“This is also becoming the sentiment of many Countries of the World, and as it is really 20 years overdue, Data Regulatory Requirements will only become more stringent as countries increase their efforts to prevent future data theft nightmares”, says Steven Meister

“As much as I applaud Mr. Cook, and appreciate Apple’s Encryption and security of its phone data, let’s not overlook Apple’s  responsibility,  just like every other Company, to properly secure Customer data they collect from sales, services, Apple stores and other areas of their business.  If Apple is like most every other company, I suspect these data stores are not properly encrypted for customer protection.  If they are, I most certainly applaud them again for their diligence! If they are not as ready as Mr. Cook may think they are, especially in the areas of Indirect Identifiers, his strong words may challenge hackers to target Apple’s business applications just to make a point”, says Steven Meister.

“APPLE’S TIM COOK IS HOT FOR PRIVACY and data protection as he’s been praising the European Union’s General Data Protection Regulation (GDPR) while raising concern about “weaponised” personal data collection by companies.  Cook’s caustic comments come from a privacy conference he was speaking at in Brussels, where he gave a speech that naturally extolled the virtues of how his fruit-based firm loves privacy and data protection, as well as calling for new data privacy laws in the US.”

“It is time for the rest of the world, including my home country, to follow your lead.

“We at Apple are in full support of a comprehensive federal privacy law in the United States.”

https://www.theinquirer.net/inquirer/news/3065067/apples-tim-cook-hot-for-gdpr-and-wants-stricter-us-data-laws

Steve Meister feels, “I am repeating information from some of my recent articles to indicate what Data Compliance Technology, like BigDataRevealed, can do for Companies:

Initial steps a company should take to protect themselves from punitive fines while also implementing modern design concepts that will protect the personal data in their environment.

1. Complete a Data Protection Impact Assessment (DPIA). The first step is to understand where in the environment your company has exposed personal data. Using modern applications, the large majority of your documents, legacy data systems, emails and various data stores can be processed and understood within a few months.

• GDPR regulators have indicated this is a primary step to demonstrate your wiliness to reach compliancy and will significantly lower any imposed fines.
• Knowing the location of large volumes of exposed personal data will focus your efforts in the following steps.
• Analyze and document current Point-Of-Sale, Analytics, AI, Marketing, Research applications etc. that use personal data. Point-Of-Sale-Video https://youtu.be/iKENBHf6L_I

2. Analyze where in your environment you process live streaming data such as social media, third party data, IoT, and others so that plans can be made to discover and remediate personal data before it becomes data at rest. A process that certain software products are able to perform.

The above steps are most easily accomplished when using a ‘Central Repository’ where data assets of many types and structures can be held together; such as Hadoop, AWS 3, Hbase, Casandra and others.

3. Acquire or build API’s in Spark / Kafka and preferably Java using Hadoop, Hbase and or AWS S3 frameworks and platforms for scalability.
4. These API’s will be securely used to access, and decrypt data in the Encrypted Data environment one record, or small groups of records, at a time. The APIs will allow a company’s Point of Sale, and other customer service applications to function with just minimal modifications.
5. For processing large amounts of data for Analytics and other similar purposes I recommend an environment that is Off-the-Grid and uses APIs to pull data from the encrypted environment and only decrypt it once it is at rest in the new environment.

If these 5 steps can be implemented, I believe you could confidently tell customers their personal data is safe, and that Regulators will be satisfied. Take advantage of the time remaining before Regulators find technologies that will identify your weaknesses in a way that would withstand scrutiny in a courtroom.    https://youtu.be/nwwqZTY_6Gc  Steven Meister 847-791-7838 steven@gdprcompliancymaster.com https://www.theinquirer.net/inquirer/news/3065067/apples-tim-cook-hot-for-gdpr-and-wants-stricter-us-data-laws