Five Ways to Be a Good Steward of Customer Data
Advice from four cybersecurity experts
GET INFORMED CONSENT
Our health mission rests on a foundation of strict ethical and privacy standards, including informed consent. We’ve had third-party ethical review of our research and consent from the beginning and have benefited from that external
—Kathy Hibbs, chief legal and oversight. regulatory officer, 23andme
BE TRANSPARENT
Unlike much of the industry, we do not embed consent into our terms of service. Customers are informed about privacy— our privacy page is one of our most visited—and we separate research consent from terms of service, for complete choice
—KH and transparency.
DEMOCRATIZE PRIVACY
People shouldn’t have to pay for privacy. It’s not a consumer good. It’s a basic right. If privacy is only available to those who can afford it or are in positions of power to demand it, then we will have created a wealth gap for privacy. —Georgia Bullen, executive director, Simply Secure
HANDLE WITH CARE
Given the record of data breaches that have occurred over the past decade, it seems to be clear that customer data should be treated as toxic: The less you
—Nasir have, the better off you are.
Memon, founder, NYU’S Tandon School of Engineering Cybersecurity Program
ADD SOME POISON
Another effective way to detect what has leaked, and through which possible partner, is to pre-poison the data, sowing into it information that can provide a reference point in the case of a leak. —Ariel Silverstone, managing partner, Data Protectors