Footer Navigation

Header Navigation

Privacy

Government and Private Sector

Is the protection of your highly sensitive data at risk?

Zivver Acquired:

As an American company, Kiteworks falls under the U.S. CLOUD Act. This law allows U.S. authorities to compel companies like Kiteworks to provide access to data they manage, even if that data is physically stored in Europe. In practice, this means that sensitive information could be requested by U.S. government agencies. Legally, Kiteworks must respect the privacy of EU citizens, but U.S. legislation can override this and enforce access. This means that:
<ul><li>Sensitive data, such as patient records, municipal decisions, and legal communications, could be accessed by U.S. authorities;</li><li>You may not be notified when such access occurs;</li><li>Under the GDPR, you are obligated to continuously protect the privacy of EU citizens. Without realizing it, you may breach this obligation, exposing your organization to fines, legal claims, and reputational damage; </li><li>Your reputation could suffer immediately if clients, patients, or citizens begin to doubt the safety of their data.</li></ul>

Does your organization, a partner, or a client use Zivver to securely exchange highly sensitive information? Then consider taking the following steps:
<ol><li>Assess the legal and technical risks associated with Zivver’s acquisition.</li><li>Determine whether these risks are acceptable for your organization and stakeholders.</li><li>Take action based on your risk assessment: a. If you conclude that Zivver can still be used but want more assurance, consider negotiating additional agreements with Zivver, either individually or at an industry level. b. If you conclude that Zivver is no longer a viable option, develop an exit strategy and begin exploring alternative solutions.</li></ol>

Our experienced security and privacy experts can support your organization in taking these steps. We go beyond technical features and security: we also consider usability, legal compliance, and practical implementation in day-to-day operations. This ensures your organization makes well-informed decisions that are not only future-proof but also aligned with your strategic goals.
Want to know more? Get in touch with <a href="https://highberg.com/people/arjen-bol" target="_blank" rel="noreferrer noopener">Arjen Bol</a>.

Not infrequently, I see battles between data scientists and privacy professionals.

Data and privacy professionals: unite!

Data and privacy professionals unite

Not infrequently, I see battles between data scientists and privacy professionals within organizations. In these conflicts, the struggle isn't over traditional causes like land, religion or honor, but rather over data minimization (how much data is needed), storage (how long to retain data) and legal basis (is this even permissible). With heated discussions, smokescreens and rear-guard debates, they engage in combat. But in battles, there are rarely winners. Not in this fight either.

Frank van Vonderen

A solution for all your privacy issues!

Privacy by Design

Privacy by Design A Solution for All Your Privacy Issues

By consistently applying privacy by design, organizations enhance the quality of their data protection and reduce its associated costs. Additionally, employees will become more conscious in handling personal data, and as an organization, you can better justify your choices regarding personal data. In mid-April 2020, the CoronaMelder app was launched. The app, in short, informed people when they had been near someone who tested positive for COVID-19, aiming to address the at that point growing number of infections in the Netherlands. 
Half of the Netherlands was concerned that the government might get access to information about citizens' whereabouts. Fortunately, the app's creators had thought this through: when designing the CoronaMelder app, it was essential that the app be privacy-friendly. With input from numerous privacy specialists, the CoronaMelder app was developed from the outset to offer the most privacy-friendly notification app. An excellent example of effectively applying the privacy by design principle.

Laura Natrop

Privacy by Design: a solution for all your privacy issues!

How can organizations make privacy by design concrete and actionable?

Het concreet maken van Privacy by Design

Making Privacy by Design Concrete: Practical Steps for Implementation

In today's digital age, where data is ubiquitous and privacy concerns are at the forefront, incorporating privacy by design principles into the development of products and services is paramount. Privacy by design refers to the practice of considering privacy and data protection from the outset of the design process, rather than as an afterthought. But how can organizations make privacy by design concrete and actionable?

Since the introduction of the GDPR, privacy has never been so prominent.

Agile working and privacy go hand in hand

Xavier von erlach Sg A90 Vd EF Fk unsplash

Since the introduction of the GDPR, privacy has never been so prominent. The GDPR requires by law that privacy has been considered in advance when realizing new services, processes and systems. This is called “Privacy by Design” (hereinafter PbD). Agile working, such as scrum, is delivered per sprint of 2-4 weeks, with a focus on rapid implementation of new functions. Privacy is often still regarded as a side issue or final element. I also repeatedly hear talk about the “privacy ballast” that would hinder Agile working and would also be contradictory to <a href="https://highberg.com/capabilities/business-agility">Agile principles</a>. With this blog I want to emphasize that “Privacy by Design” fits perfectly into Agile working and that the two even reinforce each other.

Geert Eggens

It's natural to ask that one question: "Are we now 100% compliant?"

100% Privacy compliance is not possible

100 Privacy compliance is not possible

Many entrepreneurs and executives shudder at the thought of the fines and liabilities associated with GDPR. So, it's natural to ask that one question: "Are we now 100% compliant?"

100 per cent privacy compliance is not possible

Privacy by Design: protection at the heart of algorithms

Is Privacy by Design important in algorithms?

Privacy by Design: Protection at the heart of algorithms

What is Privacy by Design? 

Privacy by Design is a strategy that focuses on integrating privacy protection into technological products and systems from the outset. This approach means that privacy is a fundamental part of the design process, rather than an addition or adjustment made afterward.

Security system locks data computer safety generated by ai

On September 18th, questions were raised in the Dutch House of Representatives about the acquisition of the Dutch data security company Zivver by the American company Kiteworks. Zivver provides systems for the encrypted exchange of highly sensitive information, such as medical data, via email, chat, and video. Zivver’s clients include hospitals, healthcare institutions, government agencies, municipalities, and financial and legal service providers.
Although Zivver emphasizes that data will continue to be stored within the EU, its new American ownership raises concerns. Organizations relying on Zivver for the secure communication of highly sensitive data must now carefully assess the risks and consider potential alternatives.

Arjen Bol

Samet Sevencan

Zivver Acquired: Is the protection of your highly sensitive data at risk?

The CLOUD Act and U.S. Regulations

What you can do

Support and advice from Highberg

Related Insights