Four cybersecurity experts offer advice on protecting consumer privacy.
1. Get Informed Consent
Our health mission rests on a foundation of strict ethical and privacy standards, including informed consent. We’ve had third-party ethical review of our research and consent from the beginning and have benefited from that external oversight. —Kathy Hibbs, chief legal and regulatory officer, 23andMe
2. Be Transparent
Unlike much of the industry, we do not embed consent into our terms of service. Customers are informed about privacy—our privacy page is one of our most visited—and we separate research consent from terms of service, for complete choice and transparency. —KH
3. Democratize Privacy
People shouldn’t have to pay for privacy. It’s not a consumer good. It’s a basic right. If privacy is only available to those who can afford it or are in positions of power to demand it, then we will have created a wealth gap for privacy. —Georgia Bullen, executive director, Simply Secure
4. Handle with care
Given the record of data breaches that have occurred over the past decade, it seems to be clear that customer data should be treated as toxic: The less you have, the better off you are. —Nasir Memon, founder, NYU’s Tandon School of Engineering Cybersecurity Program
5. Add Some Poison
Another effective way to detect what has leaked, and through which possible partner, is to pre-poison the data, sowing into it information that can provide a reference point in the case of a leak. —Ariel Silverstone, managing partner, Data Protectors
A version of this article appeared in the November 2019 issue of Fast Company magazine.