hung up on privacy lately.
My last two posts, respectively, have dealt with
data brokers and the relatively unchecked accumulation of people’s personal information on- and offline by companies nowadays.
that’s been gaining traction in the IT community and why researchers ought to
a growing sentiment among experts that we may be on the brink of a privacy
backlash in response to a perceived lack of informed consent and
transparency with regard to Big Data collection and use.
companies’particularly among younger cohorts’is already abysmally low.
A Consumer Trust Crisis
Tom LaForge, summed up the trust situation well in a speech I attended earlier
you should worry about. Worry instead about whether or not people will allow
you to stay in business, because ‘big’ is on probation,’ said LaForge.
trust governments. And global corporations are often bigger than governments. Corporations
are about as big as it gets.’
license to operate’ as a result.
well-publicized privacy breach (note that’s privacy
breach, not data security breach) might
cause serious, even irreparable damage to a brand, company or other
institution’s credibility and relationship with the public.
Privacy: It’s About Ethics Not Compliance
privacy not in terms of compliance, but in terms of ethics.
these days is arguably because current legislation and regulation don’t go far
enough and may not be able keep pace with technological change.
on their own. That’s a complicated affair in which the research community can
be an invaluable resource.
with ‘privacy engineering.’
What is Privacy Engineering?
systematize privacy and embed it in the products and processes companies use, buy, create
McAfee, back in April.
technological aspects of data security and privacy, is also co-author of ‘The Privacy Engineer’s Manifesto: Getting from Policy to Code to QA to Value.’
people back into our infrastructure and to think about data from the consumer
perspective,’ Dennedy told me.
It’s particularly important for researchers to familiarize themselves
with this approach, I think, in part because companies are increasingly looking outside the
research function to data scientists to manage Big Data.
Engineer’s Manifesto’ and it may be just the blueprint consumer researchers need
to insinuate themselves in the fundamental discussions that shape not only
harness Big Data moving forward.
See Also: Privacy by Design
and a landmark resolution approved by international data protection and
privacy commissioners in Jerusalem in 2010.
at ensuring that privacy is embedded into new technologies and business
practices from the outset and boils down to three key tenets:
Trust and control
Freedom of choice
Information Commissioner of Ontario, Canada, and architect of PbD, privacy
policies are becoming meaningless to people and companies should not hide
isn’t buried in jargon’does not equate to informed consent. People check the box
without reading all the time,’ Cavoukian told a room full of consumer
researchers back in May.
‘Privacy isn’t something people think they should have to
ask for; it’s a presumption,’ Cavoukian added.
lawsuit, but it won’t help in the court of public opinion, where the stakes
may be much higher.
public backlash has become, Cavoukian cited a variety of survey data,
most notably a January 2014 AP-GfK poll in which more than 60% of respondents
said they value their privacy over anti-terror protections.
PbD and privacy
engineering offer a compelling safeguard to companies because they’re
inherently proactive. You’re embedding privacy protection in everything you do
and design’right down to the code’from the get-go.
ensure that all current and future products, systems, etc., meet standards that
may not be mandated by law, the cost may be infinitely higher to implement,
revise and rebuild after a privacy breach.
How does this
apply to researchers?
of a Chief Privacy Officer, but it’s both an imperative and an opportunity for
require a lecture on the ethical collection and use of data or the sanctity of
trust’without it, we have no respondents’but as you well know, research today
is neither confined to direct response methodologies nor gathered exclusively
from opt-in panels and communities.
entity in a company engaged in the collection of consumer data, its sole repository or the arbiter
of its use.
of privacy ethics in most organizations today. And given the stakes, this
represents an unacceptable risk.
involved in privacy discussions outside departmental walls and to have a hand
not just in crafting policy and protocol, but to make the case to management for
building a company-wide culture that understands and respects consumer privacy.
about privacy engineering. Privacy oversight will need to cover marketing,
R&D, sales, etc.
This is a chance for research to assert influence over all of a
company’s present and future consumer information assets. It’s a natural fit.
ABOUT THE AUTHOR
Marc Dresner is IIR USA’s sr. editor and special communication project lead. He is the former executive editor of Research Business Report, a confidential newsletter for the marketing research and consumer insights industry. He may be reached at firstname.lastname@example.org. Follow him @mdrezz.