SecureState Blog

Read SecureState's award winning blog.

Privacy and Security professionals continue to grapple with data collection, use, and sharing practices – Privacy by Design? Meanwhile regulators will increase enforcement efforts. Here is a look into the foggy crystal-ball for privacy trends 2012; sadly the New Year brings more of the same.


10. Read my Lips, No New Privacy Laws

Dysfunctional Congress remains at an impasse in an election year. So expect little movement on any meaningful privacy legislation: no comprehensive privacy law, no national data breach law, nothing on behavioral advertising. Oh wait plenty of new consumer privacy protections, just none in the United States.


9. Regulator Prowess Continues

Regulators with speculative authority will continue to interpret the law and implement new their interpretations of existing law.


8. More Charlie Sheen and Kim Kardashian

Media hungry celebrities continue to exploit the media to their financial gain or peril.


7. Just a Bill on Capitol Hill

HR 611 (Rush), SB 799 (Kerry/McCain), HR 1528 (Stearns, Matheson, Bilbray, Manzullo) are just an example of the stalled comprehensive privacy bills! Also festering are do-not-track bills: HR 654 (Speier) and SB 913 (Rockefeller). I think we all saw this coming; congressional leaders introduce privacy bills to illustrate to its constituents that privacy is important, but passing nothing so PAC money continues to flow into election campaigns.


6. Office Tweets Aren’t Just for Christmas Any More

Companies continue to see the business value of social media and loosen acceptable use policies. Thus allowing their employees to access the sites on business time and on business equipment. Strategically allowing employees to post on social media forums can improve brand awareness, but it doesn’t come without risk: loss of productivity, slanderous comments, loss of intellectual property, data breach. Better update your acceptable use policy!


5. Three words… Encrypt, Encrypt, Encrypt

Boot encryption on your laptop is no longer enough! Encrypt USB drives, CD-ROMs, DVDs, the cloud, the entire cloud? No longer can we just encrypt data in motion; exploits at the application level suggest it is now prudent to encrypt data at rest.


4. Rewarding Bad Behavior

Behavioral advertising continues unabated, as industry “self regulates.” Hey, it’s lucrative!


3. Your Privates are Public

In April 2005, the Privacy Rights Clearinghouse began tracking data breaches. In 2012 we will see breached records exceed the US population – twofold! In other words, for every US citizen, businesses will have reported two lost records or 620,000,000. My crystal ball hints that maybe some breaches during that timeframe may have gone unreported…


 2. Shaken Not Stirred

Blended threats continue to become more sophisticated. Exploiting multiple attack vectors? Well organized hackers in eastern bloc countries systematically harvesting personal data, financial account data, and medical data. Is that even possible? In a word, yes! The commercial exploit kit I just purchased from Albania requires registration.

And the #1 Privacy/Security Trend for 2012…


1. Consumers Choose Convenience Over Privacy

Geolocation data, mobile device tracking, RFID chips, grocery store loyalty cards, toll booth EZ-Pay transponders, and other portable devices track our location and other pertinent data attributes, while data analytics firms’ enhanced algorithms turn meaningless data points into money making opportunities. “I have no idea what they do with this data. It was probably detailed in the “terms and conditions” I didn’t read when installing the mobile application.”