US Data Privacy Reforms and Imperatives of Privacy by Design
Privacy Evangelist Ken Fishkin on Proactive Privacy Measures for Data ProtectionThe U.S. is refining its data privacy laws with amendments. For instance, the State of California just announced amendments to its privacy laws (The Delete Act, Assembly Bill 947, Assembly Bill 1194), which include the California Consumer Privacy Act or CCPA. However, the challenge lies in ensuring organizations' compliance, particularly when privacy is often neglected.
Information Security and Privacy Evangelist Ken Fishkin said organizations need to look at privacy by design from the beginning and not take a "bolted-on" approach later in the game.
"Take AI, for example. If you were to enter somebody's name [in a search engine] and if they were on the internet a lot, you would be able to find information about them. I'm not talking about celebrities, but regular people. So people complained about it," Fishkin said. "Now, when you try to find information about a particular person through ChatGPT, it'll say that information is private and cannot be accessed. OpenAI is not doing privacy by design but building in privacy afterward."
In this video interview with ISMG, Fishkin also discussed:
- Recent U.S. regulation and privacy law updates;
- How to implement privacy by design;
- How to address privacy concerns when adopting AI models.
Fishkin leads the information security and data privacy programs for the national law firm Lowenstein Sandler, where he mitigates their security and privacy risks to comply with client and regulatory requirements. He is also president of the New Jersey Chapter of ISC2. He is on the Executive and Threat Intelligence Committees of the Legal Services Information Sharing and Analysis Organization (LS-ISAO) and advisory board member for NJ InfraGard.