giant Seagate suffered exposure of the withholding-tax records of some 12,000 employees following a phishing attack.


At the time Seagate noted that there was no evidence that the information had been misused, also known as the absence-of-evidence defense.

Fast-forward a year or so, and the evidence has appeared.


As is usual in these cases, we have a combination of failures, such as: Continue reading “Unrestricted email plus full PII access: recipe for trouble”

Sweden’s data breach: a cautionary tale

Another week, another data incident. The GDPR is arriving none too soon. Let’s hope that it can slow the tide that is washing our personal data out into the internet data-ocean.

This time the victims are the citizens of Sweden, or at least those who have a vehicle registered, are in the police or military, or who are protected witnesses. In other words,  a nightmare scenario, which clearly would be a violation of the GDPR (that is, when it comes into force some ten months from now). Continue reading “Sweden’s data breach: a cautionary tale”

The Data Inventory, Part 1

Let’s get started on something concrete. One of the first things you’ll need to launch your privacy-compliance effort is an inventory of what data you are currently storing. This inventory will be at the core of your efforts, and will be the reference point for stakeholders. In this article I suggest a basic approach to get started using a single table. Future posts will add more tables to provide additional information, so that in the end we have a small schema for our inventory.  Continue reading “The Data Inventory, Part 1”

What to do first

Confronted with the enormity of an effective compliance effort, you are likely to be overwhelmed. For one thing, your resources are likely to be meager. For another, the typical objective at this point is merely informational (“look into it”, “impact assessment”, “cost estimate”). From management’s point of view, this is a reasonable request. From your point of view, it’s not; the information is not lying around, but must be must be collected from dozens or hundreds of applications, databases, filesystems, and more.  Continue reading “What to do first”