Following the recent breaking news story which revealed that Twitter sold data access to Aleksandr Kogan, of the recent Facebook/Cambridge Analytica scandal, and his company, GSR, Eric Schrock, CTO at Delphix commented below on the need for automated data delivery to keep data secure yet accessible.
Eric Schrock, CTO at Delphix:
“In recent news, it was announced that Twitter sold data access to Aleksandr Kogan, of the recent Facebook/Cambridge Analytica scandal, and his company, GSR. While Twitter has policies that limit access to only public tweets, it is still the case that a company known for data privacy abuse was able to quickly amass information from millions of tweets simply by paying Twitter a nominal fee. Most companies will never face the scale and scrutiny of a Facebook or Twitter, but all of them can take those lessons and better integrate data privacy and risk management into their foundation.
Data has grown to become one of the most important assets a business can own. Those that can leverage data are able to offer a better experience and sell more products or services, while customers find those products and services more valuable and buy more. This exposes tension between the business: the need to serve the needs of developers and third parties, and to serve consumers looking to keep their data private.
Twitter may be unusual in its scale and public nature of tweets, but they are not unique. Every company is looking to better deliver data to those that need it without compromising data privacy. But they’re struggling because you simply can’t separate data privacy from data delivery. Success requires automating the delivery of data while dramatically mitigating risk through data profiling and de-identification.
Businesses of all types, have an unquenchable thirst for continuous access to trusted data to fuel software-driven experiences, whilst ensuring that it is in line with the requirements of GDPR. Twitter and Facebook have taught us that this thirst has limits, and companies need to rethink their approach to data access if they ever hope to meet those needs while maintaining control over data privacy and risk.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.