Privacy and Security by Design: Expert Panel

San Diego’s MITEF Enterprise Forum panel of experts discussed how founders and entrepreneurs can apply Privacy and Security by Design principles in their products.

“American companies beware… if your software fails to protect consumer privacy, you will feel it in your bottom line. That was the message coming from the panelists at the MIT Enterprise Forum, “Privacy and Security by Design,” in San Diego on January 15, summarizes Emad Georgy.

Startups and New Product Introductions: MVP vs. Privacy and Security

As entrepreneurs we tend to think in terms of Minimally Viable Product or MVP when we first launch a product or app, and typically instantiating privacy or security at that point is thought to take up too much time or investment and risk “holding us back” in a competitive space. Yet that leaves a window of vulnerability. When should we consider designing in privacy and security? Is there a right timing?

New laws in 2020

California has two new laws that go into effect January 1: the California Consumer Privacy Act (CCPA) and SB 327, an IOT security law which mandates that manufacturers that sell or offer to sell a connected device in California equip the device with “reasonable security features”.

This makes California the first state to specifically regulate the security of connective devices, which are commonly referred to as internet of things (“IoT”) devices and the CCPA is one of most comprehensive state privacy laws to go into effect since the EU enacted GDPR in 2018.

In contrast to California data privacy laws protecting only personal information, the new security law aims to protect the security of both IoT devices and any information contained on IoT devices.

Given this focus on legislating privacy and security we should be thinking ahead and addressing these principles during the design process. While SB 327 focuses on IoT specifically (this includes connected things such as connected cars, industrial devices, retail point-of-sale or medical devices, to name a few), privacy can impact other products and apps as well, including social apps, media, and telecommunications.  Across the board, these two new acts have an impact on a wide number of products and services.

The Panel of Privacy and Security Experts

Kathleen Glass, VP of Marketing for 2B Advice moderated the panel of distinguished experts which included: Emad Georgy, CTO Consultant and Advisor; Dr. Ro Cammarota, Principal Research Scientist, Intel Corporation; and Darin Andersen, CEO and Founder, NXT Robotics.

 

For more, read the overview of the Privacy and Security by Design Topic.