In the latest IBM Report, the Ponemon Institute found that data breach costs climbed to a total average of $4.24 million, the highest in 17 years. Personal data was found to be the most commonly exposed data type, with 44% of breaches including unique identifiers. The report also identified compromised credentials as one of the main entry points for hacks.

Unfortunately for companies, hacks aren’t the only threat to personal data. There are many ways to leak personal data accidentally, and they can cost companies as much as unlawful data access.

For instance, unintentional insider threats are causing companies severe headaches. Egress reported in its Insider Data Breach Survey that 84% of the surveyed companies suffered a breach from human errors. Lack of adequate security systems and non-respect of security policies are among the causes of accidental leaks of personal data, and they are accentuated by the shift to remote work.

These mistakes have costly consequences. Within the framework of GDPR, European companies are responsible for the security of the processing of the data they collect (Article 32 on the Security of Processing). They must protect personal data from unauthorized access and disclosure. Since 2018, 25% of the fines listed on the GDPR Enforcement Tracker quote Article 32, adding up to 115 million euros in fines.

In the context of increasingly costly data breaches, unintentional leaks and insufficient data protection mechanisms are costing organizations hundreds of thousands of euros. However, as pointed out in the IBM report, modern technical approaches have been shown to reduce the cost of a breach. This information should carry weight when considering implementing new protection mechanisms.

This month, we bring you content on the risks of re-identification and personal data disclosure. We also share insights from our product team on synthetic data generation, and as usual, news and updates from the privacy community.

Happy reading!

The Statice team

Our latest stories

Manage re-identification risks with synthetic data

Anonymization is often presented as the final “privacy state” for data. But data protection doesn’t stop when data has been anonymized. In this post, learn about re-identification risks and how to ensure data privacy.

Read the post

Synthetic data, real use-cases: a talk with our product team

We continue our series of interviews with Borbála and José from our product team. In this post, we discussed synthetic structured data generation with them.

Read the interview

What we’re reading this month

Fake it to make it: companies beef up AI models with synthetic data

Analyst Andrew White commented on Gartner's latest prediction on synthetic data: “by 2024, 60% of the data used for the de­vel­op­ment of AI and an­a­lyt­ics projects will be syn­thet­i­cally gen­er­ated.”

Read more

Papers from the Privacy Enhancing Technologies Symposium

From July 12 to 18, privacy experts gathered to discuss recent advances and new perspectives on research in privacy technologies at the Privacy Enhancing Technologies Symposium. The list of selected papers has been made available.

See all papers

Re-identifying source data for GAN generators

Researchers proposed a new kind of membership attack, exposing privacy concerns for synthetic unstructured data generated with generative adversarial networks (GANs).
Read more

A guide to the EU’s unclear anonymization standards

In a joint contribution on the IAPP website, experts detailed the shortcomings of current anonymization legal requirements, pointing out contradictions and lack of practical recommendations. They also listed possible options for companies struggling with these standards.
Read more

Privacy Evaluation Framework

A research team from Lausanne EPFL released a Privacy Evaluation framework for synthetic data publishing.
Access on GitHub

You can reply to this email if you have feedback on this newsletter
or simply want to chat with us. We'd be happy to hear from you! 
Also, feel free to share it with your friends and colleagues.👇

Was this email forwarded to you? Sign up here.