Gone are the days where companies collect, process, and share your personal information with reckless abandon. Ok, maybe not entirely gone, but it is no longer an acceptable business practice in much of the world. The privacy pendulum is in motion and momentum is swinging to the side of individual rights.
In the past, companies would consume your personal data with an almost reckless intensity - the more data the better. Then they would slice, dice, sell, barter, and collect as much information as possible about you. It was a race with no transparency or accountability. Your personal data and identity were the assets, and you had no control, rights, or compensation.
To be clear, these practices do still exist, so speaking in the past tense is a bit optimistic. However, as the pendulum continues to shift, I am hopeful as an idealist that these practices are increasingly non-grata and penalized.
Your personal data is valuable and by extension, the privacy of your data is valuable.
Around the world, privacy laws are now being enacted and these laws have “teeth”, and even “jaws”. The penalties and fines are enormous. Just ask Facebook ($5B), Uber ($148M), Google ($61M), and Amazon ($42M) to name a few.
Privacy laws make it very clear – it is your data and your identity. You own it and you control it.
So what does this pendulum shift mean for you?
Simply put, there are laws in place today that give you rights and control over your data. You are empowered. Your rights include:
Right to be informed of a company’s privacy practices
Right to request access to your data
Right to request deletion of your data
Right to correct your data
Right to request a copy of your data
Right to restrict the selling of your data
And if you don’t like their answers….
Right to issue a complaint
How to respond
From a personal perspective, I encourage my peers to take control of their identity. To ask questions of their providers, and if you’re not comfortable with their answers, request that your data be deleted and move to a business or service that respects your privacy and data.
From a business perspective, organizations have a burden, a responsibility to understand the changing landscape of privacy. We work with several global clients that are implementing processes and systems to protect the privacy of their data.
Many don’t know where to start, but they know they need to make sure that they can demonstrate good stewardship of the data they keep, and that their customers can rest assured that the data is secure.
Online’s Virtual Privacy Officers help our clients align their privacy programs with business objectives so that they can navigate the complex and emerging area of privacy and continue to innovate and prosper. Consider this an offer to help – if you need some guidance to make sure your organization has sound privacy practices around the collection, use, sharing, and destruction of personal information – let me know. You never know when someone might call (be it an individual or a governmental agency) to ask about their data.
“With speed-of-light technological innovation, information privacy is becoming more complex by the minute as more data is being collected and exchanged. As the technology gets more sophisticated (indeed, invasive), so do the uses of data, and that leaves organizations facing an incredibly complex risk matrix for ensuring that personal information is protected. As a result, privacy has fast-emerged as perhaps the most significant consumer protection issue – if not citizen protection issue – in the global information economy.” - International Association of Privacy Professionals – About IAPP
This blog's author, Gene Tyrell, is a Senior Consultant with our Risk, Security, & Privacy Practice. Please add your inquiry or comments for Gene in the form below and he'll be sure to get back to you!