Companies need to mitigate against data breaches and make sure they update privacy, electronic data and social media policies on a regular basis.
Internationally, there have been several data leaks that have made headlines, such as when Sony was hacked, with millions of users' private information compromised last month.
Pria Chetty, principal attorney at Chetty Law, says companies face several risks if they don't look after data, including penalties, loss of income, and damage to their credibility.
Chetty was speaking at ITWeb's Security Summit, held in Sandton this week.
Data vulnerability must be measured in the online world, said Chetty. People are vulnerable to data being abused because it's not possible to escape the benefit of the Internet. “We are willing to give so much up in order to have access to that [opportunity].”
In addition, as smartphones become more pervasive, a new frontier of data breaches is opened, she added.
The issue is how to deal with data, said Chetty. In SA, there are already several laws in place that prescribe what can be done with information, and another is on the way, she noted.
Chetty said, for example, Google has a vast amount of information on people based on the searches people do. However, browsers trust that the search giant won't compromise that information, because if it did its business model will fail.
The types of users on the Internet cannot be classified generically, Chetty commented. Browsers vary from totally private to being open books as to how much information they share.
Another concern is the issue of “content wars” as companies battle it out to get users' attention, said Chetty. She explained this is leading to integration of services, and browsers could find Facebook photos being used on other sites, for example.
Web site privacy policies aren't regulated, which means companies can write up terms and conditions that allow them to do anything with people's information, she cautioned.
Share