LOS ANGELES — Between the General Data Protection Regulation (GDPR) in Europe, the upcoming launch of the California Consumer Privacy Act (CCPA) locally, and the constant risks the increased digitization of productions brings, media and entertainment companies are constantly on guard today.
“It’s a challenge,” said Martin Mazor, SVP and CISO of Entertainment Partners, during the Oct. 3 breakout session “Protecting User Identities” at the HITS Fall event. “How do we help the studios enforce security? That’s the big question.”
Mazor and Darren Ehlers, SVP of product management for the company, walked attendees through the differing challenges studios and productions face, what Hollywood needs to be aware of with the GDPR and CCPA, and why getting away from paper is a crucial step.
“What we’re concerned about is the world of paper vs. digital,” Ehlers said. “There’s a heck of a lot of paper in our industry, and a piece of paper in a box carries risk just like data on a server.”
The challenges facing studios include compliance and legislative requirements, the risks of non-centralized data, juggling multiple partners and suppliers, the fact that information is across multiple databases, and manual workflows. Meanwhile, productions are looking at a different set of risks, including the demand for more speed, the use of multiple tools, too many passwords, and audit readiness.
“Who isn’t in a cloud environment in one way or another? How do you enforce the security around that?” Mazor said. He pointed out that studios and productions today can solve many of their problems by treating the need to get away from paper and go to a digital solution as “urgent” and making multi-factor authentication a minimum for all productions. Additionally, know where all are you data lives, and watch out for immature suppliers and partners. “We have shows now where they lock down everything, nothing leaves the production,” Ehlers noted.
And when it comes to the GDPR and CCPA, realize what you’re dealing with, Ehlers added. For GDPR, any personal or identifying data must be protected, and consumers have the right to be forgotten. Violations of the GDPR carry significant penalties, including up to 20 million euros or violations. The CCPA meanwhile carries an impact for both consumer and employee data, requiring data transparency, advanced security, and $7,500 per violation penalties. “Don’t take any of this lightly. It has teeth,” Ehlers said.
Mazor and Ehlers showed off how Entertainment Partners’ suite of products helps clients protect user identities, studios stay in compliance, and give productions what they need to remain secure.
HITS Fall was presented by Entertainment Partners, with sponsorship by Genpact, Variety Business Intelligence, edgescan, LiveTiles, MarkLogic, the Entertainment ID Registry (EIDR), Signiant, Cinelytic, Microsoft Azure, Richey May Technology Solutions and Comcast Technology Solutions.
The event was produced by the Media & Entertainment Services Alliance (MESA) and the Hollywood IT Society (HITS), in association with Women in Technology: Hollywood (WiTH); the Content Delivery & Security Association (CDSA); and the Smart Content Council.