Announcing CN-Protect Free Downloadable Software for Privacy-Protection

Announcing CN-Protect Free Downloadable Software for Privacy-Protection

We are pleased to announce the launch of CN-Protect as free, downloadable software to create privacy-protected datasets. We believe:

 

  • Protecting consumer privacy is paramount.
  • Satisfying privacy regulations such as HIPAA, GDPR, and CCPA should not sacrifice analytical value.
  • Data scientists, privacy officers, and legal teams should have the ability to easily ensure privacy.

Today’s businesses are faced with data breaches or misuse of consumer information on a regular basis. In response, governments have moved to protect their citizens through regulations like GDPR in Europe and CCPA in California. Organizations are scrambling to comply with these regulations without adversely impacting their business. However, there is no doubt that people’s privacy should not be compromised.

Current approaches to de-identify data such as masking, tokenization, and aggregation can leave data unprotected or without analytical value.

  • Data masking has no analytical use once applied to all values and, if not applied to all values, does not protect against re-identification. Data masking works by replacing existing sensitive information with information that looks real, but is of no use to anyone who might misuse it and is not reversible.
  • Tokenization removes all data utility of the tokenized fields, but re-identification is still possible through untokenized fields. Tokenization replaces sensitive information with a non-sensitive equivalent or a token which can be used to map back to the original data, but without access to the tokenization system, it is impossible to reverse.
  • Aggregation severely reduces the analytical value and if not done correctly can lead to re-identification. Data aggregation summarizes the data in a cumulative fashion such that any one individual is not re-identifiable. However, if the data does not contain enough samples re-identification is still possible.

CN-protect leverages AI and the most advanced anonymization techniques such as optimal k-Anonymity and Differential Privacy to protect your data and maintain analytical value. Furthermore, CN-Protect is easy to adopt, it is available as a downloadable application or plug-in for your favorite data science platform.

With CN-Protect you can:

  • Comply with privacy regulations such as HIPAA, GDPR, and CCPA;
  • Create privacy protected datasets while maintaining analytical value.

There are a variety of privacy models and data quality metrics available that you can choose from depending on your desired application. These privacy models use anonymization techniques to protect private information, while data quality metrics are used to balance those techniques against the analytical value of the data.

The following privacy models are available in CN-Protect:

  • Optimal k-Anonymity;
  • t-Closeness;
  • Differential Privacy, and more.

You will be able to:

  • Specify parameters for the various privacy models that can be applied across your organization and fine-tune for your many applications;
  • Define acceptable levels of privacy risk for your organization and the intended use of your data;
    Get quantifiable metrics that you can use for compliance;
  • Understand the impact of privacy protection on your statistical and machine learning models.

Stay ahead of regulations and protect your data. Download CN-Protect now for a free trial!

Weekly News #3

Weekly News #3

Facebook privacy issues

Experts predict that data privacy will take the center stage in 2019 and that organizations will have to fully embrace it. Google and other cloud providers are already jumping into the privacy wave by offering de-identification tools for healthcare data. 

Data privacy became a major topic in 2018. On one hand, GDPR came into effect in Europe affecting organizations from all over the world. On the other hand, massive cases of data breaches and data misuse where reported leading to customer concerns and legislators proposing new privacy laws.

2019 is expected to be a year in which organizations shift from considering privacy as a nice-to-have to a must-have. This shift will come in part from legislation but also from consumers demanding stronger data protection. Kristina Bergman, CEO of Integris Software Inc., predicts that in 2019 :

  • we will see the rise of the Chief Information Security Officer;
  • privacy and security will be seen as a continuum;
  • a growing conflict between privacy vs. the Data Industrial Complex;
  • the growth of data privacy automation.

In Canada, Howard Solomon interviewed four privacy and security experts, and these are their predictions:

  • David Senf, founder and chief analyst at the Toronto cyber consultancy Cyverity, predicts an increase in the demand of cybersecurity experts to protect against data breaches.
  • Ann Cavoukian, Expert-in-Residence at Ryerson University’s Privacy by Design Centre of Excellence, predicts that 2019 will be a “privacy eye-opener” with a growth of decentralization and SmartData.
  • Imran Ahmad, a partner at the law firm of Blake, Cassels & Graydon LLP, advises that HR should become more involved in preventing data misuse.
  • Ahmed Etman, managing director for security at Accenture Canada, warns that organizations have to be careful of cyberattacks against their supply chain.

Meanwhile, some organizations are jumping into the privacy wave by launching products to help their customers make better use of their data while protecting privacy:

One thing we can be sure in 2019 is that data privacy and security will continue to make headlines.

Weekly News #2

Weekly News #2

Facebook privacy issues

New information on Facebook’s user data misuse causes a $30 billion market-value loss. US senators propose the Data Care Act to regulate privacy across the 50 states. Reporting data breaches is now mandatory in Canada. The Department of Health and Human Services wants to modify HIPAA.

Facebook lost $30 billion in market value after the New York Times published on December 18 documents detailing different agreements that Facebook had with companies like Microsoft, Netflix, Spotify, Amazon, and Yahoo to access Facebook users’ data. For example, Netflix and Spotify could read users’ private messages. However, that was not everything. On December 14, Facebook notified its users of a bug in the Photo API that gave developers access to non-shared photos of 5.6 million users.

Pushed by the recent data breaches, 15 senators in the US proposed the Data Care Act on Wednesday to regulate privacy across the 50 states. The Data Care Act main guidelines are:

  • Duty of Care – Must reasonably secure individual-identifying data and promptly inform users of data breaches that involve sensitive information;
  • Duty of Loyalty – May not use individual-identifying data in ways that harm users;
  • Duty of Confidentiality – Must ensure that the duties of care and loyalty extend to third parties when disclosing, selling, or sharing individual-identifying data;
  • Federal and State Enforcement – A violation of the duties will be treated as a violation of an FTC rule with fine authority. States may also bring civil enforcement actions, but the FTC can intervene;
  • Rulemaking Authority – FTC is granted rulemaking authority to implement the Act.

On November 1st, it became mandatory to notify data breaches in Canada. This is an important step for Canadian privacy regulation and is something that will require a shift in the operation of Canadian businesses because according to Statistics Canada only 10% of the businesses affected by a cyber attack reports it.

The Department of Health and Human Services (HHS) issued a Request For Information (RFI) for input on how to modify HIPAA on the following issues:

  • Encouraging information-sharing for treatment and care coordination;
  • Facilitating parental involvement in care;
  • Addressing the opioid crisis and serious mental illness;
  • Accounting for disclosures of protected health information for treatment, payment, and health care operations;
  • Changing the current requirement for certain providers to make a good faith effort to obtain an acknowledgment of receipt of the Notice of Privacy Practices;

After having a 2018 plagued with data breaches and important privacy regulation (GDPR), we can expect that 2019 will be a year in which protecting privacy becomes a must for public and private organizations. SC magazine has eight privacy predictions for 2019, most of them revolve around regulations and their impact on the behavior of organizations and consumers.