Jay Heiser

A member of the Gartner Blog Network

Entries Tagged as 'privacy'

Sony Sued For Losing Unprotectable Data

by Jay Heiser  |  December 18, 2014  |  Comments Off

The CISO asked to protect names and SSNs has been handed a sysyphean task that can never be successful.

Comments Off

Category: IT Governance risk management security     Tags: , ,

Breach Loading? Disappointing New Presidential Proposal

by Jay Heiser  |  May 26, 2011  |  Comments Off

I hesitate to suggest that what the world really needs are more laws, but it is not reasonable is not reasonable to suggest painting some lipstick on the breach notification pig and then taking credit for protecting consumers.

Comments Off

Category: IT Governance risk management security     Tags: , , , , , ,

Is privacy a government-protected human right?

by Jay Heiser  |  November 12, 2010  |  Comments Off

We are in the midst of one of humanity’s grand experiments, and it is increasingly characterized by a struggle over the control of personal data.

Comments Off

Category: Cloud risk management security     Tags: , , , ,

How Much Should We Know About the Lives of Others?

by Jay Heiser  |  March 3, 2010  |  Comments Off

By Jay Heiser and Carsten Casper, with Terry Allan Hicks A new court ruling on data retention practices in Germany is getting a lot of attention from the media, and from some Gartner clients. On Tuesday, 2 March, the German Federal Constitutional Court overturned a three-year-old law that required telecommunications providers and Internet service providers […]

Comments Off

Category: Uncategorized     Tags: , , , , , , , ,

Do We Need Cloud Computing Laws?

by Jay Heiser  |  February 24, 2010  |  1 Comment

I’m concerned that we’re going to legally mandate the application of last century’s standards and practices (SAS 70, FISMA, etc) to new computing models that we have only begun to understand. I’m in favor of revisiting the US privacy regulations, but it would be premature to apply them to cloud computing in any highly specific way. Commercial and goverment entities that want to store PII in unproven multi-tenanted services should be held accountable if that experiment fails.

1 Comment »

Category: Uncategorized     Tags: , , , , , , , ,