Some Privacy Practices May Result in Under-Reporting of Breach Incidents

Resource Center / White Papers / Some Privacy Practices May Result in Under-Reporting of Breach Incidents

Some Privacy Practices May Result in Under-Reporting of Breach Incidents

This white paper presents scenarios and vulnerabilities that could compromise encrypted data and result in a data breach.

Published: May 2018

Contributor:

Kelce Wilson

Click to View (PDF)

Several privacy laws, including the EU General Data Protection Regulation and some U.S. state laws, carve out an "encryption exception." If a company encrypts its data but the key to access the data was not compromised, the thinking goes, the encryption renders the data unreadable, and hence, "there is no reasonable likelihood of harm to the data subjects, and the theft incident does not actually meet the legal definition of a data breach." This white paper presents several scenarios and corresponding vulnerabilities that could compromise encrypted data and result in a data breach.

ResourceCenter

All the tools and information you need in one easy-to-find place

Some Privacy Practices May Result in Under-Reporting of Breach Incidents

Some Privacy Practices May Result in Under-Reporting of Breach Incidents

Some Privacy Practices May Result in Under-Reporting of Breach Incidents

Some Privacy Practices May Result in Under-Reporting of Breach Incidents

Related Stories

CCPA Compliance Operation: Delivering Data Access via Accounts

Succeeding at the Intersection of Security and Privacy