What to do after a data breach
A study completed by Sustainalytics, a research firm that focuses on topics tied to socially responsible investing, has spotlighted risks with tech companies that most Americans use in their daily lives.
Those risks are tied to how tech companies use and protect data. Investors have been slow to appreciate the risks and slow to quantify the cost to adhere to national and international data security laws and the litigation cost when a violation occurs.
The risk levels differ based on two variables — richness of data and strength of privacy management.
It used to be thought that the extent of your personal data was your name, date of birth, and social security number. Now we know that because of our large digital footprint on the web with social media, e-commerce and cloud storage, everything about us is now able to be taken or at the least mis-used by companies with weak privacy policies.
Data taken from our iPhone and Android phones can show GPS on where we go, photos and videos, what we like and buy, and who are our friends. This data has now filled in most of the identity gaps of each one of us.
A great example of data breach and misuse is the presidential election of 2016. The exposure of two difference types of Facebook breaches have greatly affected our awareness of how our personal information can be used to influence our decisions.
The first breach was the hacking of the Democratic National Committee by Russian operatives and then leaking the stolen information via ad placement in Facebook by as many as 36,746 fake accounts to as many as 126 million people.
The second breach was a misrepresentation by an employee of Cambridge Analytica who harvested over 50 million user’s data and their friend’s data from Facebook without their permission under the guise of academic research.
Cambridge Analytica was Donald Trump’s data operations center for his 2016 presidential campaign.
According to Sustainalytics, of the seven stocks analyzed (Facebook, Amazon, Apple, Netflix, Google/Alphabet, Twitter and Microsoft), Amazon and Facebook showed the most risk, based on rich data usage and weak privacy management.
The study found Apple and Netflix to have the best risk exposure based on both companies not profiting from advertising, and Apple’s strong privacy management.
Although they have low risk exposure, Netflix’s privacy management was noted as weak, based on its disclosed policy.
There is a large adjustment coming with the way our tech firms handle our personal information due to new and proposed privacy laws. That adjustment will alter the profitability of many technology companies.
Companies that stay ahead of the curve in successfully protecting our privacy will increasingly be recognized by investors as a business worthy of their investment dollars.
Danny Wood is an independent financial advisor with SeaCoast Financial Partners in Bradenton. To learn more, visit MySeaCoastfinancial.com.