Risk And Data Privacy…Consider “Privacy By Design”

(I am lucky enough to be working with Sandra Hughes and Nick Vehr on a series of presentations in the area of data privacy. This is the first in a series of three articles about: “Risk. Repercussions. Reputations. Data Security & Privacy for Today’s Business Enterprise.” This article is presented by Sandra Hughes, who retired from Procter & Gamble as its Global Privacy Executive and now consults through Sandra Hughes Strategies.)

Back when the Internet was young, a privacy policy and a compliance program were enough to minimize the risk of regulators bringing enforcement action, customers filing civil lawsuits, and/or hackers causing data breaches.

But our rapidly developing information society and the astronomical possibilities of advanced technology make it nearly impossible to succeed in the marketplace without capturing some type of personal information.

Today, savvy CEO’s know that their creative and engineering employees must practice Privacy by Design.

To illustrate, consider how selling something as innocuous as a “Window” evolves over time.

  1. A Web site provides information. It recognizes the computer every time it clicks, along with other websites it has visited.
  2. Email capability is introduced. Address lists you purchased or received from interactions with customers allow you to deliver advertising straight to customers. Now you know specifically who is receiving your message and a bit about their community based on how they forward your messages.
  3. Online purchase capability adds convenience. Customer service interaction, combined with social media chat and online reviews create a relationship between you and your customer but also an indirect relationship with their community (perhaps not intentionally). Behind the scenes, this is the ‘mother load’ of information: Personal and financial information can be matched with behaviors to not only know “who” uses your Window (and when why and how they use it) but also “who else” uses it (and when why and how they use it).
  4. Mobility Apps provide convenience. They also add the “where” dimension about your customer, and even more data about their habits and practices.
  5. Sensors introduced into your Window design simplify and improve your customer’s life when they communicate directly with your HVAC system to control air quality or electricity expense, given your customer’s pre-set criteria. This brings you up close and truly personal with your customer’s life.

Now, instead of “Window” in this scenario, substitute something else like a personal fitness monitor, toilet, car, jewelry, greeting card, or even something you ingest like a sensor in a pizza!

In each step, the information collected, processed, retained, analyzed, dispersed, shared, and managed expands exponentially. And the number of people and third parties who touch that or could come in contact with that information does as well. This increases the likelihood for human error, technical holes, and misuse contributing to the possibility of data breach, deceptive claims, and fraud.

User mistrust, and the perception of surveillance and “creepiness” – all on top of the risks of government fines and civil lawsuits, can damage your brand and company reputation – maybe even You personally as the CEO.

Companies must give deep thought and ask questions about how personal information of their customers (and employees) will be protected from end-to-end and hand-to-hand. Companies also need solutions which incorporate the desired level of privacy for each customer. (Just like color and fit, every customer has a different desire for privacy.) This is Privacy by Design. In the near future your customers will demand it. Regulators in the US and Europe will require it.

(“Risk. Repercussions. Reputations. Data Security & Privacy for Today’s Business Enterprise,” presented by Sandra HughesJack Greiner and Nick Vehr, can be presented to your industry or trade association. Please contact any of us to find out how.)