So far, U.S. companies have felt the brunt of regulators' displeasure. The highest GDPR fine so far – $57 million – was imposed on Google by French regulators, though Marriott may have to pony up $123 million.
Applied to internet applications in general, the IDOR problems that led to the Parler exposure could extend to anything stored sequentially and not secured individually — receipts, posts, and in many instances entire accounts.
In a new report on governance, risk and compliance, Forrester advises top security officials that they have to prepare for more regulations around privacy and personal control over data, especially when it comes to handling medical data during the pandemic.
If 2019 was an opportunity for privacy advocates to push for preparation ahead of looming data protection deadlines, then 2020 was the year organizations were expected to prove themselves ready. In this second article in our Year in Review series, we consider how legal complications leave all businesses, big and small, with a heavier privacy burden than ever.