Saturday, 2 June 2018

Privacy is not dead

The implementation of the European Union’s General Data Protection Regulation has raised the profile of where our data exists and how our data is used.  This has led to many discussions on the concept of privacy, and for many to declare that privacy is dead.

It’s true to say that our data is far more freely available than it has ever been.  The advent of social media created a willingness, even a desire, for people to share their activities, their thoughts, their feelings.  Facebook changed the concept of friendship – The average Facebook user has around 350 “friends” who they share their lives with.

Whilst our data has been made available via public registers – the electoral roll, telephone directories and all – the digitisation of this information onto the internet brought convenience and searchability for anyone wanting to find out information about us.  Our sharing of information via social media added depth and meaning to our data.

With so much information about our lives available and easily accessible, it is surely fair to assume that privacy is dead.  My assertion is that privacy isn’t dead, it’s just misunderstood.

Given that I gave social media is a cause, I’ll provide balance by using it as to why privacy still matters.  When the world’s largest data business, Google, tried to move into social media they understood privacy.  Their implementation was based on the fact that we have circles of privacy.  The idea that I share different information about me with different circles of people.  The Venn diagram of privacy where context is key.

Within GDPR, the processing of sensitive personal data contains a derogation for personal data which are manifestly made public by the data subject.  This doesn’t mean that because the data has been made available it is a free-for-all for whoever wishes to use it.  We have to consider the context for which it has been made available.

When we consider privacy, this shouldn’t be on the basis of what information is available, or where it exists.  We need to look at privacy from the perspective of the user.  If I shared what I got up to on the weekend with my immediate family circle I haven’t given away my right to privacy.  This information, whilst maybe more accessible and more public than at any time in history, doesn’t make it any less private.  Privacy wasn’t dead when the first phone book was published, so why should it be now?

The new paradigm for privacy is looking at information hidden in plain sight; protected by context.  This may mean that we have to consider how we authenticate and verify our customers.  Knowledge based challenges are worthless where the information is available to fraudsters who don’t operate by the same rules of privacy.  The value of static data for this purpose has diminished.

When we understand this new paradigm, we can design for it.  Understanding enables us to better authenticate and verify our users.  It allows us to put users back in control of their data.  It allows us to innovate around how users can earn value from their data.

Privacy isn’t dead; it’s just misunderstood.

Read my other posts
Let's get physical - how to get fit for the digital era by leveraging the offline world
Trust me, I know a shortcut - Digital identity is hard.  Take shortcuts at your own risk
The rise of synthetic identity - Fraudsters are playing the long game, we need to think ahead
Just in Case - From early adoption to maturity
I have control - Can we truly own our identity
Tipping the balance - Getting the right balance between security and user experience
You don't know what you're doing Poor security practices are putting users at risk 
I didn't say you could touch me - Biometric authentication and identity
You don't need to tell me - Impacts of the EU General Data Protection Regulations
Coming together on being alone - The need for a clear government digital strategy
I'm not the person I used to be - Authentication for real world identities
Distributed Identity has no clothes - Will distributed ledger technology solve identity
Bring Your Own Downfall - Why we should embrace federated identity
Unblocking Digital Identity - Identity on the Blockchain as the next big thing
Tick to Agree - Doing the right thing with customer's data
The Kids Are All Right - Convenient authentication: the minimum standard for the younger generation
The ridiculous mouse - Why identity assurance must be a rewarding experience for users
Big Brother's Protection - How Big Brother can protect our privacy
I don't know who I am anymore - How to prove your identity online
Three Little Words - What it means for your business to be agile
Defining the Business Analyst - Better job descriptions for Business Analysis
Unexpected Customer Behaviour -  The role of self-service in your customer service strategy
Rip it up and start again - The successful Business Transformation
Too Big To Fail - Keeping the heart of your business alive
The upstarts at the startups - How startups are changing big business 
One Small Step - The practice of greatness
In pursuit of mediocrity - Why performance management systems drive mediocrity
Privacy is not dead - Understanding the new paradigm of privacy

About me

Bryn Robinson-Morgan is an independent Business Consultant with interests in Identity Assurance, Agile Organisational Design and Customer Centric Architecture.  Bryn over 20 years experience working with some of the United Kingdom's leading brands and largest organisations.

Follow Bryn on Twitter: @No1_BA

Connect with Bryn on Linked In: Bryn Robinson-Morgan

No comments:

Post a Comment