Greetings from Portsmouth, New Hampshire!
It was quite a week for U.S. politics with the unusual juxtaposition of the State of the Union address, the conclusion of the impeachment trial of President Donald Trump, and the chaos that came out of the Iowa caucuses. Historians will likely look back on the week's developments for years to come.
Political affiliation aside, and without going too deep into the incident, the app used in the Iowa caucuses reminded me of the importance of privacy, security and usability design for products and services. It doesn't appear much of that was done prior to the launch of this app. According to NBC News, the app was rushed to market and contained a slew of technical and design flaws, including how it reported data back to the party and that the user experience was difficult to navigate.
Though the app appeared to include a simple design, there were coding errors that likely would have been caught if there had been more user testing. One security analyst said, "The app appears rushed. ... Someone was not paying attention or on a deadline."
Though the Iowa incident wasn't a privacy issue, per se, it does parallel the issues privacy pros aim to prevent when a new app, product or service is being built. Foresight for privacy, security and usability are all needed long before that product goes to market. As was demonstrated in Iowa this week, design has immense consequences. Hopefully, the chaos that came out of the incident will be enough to prevent another such issue during this busy election year and beyond.
Speaking of privacy design and technology, we released this week a brand-new version of our official text for the CIPT certification, "An Introduction to Privacy for Technology Professionals." This new text is available as both print and electronic versions and covers key concepts and techniques for the data life cycle. It looks into the impact of privacy on engineering, incorporation of privacy into risk analyses, concepts that include encryption, identifiability and anonymity, as well as useful privacy interfaces, the management of privacy governance, and the integration of security and privacy. Foundational stuff here.
Finally, we're working on the latest version of the "Privacy Tech Vendor Report." We're asking vendors take the time to update their profiles by Feb. 27 so we can ensure our directory is as updated as possible. The form can be found here.
For practitioners who are shopping for, implementing or using third-party privacy technology vendors, I'd love to hear about your pain points or thoughts on how the process is going. This is a fairly new development for the profession, and we want to be as helpful as possible as you navigate all the phases of privacy tech implementation. Maybe you're frustrated or have advice to provide for others. Either way, let us know, we're all ears.
If you want to comment on this post, you need to login.