Facebook Shows Why We Need to Rethink Data Security

Posted on

May 6th, 2019

We Need to Rethink Data Security

Even though Facebook promises that their employees didn’t misuse these passwords, this incident brings light to many data security issues companies face today. It shows that there’s always a risk when we put confidential information on the internet. And while social media channels like Facebook have always assured us of our privacy, we can never be too cautious when protecting our data online.

Data Breaches On The Rise

Of course, this is not the first time that we’ve seen a major breach of user information or a need to rethink data security. In the first half of 2018 alone, approximately 291 records were stolen or exposed every single second.

With this increase in data breaches, users are counting on platforms to do a better job at least notifying them if their data has been compromised. And it’s not just because it’s the right thing to do. The General Data Protection Regulation requires that they do. It has clear security and data breach notification requirements.

As per the GDPR enacted last May in the European Union, companies have a 72 hour notification period. It requires that they inform the people promptly from “awareness” about a breach.

However, it does not state a “perfect’ notice. This essentially means that they will have to tell their customers about the issue. But they won’t be obliged to fill in the details. The purpose is to simply inform users so that they can resort to protecting themselves.

In most cases, the details of data breach incidents need more time to be uncovered. 72 hours is usually not enough time for investigation, which is why the law only requires that users be notified of the progress in phases. And many a time, the phases drag on for too long. This could explain why we only got to know of the Facebook incident now. It has clearly been going on for years. And the officials have not spoken a word about it.

Well, now the flaws of the regulation are starting to show face. After having suffered the vulnerability, all the users got is an assurance. An assurance that nothing went wrong. And a promise to prevent such a thing in the future.

I think we can all agree now that we absolutely need more comprehensive data security and breach notification requirements. Thanks to Facebook!

What’s Currently Under Consideration?

Thankfully, governments are not sitting still on the matter. Several Congress members have proposed bills to improve data security notification programs. And two possible standards are being considered — a harm standard and an occurrence standard.

According to the harm standard, the companies are only required to notify users if the data breach has or will lead to “cognizable harm.” What this is means that they don’t have to say anything unless they think it might lead to answerable issues.

The occurrence standard, on the other hand, requires companies to notify the users, right when the breach occurs. In effect, the occurrence standard seems friendlier for the users. It gives them the chance to prepare and protect themselves. Perhaps before anything bad happens.

The harm standard, which of course the industry favors, is more hostile. It effectively leaves it to the companies to decide whether or not they need to rat themselves out. They don’t have to say anything until something significant happens. What’s more, they get to decide if they even have to.

We know now that we can’t completely trust companies to keep their word. So here’s to hoping that the Congress bills might do something solid for us in the matter. Ideally, we need properly spelled out security practices for companies to follow. Ones that favors the privacy of the users as much as it does large companies.

The good news is you can be proactive in protecting our data to a great extent. Contact us today to know your options.

Christopher Madeira
Director of Marketing
ITAD Communications & Strategy Expert
Snapshot / Quick Stats
- 15+ years of experience in marketing strategy, brand development, and communications
- Specialized in IT asset disposition (ITAD) messaging for compliance-driven industries
- Former leadership roles at The Chronicle of Higher Education, CQ Press, and other respected publishers
- Key focus areas: Market Trends, Client Education, ITAD Compliance Messaging, Thought Leadership, SEO-Driven Strategy
Areas of Specialization
- Market Trends & Competitive Analysis – Tracks shifts in ITAD, resale, and sustainability markets to shape strategy and keep Securis ahead of industry developments.
- ITAD Compliance & Security Messaging – Crafts clear narratives that translate regulatory and data security requirements into approachable guidance for IT leaders.
- Client & Stakeholder Education – Builds educational resources and thought leadership content that empower clients to make informed ITAD decisions with confidence.
Professional Narrative (Career Journey)
Christopher Madeira is the Director of Marketing at Securis, where he shapes how the company communicates its mission of Secure, Accurate, and Sustainable IT Asset Disposition to regulated industries, government agencies, and enterprise clients. With more than 25 years of experience in marketing and communications, Christopher brings a unique perspective on how to bridge technical ITAD processes with clear, client-centered storytelling.
Before joining Securis, Christopher served in senior marketing roles across publishing and education organizations, including The Chronicle of Higher Education, CQ Press, and Congressional Quarterly. These positions gave him deep expertise in shaping brand positioning, leading cross-functional teams, and delivering content that informs and engages decision-makers.
At Securis, Christopher drives marketing strategies that not only build awareness but also educate IT leaders on data security, compliance, and sustainability best practices. His work ensures that Securis remains a trusted voice in the ITAD industry, aligning brand authority with the company’s core differentiators: Secure, Accurate, and Sustainable services.
Quote
“Clear communication makes complex ITAD issues approachable for IT leaders.”
Thought Leadership & Recognition
Christopher is the author of numerous Securis blog articles on compliance, sustainability, and ITAD strategy. He has also developed content campaigns that help IT decision-makers understand the evolving landscape of secure data destruction, ESG reporting, and value recovery.
Personal
A strategist at heart, Christopher is passionate about helping organizations cut through the noise and understand the real risks — and opportunities — in ITAD. Outside of his professional work, he enjoys exploring D.C.’s history, traveling, connecting with his community, and aviation photography.
Trust & Transparency
Christopher ensures that every piece of Securis’ external communication is not only accurate but also aligned with the certifications and compliance standards that define the company’s reputation. His commitment to transparency reinforces Securis’ standing as a trusted partner for IT asset disposition.
Recent Posts
AI Server Recycling For Data Centers
Law Enforcement Body Camera Data Destruction: Compliance, Risk, and Defensible End-of-Life Practices
Healthcare IT Asset Disposition: Why Secure and Accurate ITAD Protects PHI and Strengthens Compliance
ITAD Budgeting: How IT Leaders Build a Secure, Accurate, and Cost-Efficient Disposition Strategy
ITAD ROI: How IT Leaders Capture More Value Through Accurate, Fast, and Secure IT Asset Disposition