This is Part II of a two-part series that explores the rise of Privacy by Design (PbD) from the basic framework, to its inclusion in the GDPR, to its application in business practices and infrastructure especially in the wake of Artificial Intelligence. Please read Part I: Will Privacy First Be the New Normal? We had the pleasure of sitting down with Dr. Ann Cavoukian, former 3-Term Privacy Commissioner of Ontario, and currently Distinguished Expert-in-Residence, leading the Privacy by Design Centre of Excellence at Ryerson University in Toronto, Canada to discuss this massive shift that will upend current business practices. We’ve also sought responses from top execs from AI start-ups, and enterprise to address the current hurdles and future business implications of Privacy by Design. This article includes contributions from Scott Bennet, a colleague researching privacy and GDPR implications on emerging technology and current business practices.
People will have Full Transparency… Full Control... Anytime
Since the passing of Privacy by Design (PbD) as an international standard in 2010 to complement privacy regulation, PbD has been translated into 40 languages. The approach has been modified to include the premise that efforts to ensure individual privacy can be achieved, while developing consumer trust and improved revenue opportunities for business within a Positive Sum paradigm. Cavoukian is convinced this is the practical way forward for business:
We can have privacy and meet business interests, security and public safety … it can’t be an either/or proposition. I think it’s the best way to proceed, in a positive-sum, win/win manner, thereby enabling all parties to gain.
Privacy by Design's Foundational Principles include:
- Proactive not Reactive: preventive not remedial
- Privacy as the default setting
- Privacy embedded into design
- Full functionality: positive sum, not zero-sum
- End-to-end security: full lifecycle protection
- Visibility and transparency: keep it open
- Respect for user privacy: keep it user-centric
Cavoukian contends that Principle #2, Privacy by Default is critical and, of all the foundational principles, is the hardest one since it demands the most investment and effort: with explicit requirements that change how the data is collected, used and disclosed, and will result in data policy and process alterations including new user-centric privacy controls. Article 21 also states individuals have the “right to object” to processing of their personal information at any time. This includes for use in direct marketing and profiling:
- “The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject.”
The business must be more explicit and go much further, beyond the traditional disclosure and terms of service. Purpose specification and use limitation require organizations to be explicit about the information it requires, for what purpose, and must elicit consent specifically for that purpose and that purpose alone. Later on, if a secondary use transpires, the organization will require the user consent once again. If disclosure is key to transparency, businesses will need to find a way to do this while mitigating consent fatigue. Article 17 suggests a much stronger user right that belies current business practices: The Right to Erasure (“the right to be forgotten”)
- “The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay.”
While this statute will have exceptions like data that establishes the data subject as an entity: through health records and banking information, behaviour, transactions, future analysis in profiling, and contextual models are fair game for “the right to be forgotten.” The advent of the GDPR has provided business with a glimpse of the potential impacts where companies experienced customer record volumes drop an average of 20% for customers who did not explicitly opt-in. This is a truly user-centric system. Make no mistake, Privacy by Design will challenge current practices and upend current infrastructures.
This privacy UI simulation (IBM: Journey to Compliance) displays how potential user controls will work in real time and the extent to which the user can grant consent based on different contexts. This level of user access will require a data repository to purge user information, but must be configured with the flexibility to redeploy the data into systems down the road, should the user decide to revert.
Can Privacy by Design Create a Positive-Sum Existence for Business?
We have prepared for the past 18 months to ensure we meet the requirements of the GDPR. We have made our policies clearer, our privacy settings easier to find and introduced better tools for people to access, download, and delete their information. In the run up to GDPR we asked people to review key privacy information which was written in plain language, as well as make choices on three important topics. Our approach complies with the law, follows recommendations from privacy and design experts, and is designed to help people understand how the technology works and their choices.
Cavoukian pointed to a study by IBM with the Ponemon Institute that brought awareness to the cost of data breaches: It reports that the global average cost of a data breach is up 6.4 percent over the previous year to $3.86 million per incident. On a per record basis, the average cost for each record lost rose by 4.8% to $148. As Cavoukian points out, these costs will continue to rise if you maintain Personally Identifiable Information (PII) at rest. The PbD solution requires a full end-to-end solution which includes both privacy and security:
- IT systems;
- accountable business practices; and
- networked infrastructure.
How Do You Address the Advertisers Who Successfully Monetize Data Today?
What do you say to advertisers and publishing platforms who play in this $560 billion industry? We can’t stop progress. The more data out there, the more demand from willing buyers to extract meaning from it. On the other hand, given the fallout from Facebook, some advertisers have been grey or blacklisted from advertising on the platform because of questionable practices or content. The platform changes have also significantly curbed ad reach opportunities for current advertisers. This domino effect is now compounded with mandates from GDPR to garner explicit consent and create greater transparency of data use. Ann Cavoukian said this:
The value of data is enormous. I’m sorry but advertising companies can’t assume they can do anything they want with people’s data anymore. I sympathize with them. I really do; their business model will change dramatically. And that is hard to take so I genuinely feel bad for them. But my advice is: that business model is dying so you have to find a way to transform this so you involve your customers, engage them in a consensual model where benefits will accrue to customers as well. Context is key. Give individuals the choice to control their information and gain their consent to exchange it for something they value from you.
Mary Meeker’s “Paradox of Privacy” points to the consumer’s increasing demand for products and services that are faster, easy, convenient and affordable. This requires systems that can leverage personal information to make this a reality for the consumer. Increased customization is the expectation but brings with it increased business risk. As long as current business practices persist, according to Cavoukian, it leaves their business vulnerable to, as we’ve witnessed, incessant data breaches and cyber attacks. Equifax and Target are two cases in point. Communication with the data subject needs to be a win/win (positive sum). Can the business provide the necessary value, while respecting the choices dictated by the individual? When AI becomes more pervasive this will become even more challenging as streaming data will require more real-time interfaces and applications that allow access and individual configuration of data types across various contexts and vertical uses. I asked a few executives from various data start-ups and from established enterprise businesses, who have had considerable business to consumer experience from advertising to social technology to network platforms, to weigh in on the privacy debate: Josh Sutton, CEO of Agorai, was also former Global Head for Data and AI at Publicis.Sapient. In an advertising industry which drives hundreds of millions in revenue, the quest to build consumer relevance comes at a cost. This proliferates as more companies look to artificial intelligence to drive precision:
Data is clearly one of the most valuable assets in the world today – especially with the growing importance of artificial intelligence (AI) which relies on massive amounts of data. Data privacy needs to be incorporated into the fabric of how these technologies work in order for society to get the most benefit from AI. To me, data privacy means having the ability to control when and why data that you own is used – not the ability to keep it secret which is a far easier task. For that to happen, there needs to be open and transparent marketplaces where people and companies can sell data that they create, as well as a consistent set of regulations for how companies can use data.
Dr. Nitin Mayande, PhD, Chief Scientist of Tellagence, and former Data Scientist at Nike concurs with Josh Sutton. Nitin had been studying social network behavior for years and understands the need to transform current approaches:
Sooner or later I envision a data marketplace – a supply side and a demand side. Today, companies leverage data at the user’s expense and monetize it. The end user does not experience any real economic benefit. Imagine a time when data becomes so valuable the individual can have full control and become the purveyor of his/her own information.
For Dana Toering, Chief Revenue Officer at Yroo and former Managing Director at Adobe Advertising Cloud, his career saw the emergence of ad platforms, which heavily relied on treasure troves of data to gain increasing granularity for ad targeting:
As an entire ecosystem I feel we are just now coming to terms with the evolution of value exchange that was established between end users and digital publishers and software developers starting in October 1994 when Hotwired.com ran the internet’s first banner ad. The monetization of audiences through advertising and wide-spread data harvesting of the same audiences in exchange for ‘free’ content or software has enabled the meteoric growth of the internet and the businesses that are built around it but has also enabled massive amounts of fraud and nefarious activity. Thankfully we are at a tipping point where corporations/brands and users alike are taking back data ownership and demanding transparency, as well as consent and accountability. Defining and managing the core tenets of this value exchange will become even more important (and complex) in the future with the rise of new technologies and associated tools. So the time is now to get it right so both businesses and users can benefit long term.
I have had curious discussions with Dr. Sukant Khurana, Scientist heading the Artificial Intelligence, Data Science, and Neurophysiology laboratory at CSIR-CDRI, India. As an entrepreneur also working on various disruptive projects, he had this to say, echoing the above sentiments:
The debate between privacy and security is a misleading one, as the kind and amount of data shared with private companies and the government need not and should not be the same. AI has been vilified in data privacy issues but the same technology (especially the upcoming metalearning approaches) can be used to ensure safety while preventing unwanted marketing and surveillance. If the monitoring tools (by design) were made incapable of reporting the data to authorities, unless there was a clear security threat, such situation would be like having nearly perfect privacy. It is technologically possible. Also, we need to merge privacy with profits, such that by and large, companies are not at odds with the regulatory authorities. This means there needs to be smarter media and social platforms, which present more choices for data sharing, choices that are acceptable between the end customer and the platforms.
Alfredo C. Tan, Industry Professor, DeGroote School of Business at McMaster University has extensive experience on B2C advertising platforms, and understands the need for fair exchange, baked in trust:
If there was better control and understanding of how personal data is being used, I believe people would be willing to be more open. The balance is ensuring there is a fair value exchange taking place. In exchange for my data, my experiences become better, if not in the present but in the future. And as long as this is a trusted relationship, and people understand the value exchange then people are open to sharing more and more information. I am happy that Facebook, Amazon, and other platforms are aware that I am a male between 35-45 with specific interests in travel and pets, but no interest in hockey or skateboarding. Or that based on certain movies I watch, Netflix makes recommendation on what other types of content I would be interested in to keep me more entertained. And maybe that data is used elsewhere, with my permission to make experiences better on other platforms. The battle for data in an increasingly competitive consumer landscape is to increase engagement using personalized insight they have gleaned about their customers to ultimately create better experiences. I am certain many people do not want to go back to the anonymous web where all of us are treated largely the same and there was no differentiation in the experience.
Everyone agrees the regression to anonymity is not plausible nor tenable.
Privacy, Security, Trust and Sustainability
This is the future and it’s critical that business and government develop a stance and embrace a different way of thinking. As AI becomes more pervasive, the black box of algorithms will mandate business to develop systems and policies to be vigilant against the potential harms. Cavoukian understands it’s an uphill battle:
When I have these conversations with CEOs, at first they think I’m anti-business and all I want to do is shut them down. It’s the farthest thing from my mind. You have to have businesses operating in a way that will attract customers AND keep their business models operating. That’s the view I think you should take. It has to be a win/win for all parties. Do you have a data map? I always start there. You need to map how the data flows throughout your organization and determine where you need additional consent. Follow the flow within your organization. This will identify any gaps that may need fixing. TRUST: it takes years to build… and days to lose…
Perhaps this is the view that companies should take. Ann Cavoukian maintains that those who have implemented PbD say it builds enormous trust. When you have a trusted business relationship with your customers, they’re happy to give you additional consent down the road. They just don’t want the information flowing out to third parties unknown.
I tell companies if you do PbD, shout it from the rooftops. Lead with it. Tell your customers the lengths you’re going to to protect their privacy, and the respect you have for them. They will thank you in so many ways. You’ll gain their continued loyalty, and you’ll attract new opportunity. I say to companies who see privacy as a negative, saying that it stifles creativity and innovation: ‘It’s the exact opposite: Privacy breeds innovation and prosperity, and it will give you a competitive advantage. It allows you to start with a base of trust, which steadily enhances the growth of your customers and their loyalty. Make it a win/win proposition!
Ann Cavoukian has recently launched Global Privacy and Security by Design: GPSbyDesign.org, an International Council on Global Privacy and Security. For more information on Ann Cavoukian, please go to Privacy by Design Centre of Excellence, at Ryerson University.