Limiting data collection is the most important way that an organization can protect personal privacy. If an organization does not collect personal information in the first place, it can’t abuse, lose, or otherwise mistreat that information. In this video, you’ll learn about the ways that organizations can limit the data they collect.
- [Narrator] Limiting data collection is the most important way that an organization can protect personal privacy. If the organization doesn't collect personal information in the first place, it can't abuse, lose or otherwise mistreat that information. As I discussed in the last video, the generally accepted privacy principles require that organizations provide individuals with notice of the information that they collect, the ways that they will use it and that they obtain the consent of individuals for that use.
This is just the first barrier to data collection. Organizations should never collect information that falls outside of the disclosures that they've made to individuals, even if it's easy to do so or seems to be incidental to the approved purpose. If you do have a legitimate need to collect more information than you've disclosed, you should revise your disclosures, notifying individuals of the new information that you're collecting and how you will use it.
Obtain new consent prior to collecting new information. When you do have a legitimate need to collect information, you've given notice and obtained consent, good security and privacy practice says that you should still collect only the minimum information needed for your disclosed purposes. Don't collect more information than you need and don't keep that information any longer than necessary. In some cases, you may find that the technology that you use forces you to exceed this minimization principle.
For example, you might be using a web server that records more information in web access logs than you need for your disclosed analysis purposes. When that's the case, you still must disclose this collection to individuals because after all, you are collecting the information. The difference is that if you don't have legitimate need to keep the information, you should remove unnecessary information from those records as quickly as possible, preferably through an automated process that doesn't require any human intervention.
The less information you keep, the better. You also have a responsibility to ensure that all of your data collection efforts use fair and lawful means of collection. Interpreting what is fair and lawful depends upon your industry and the laws and ethical practices that apply to you. You should consult your attorneys and privacy officials before beginning or modifying any data collection effort. The bottom line is that you should make all of your disclosures in plain language, make your data practices transparent and avoid being dishonest or deceitful.
In some cases, you may obtain personal information about individuals from third parties such as your business partners. In those cases, you should take reasonable steps to ensure that the third party is collecting that information in accordance with privacy principles and that the third party has obtained prior permission to share it with you. Be upfront with your users about the sources of the information that you are collecting.
Members who take all eight courses in the series will be prepared to take and pass the CISSP exam. Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Understanding data security policies and roles
- Limiting data collection
- Developing security baselines
- Leveraging industry standards
- Restricting access to data with Windows and Linux file permissions
- Encrypting data
- Securing cloud storage