🌎 Moving fast can create imbalances. Don’t sacrifice your worker privacy for your consumer data privacy in your app; we’ll help you do both well and fast.
Accelerating digital road maps by seven to 10 years likely left you with some things to review from a security perspective. Please check out the first post in this series for what you might need to review to securely support your remote or hybrid workforce, as well as a checklist for consumer-facing apps.
Security isn’t the only thing that can get overlooked when we go fast. As well as implementing technical protections — we also need to understand what and how the data and how impacts the humans that use technology. This is where privacy comes in. Privacy is having a critical global impact on software development because consumers, businesses, and governments are demanding that technology operates in a way that complies with legislation like GDPR (General Data Privacy Regulation), CPRA (California Public Records Act), APPI (Act on the Protection of Personal Information), and LGPD (Lei Geral de Proteção de Dados Pessoais). This is an opportunity to rethink exactly what and how much data is collected, how it’s used, and who gets to see it. It’s a turning point where individuals are no longer blithely accepting that massive amounts of data about them are being created, shared, and used.
At Auth0, I regularly collaborate with our vice president of privacy, Lucy McGrath, and she is a part of my organization. For this series, I asked Lucy for her perspective on data privacy mistakes companies can make when they move fast.
An integrated approach is essential for security and privacy. There’s a saying if you want to go fast, go alone, but if you want to go far, go together. This is changing — you can’t protect privacy alone. If you go alone, you won’t go anywhere. “Ultimately, data privacy is about trust,” says Lucy. “And it’s a collaborative effort. You can’t think about security or data governance, or privacy in isolation. You need to work across departments within your organization and also listen to your staff and your consumers/users. From a practical standpoint, you need to work with others even beyond your immediate business — data privacy regulations are changing rapidly —technical solutions are essential in order to scale privacy compliant technology. If you don’t collaborate, you’ll be left behind.”
Lucy’s insights on remote/hybrid workforces and consumer-facing apps can improve your workplace culture and improve your relationships with your customers — and keep you focused on your business rather than dealing with regulators and potentially incurring large fines.
“Probably the most important thing to remember when thinking through data privacy is that you’re delivering a service that impacts humans,” says Lucy. “We can get dazzled by what technology can do, but the technology is really there to help the humans accomplish something. Centering on the human who needs to use or benefit from the technology helps you to focus. — and align with existing and emerging data privacy regulations.”
As always, this information is shared from the perspective of business impact and planning. For how data privacy regulations apply to your specific business situation, please reach out to your legal counsel.
Auth0 recommends you always consult legal counsel for specific advice about compliance with legal requirements.
The workforce mix: remote, hybrid, in office