data protection

Online data privacy has always been a controversial topic. The fact that users store data with third parties has demanded increased transparency on how these platforms actually store and process personal data. Data breaches resulting in compromised personal information have added fuel to the fire, proving that privacy concerns are warranted. These…

The ability to reset your password is an essential system requirement. With so many online services available, it’s common to have multiple user accounts for the various apps and services you interact with every day. Security doctrine dictates that you need a different password for each account, and that you update each one regularly. With so many…

Social login gives application users the ability to apply existing login information from their social media accounts to register and sign into third-party sites. But before we jump into the topic of whether social login is secure or not, let’s answer the question below. Do users really want social login? (Spoiler alert: Yes!) From a user’s point…

Trust is the cornerstone of any successful customer relationship and organizations now have more opportunities than ever to gain that trust. In today’s interconnected world, companies are constantly handling sensitive customer data—and how they use and secure that data plays a huge role in determining the trust customers place in them. A breach…

The White House Office of Management and Budget (OMB) is proposing a new policy to address Federal agencies’ implementation of Identity, Credential, and Access Management, and earlier this month asked for public comments on the policy draft. Tim McIntyre, our associate general counsel and data protection officer, submitted the below comment to the…

The General Data Protection Regulation (“GDPR”) is a European Union (“EU”) law, but it’s going to have a big impact on American businesses that collect and process personal data of EU individuals. While American companies may be familiar with its predecessor, the Data Protection Directive through the Privacy Shield and Model Clause programs, the…

Imagine your typical weeknight: you come home for dinner, and maybe you check the mail, which is filled with unsolicited offers for new credit cards. While waiting for dinner to cook, you clear out the emails in your spam folder. And when you finally sit down to dinner with your family, the phone rings — surprise, surprise, it’s a telemarketer…

There is a price tag on misused credentials. This week, as Rachel King at the Wall Street Journal reports, Tata Consultancy Services’ (TCS) bill came out to $940 million. An employee at TCS was found to have used credentials from a previous contracting job at Kaiser to access more than 6,000 confidential files on Epic System’s web portal. Prior…