Data Privacy a Key in Discussions of Rights and Freedoms, Experts Say
Privacy and data are at the heart of larger concerns about rights and freedoms, and consumers and corporations need to be clearer about their knowledge, understanding and intent around data collection and use, said data experts during a Tuesday webinar that privacy compliance vendor TrustArc hosted.
Sign up for a free preview to unlock the rest of this article
“Privacy is a key example” when people discuss how freedoms and liberties are eroded, said Gary Edwards, co-founder and principal of Golfdale Consulting. He gave the example of insurance companies that give rates based on driving habits.
It may be in the consumer's best interest to say they have a perfect driving record and they "don't have any erratic driving patterns,” he said. If modern cars are recording all this information anyway, giving insurance companies that data will likely lead to a better insurance rating, Edwards said.
“That sounds like a really positive story,” he said. But then you must think about: “What are some unintended consequences of having that data shared?” Additionally, “Did you agree [to share it]? And what happens if you didn't agree? Do you then not get access to better insurance rates?”
It’s a “slippery slope,” the consultant said. “Somewhere in there are some boundaries around this new digital age and all this information being collected, and the implications for privacy professionals are very real.”
Paul Iagnocco, data privacy principal at TrustArc, agreed. “We were never shown" the reality of data collection with repercussions "of this magnitude, so that we clearly understood what was really going on behind the scenes,” he said. “I'm not saying there was ever a malicious intent…because a lot of [data collection] is obviously improving the experience of the vehicle,” or giving consumers insurance benefits, "but it still leaves open that big question of: Did you know, and did you consent? Did you agree that all of this was going to occur?”
Edwards said collecting and selling data and information, especially when it’s ultimately sold back to consumers, is at the heart of the issue. “Those are the discussions ... the privacy community has to be in and around and become very opinionated [about], both to protect consumers ... and the companies that they represent, and ultimately to protect society.”
For companies, this means establishing trust through data minimization, Edwards said. For example, consumers will trust companies that avoid collecting data that's not needed for legitimate business purposes. In addition, companies shouldn't use customer data in "some nefarious way behind the scenes and sell it to others," he said. “We don't ask things we don't need to know, and we don't give away data that isn't ours to give.”
Iagnocco agreed while noting that recent state consumer privacy laws have data minimization at their heart. “This is really the first time I've seen a real conscious effort stateside to ... begin to focus in on asking the question: ‘Do you need all this information?’”
On the flip side, the TrustArc official said that consumers, in the U.S. and Europe, are becoming savvier about privacy and data collection. “They're starting to have a greater understanding" of some browsers and tools, yet their knowledge isn't complete, said Iagnocco: There are "a number of folks” who've “certainly heard of” things like cookies, but “if you ask them to explain what it is," they can't. "They just know what they need to click in order to get to the next screen.”