5G and Privacy Laws | Maintain Compliance with Video Redaction
February 27, 2020 | 9 minutes read
The fifth generation of wireless communications (5G) promises to connect more devices, move more data, and do everything faster; all while offering more security and stability. All of these things are good for one thing – productivity. Every business of every type will be touched by 5G and the next wave of technology it will bring with it.
Business plans typically project into the future. Future plans, products, or gaining new consumers; a successful business is always looking to the next horizon. With the congressional approval to begin widespread 5G installations across the country, 5G has already risen and set. The next horizon is already here and enterprises looking to succeed should prepare for a new industry in data, privacy, speed, and networking.
The Path to Cloud Native
Along with 5G, every business is coming to the realization that in order to remain current with their data architecture is to move their center of gravity to the cloud. As 5G rolls out across the globe, cloud computing has become standardized and businesses are now using cloud-native architecture to handle their data, services, and communication. Considering how to secure the data and having a clear understanding of data risk management will help companies eliminate privacy violations that could cause legal repercussions.
Over the next few years, all telecom applications will be both 5G and designed to work within cloud native architecture. This will be done to increase efficiency and use of applications and services within the cloud native infrastructure. If your business does not have a 5G, cloud-native, cybersecurity and privacy plan in the works, then you may be out of work soon. Consider these statistics:
- 83% of US consumers and businesses will have access to 5G enabled smartphones.
- 44% of US businesses are operating or will be purchasing 5G modems.
- Cloud services will soon contribute $500 billion in global revenues.
- 80% of new applications will be done on cloud platforms and using cloud-native functions.
- 95% of all internally developed applications in the next few years will be deployed in the cloud.
- 75% of existing non-cloud applications will be shifted to cloud-native technologies by the end of 2020.
Forbes magazine wrote “74% of Tech Chief Financial Officers (CFOs) say cloud computing will have the most measurable impact on their business.” How will your business be impacted if you don’t stay ahead of the clouds?
Security Vs Privacy
It’s an old debate. Do you give up security to have privacy or a little privacy to have security? Benjamin Franklin most famously stated “Those who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” Despite his influence on the beginnings of American history, we now have the Patriot Act which clearly states that national security is more important than personal privacy. It may continue to be debated for many years yet to come.
Experts have publicly stated that the new 5G networks will have great implications on consumers’ personal privacy. Since 5G networks allow technology companies to collect more data at faster speeds, the amount of information they can gain will become nearly endless. Corporations and private citizens are pushing for legislation to protect their privacy. If companies can already take the data from your device and learn your name, address, shopping habits, hobbies, family members, friends, and more; what will be the limits when they will now be able to locate consumers and their devices location within a few centimeters? Without privacy protections and legislation, it will be a free for all for spying on consumers, digitalizing the data, and profiting from the knowledge gained from illicit and explicit data collection.
Companies will be using facial recognition software and databases along with their surveillance equipment. When that data is connected to the data on consumer devices, the amount of knowledge that can be gained on a single individual or even misused fraudulently can be extensive. Even homeowners can use new 5G systems with their home security surveillance and connect their devices directly into law enforcement. The ability to protect privacy and stop the misuse of personally identifiable information will become a necessity.
Surveillance Data
With the speed of the new frontier, will come an abundance of data, analyzed by AI and individuals, about the lives and behaviors of private citizens. What type of data is collected? How long is it stored? Who has access to the data? These are not just questions those who feel their privacy is being violated by the constant surveillance monitoring their every move, but these questions should also be asked of companies who are collecting, purchasing or using the data in their business.
There is a point to having surveillance as a form of security in a business setting. Using facial recognitions and biometrics customers can be easily identified creating a feeling of ease and extended comfort to the customer as their needs are met almost instantaneously. However, the consumer isn’t likely to feel at ease if they know a company has a reputation for misusing data or violating privacy laws. Collecting data on consenting consumers, or for general security purposes comes with it a certain responsibility to the individuals’ privacy and the data collected. Having a solid information privacy plan in place that states clearly what data is collected, why, how long it is maintained, and under what circumstances it can be released can make a huge difference. When getting consent from consumers, be sure to include this information privacy plan in the details of the consent. Give opportunities to refuse or not participate without retribution. Building a trusting consumer base long term has lasting benefits.
Having a verification system and administrator to oversee the release of any information can help cut privacy risks. Before releasing any information follow all privacy laws and redact any personally identifiable information. In video surveillance, if there is an incident that requires footage to be turned over to law enforcement. A subpoena or court order would be required, and redaction of all private citizens not part of the occurrence.
Identity Verification
There are many instances when information is released to appropriate channels. This can be through Freedom of Information Act Requests or FOIA or through a court order. The information can be transferred to other companies in the course of doing business, or through the sale of data. As a school, parents may request student records, or patients may request health records from hospitals. Consumers may request copies of their personal data from companies, including with requests to be removed from the company system. All are legitimate and valid reasons to disclose information.
Prior to the release of any information, there must be a standard of verification, or policies that the company has set forth for the requesting party to prove their identity. This can be done through assigned network access, passwords and accounts, or it can be done with manual verification of identification and signed documentation. These policies may also vary depending on the type of data requested and the reason the data is needed. It is the company’s responsibility to know who they are releasing information to – prior to the release of any private data. Doing otherwise could be a violation of privacy laws.
Risk Management
With all the current and future upgrades that companies and private individuals can expect with their telecommunications systems, data architecture and security, and even home surveillance systems, what penalties will be at risk if there is a violation of current and upcoming privacy legislation? With transparency and trust at the forefront of consumer news, is it worth the negative exposure that a violation or security breach would bring?
Customers assume that their actions are being tracked online. However, some new privacy legislation requires that permission from the user must be given prior to any data collection. This changes the very initial introduction to any consumer. Your first greeting must come with an introduction to your corporate privacy policies, as an example, online permissions to use cookies prior to entering the full site function is common. Phone calls must come with a notice that calls may be recorded. Signs must be posted showing that surveillance is being used.
Hiring a qualified professional to help walk through privacy legislation, risk management, data security, and to do a complete privacy audit and walk through with the company’s data use and needs is essential. This can help you understand the trail of your data. Finding the best data redaction system can be an indispensable asset to your company’s workload and IT budget. Knowing when and how to use it properly, training staff regularly, and staying up to date with new regulations should keep any company ahead of any privacy risk violations.
Karma or Redaction?
Using redaction, at various points in the collection, storage, sharing, and maintaining of data can also reduce the overall risk of a breach. A company does not have to rely on good karma and conscientious staff to maintain consumer privacy. Using redaction effectively means that once data is used and is no longer needed, then there is an opportunity to release or remove that data from the system. A company can set up their privacy policy in such a way that redaction happens once, or at different steps in the life of the data.
Some common times to consider redaction of personally identifiable information:
- When data is acquired.
- Prior to disbursement.
- Upon completion.
- Prior to archiving.
- Before data destruction.
Considering the value of data at each of these points will allow the company to integrate redaction as steps in its privacy policy. Training a variety of staff at multiple levels of administration will help the workflow. Managing data quickly can sometimes be mandated by court rulings such as time for turn around on Freedom of Information Act (FOIA) requests or court orders. Having the flexibility to rotate staff quickly and efficiently to handle redactions at any point of the data life can give productivity a boost.
Happy Audit Trails to You
As companies rush to join the 5G and cloud native revolution, a privacy audit will be a necessary part of setting up change. Administration may find this type of audit helpful and it could demonstrate redundancy in the office workload. A company without data, in a data driven world, does not exist. The return on investment is ten-fold to take care of the consumers who keep the money coming in. Their data privacy should be a top priority and having open discussions with your consumers about their data, how you use the data, and how to opt out will be an important part of the trust relationship between the consumer and the corporation.
With this in mind, learn from your privacy audit how to best manage your data, keep it secure and communicate with your customer base. Most companies have a variety of data files on hand. These include pdfs, documents, audio and video files. A top quality data redaction system will be able to locate personally identifiable information and redact from any of these file types. CaseGuard redaction solution is secure, innovative, customizable, and multilingual. Their information redaction system includes video and audio redaction, face detection, object tracking, image and video enhancement tools. CaseGuard redaction system is easy to use and has a variety of useful features that help translate data, and works in 26 languages. Their use of AI and machine learning has made redaction easy, easy to train staff, and cost-saving for IT departments.