fbpx
1 (617) 528-7410 ClientService@Linguist.com
Protecting European Data Privacy: GDPR Compliance And Best Practices

Protecting European Data Privacy: GDPR Compliance And Best Practices

The General Data Protection Regulation (GDPR) goes into effect in the European Union this week (on May 25). With these changes, data privacy protections are increasing substantially, as are the penalties for companies not in compliance.

Linguistic Systems has been working hard to ensure that our clients, translators, and producers who hold European data are informed and ready. Here are some highlights of how the new regulations will affect our translation processes, along with other strong protections we’ve had in place for many years.

Rights of European Union Clients

Under the General Data Protection Regulation (GDPR), as a European Union resident, you have the following data privacy rights:

  • Opt-in consent: When you complete our project agreement (1) or an email marketing opt-in form (2), you understand and acknowledge that we may collect and hold your data for the purpose of communicating with you about your project (1) or about LSI services or offers (2).
  • Right to access and data portability: You may request from us a copy of your data.
  • Right to rectification/correction: You may request from us correction of your data.
  • Right to erasure/right to be forgotten: You may request from us erasure of your data, as permissible by law.
  • Right to breach notification: You have a right to be notified by us within 72 hours of a data breach we deem may pose a risk to your rights and freedoms as an individual.
  • Right to launch a complaint: You have the right to launch a complaint with your local supervisory authority, if you believe our handling of your data poses a risk to your rights and freedoms as an individual.

Data Security Best Practices

Even if you’re not in Europe, Linguistic Systems has always taken data privacy and security seriously. When your project enters our production process and data processing chain, we require all of our processors to maintain the confidentiality of the data and to follow basic data security best-practices. These include safeguarding the data from unauthorized access and accidental destruction or loss.

Rest assured, we do not use your data for any other purpose than to process and bill your job. And we do not submit your source material to any other third party or for any other purpose. Linguistic Systems is fully compliant with local, national and international data privacy regulations and we can customize our data security approach to match your company’s needs. We’ve worked hard to earn and maintain ISO certification related to the following three areas.

ISO 9001 – Certifies a company has a fully implemented quality management system. To maintain our certification, our workflows and quality management processes are subject to yearly internal and third-party audits, verifying that we continue to meet the requirements of the standard, including the requirement to monitor and continuously improve our service and customer satisfaction.

ISO 17100 – Certifies that as a language services company, we maintain a fully implemented translation quality management system. The requirements of this standard focus on ensuring the competency of translators and editors, and on the adequacy of verification processes to ensure quality in translations.

ISO 27001 – Certifies that we maintain a fully implemented information security management system. Linguistic Systems is transparent with auditors, and our processes offer data management at the highest levels.

We also make every effort to understand and adequately mitigate data security risks inherent in the language-conversion activities we undertake. With Linguistic Systems’ adherence to these ISO certifications, ongoing best practices, and new GDPR compliance efforts, you can rest assured that your project documents and personal data are being cared for. Your data is safe and sound with us.

EDITOR’S NOTE: Linguistic Systems uses a combination of advanced proprietary technology and 7,500 skilled, certified translators to deliver high-quality translations in 120+ languages. With 50+ years and billions of words of experience serving 25,000 clients, including many Fortune 100 and AmLaw100 firms, you can trust us with your foreign language translations.

Are Your Translations Exposing You To Risk?

Are Your Translations Exposing You To Risk?

How Linguistics Cracked The Ransomware Code

Cyberattacks, bugs, viruses, cybertheft, malware or ransomware … a breach of data security under any name is formidable. But, leveraging linguistic analysis is proving to be a valuable tool in cracking a hacker’s code.

As technology advances, the sophistication and intricacies of cyberterrorism add new complexity to data and risk management. However, each attack embeds identifiers in the code that can help lead authorities to the correct perpetrator.

Global law enforcement officials search for those identifiers within the malware to lead to the source of the attack. By analyzing language trends within the code, authorities can make assumptions about where the attack originated.

For example, with the WannaCry ransomware scam, ransom letters were sent out in different languages. But linguistic nuances appeared as errors in generic translations by free machine translation engines.

Experts saw that the hacker’s use of certain Chinese characters hinted at fluency, while the failure to recognize grammatic and contextual cues in other languages supported forensic claims.

You want to be careful of the accuracy of machine translation by itself, especially from free translation sites. (Note: Linguistic Systems uses advanced, proprietary statistical and neural engines for its machine translation. We then add human translation as needed, to get to the desired quality level.)

According to Flashpoint authors Jon Condra, John Costello, and Sherman Chu, in an article published May 25, 2017, “A number of unique characteristics in the note indicate it was written by a fluent Chinese speaker. A typo in the note, “帮组” (bang zu) instead of “帮助” (bang zhu) meaning “help,” strongly indicates the note was written using a Chinese-language input system rather than being translated from a different version. More generally, the note makes use of proper grammar, punctuation, syntax, and character choice, indicating the writer was likely native or at least fluent.”

Data security starts with a commitment to confidentiality. Although free translation sites may seem like a quick and cost-effective choice to translate your documents, they can expose you to risk.

Even Google Translate’s FAQs confirm this possibility: “The stored text is typically deleted in a few hours, although occasionally we will retain it for longer while we perform debugging and other testing. Google also temporarily logs some metadata about translation requests (such as the time the request was received and the size of the request) to improve our service.”

The lack of accountability of free translation sites may contribute to lower quality translations. Forgoing the expertise of human insight probably gave authorities valuable clues to the location of the WannaCry Ransomware hackers. It also highlights the flaws of machine translation software in general, particularly on free sites.

Using a free online translation tool may seem cost-effective, but it invites a third party to engage with your content — one that cannot be held accountable in the event of a security breach. This exposes you to risk.

To be sure that you have the most secure and accurate translation, put your trust in a translation service provider who can offer you the cost- and time-effective methods of machine translation complemented with the expertise of human translation as needed. Choose a service provider with a strong history of excellence in translation and confidentiality supported by multiple security certifications.

We’ve got you covered in all those areas.

EDITOR’S NOTE:  Linguistic Systems maintains an information security management system certified to the requirements of the ISO 27001 information security standards.