Privacy will grow from being about compliance to a set of behaviors that businesses and individuals must embrace.
The debate around privacy and its importance has really come to the fore through social media – once you could be anonymous on the Internet. Now everything you do on the Internet is tracked, recorded, monitored and detailed. Whole industries have grown up around Internet usage, such as ad tech, which is a phenomenon of the Internet. We have seen social media literally bringing privacy from the backroom to the boardroom because of the huge increase in data usage and potential breaches, fines and risks to reputations and trust. No one can miss the current debate around the use of personal data in relation to the Facebook and Cambridge Analytica issue.
The surge of data
When you look at the world of privacy and how regulations have evolved over time, it’s important to look at some bare facts about data. Every second we create new data. In fact, more data has been created in the past two years than in the entire previous history of the human race. Staggering! For statisticians, it is worth noting that by 2020, 1.7 megabytes of new information will be created every second for every person on the planet. Furthermore, our digital universe of data will grow from 4.4 zettabytes today to around 44 zettabytes (or 44 trillion gigabytes).
While this is driven by the use of social media, increasingly under the spotlight, it is also the accessibility and ownership of communications devices and the sharing or transferring of technology that has seen huge growth. By 2020, there will be over 6.1 billion smart phone users globally and within 5 years, 50 billion devices all developed to collect, analyze and share data.
We are reminded almost every day of the risks that poorly handled and treated data can bring. While social media takes its share of the blame, it is the legacy of an unruly and unwieldy regulatory backdrop (often referred to as the “Wild West”) from where problems have stemmed. Regulation was badly needed, whether in the form of the General Data Protection Regulation (GDPR, the largest change in personal data regulation for over 20 years) or other regulations and laws around the world, and the big data players must evolve fast to reflect this better.
This is the beginning and not the end, and privacy will grow from merely being about compliance to a set of behaviors that businesses and individuals must embrace and reflect in all they do.
Regulation while ensuring business can prosper
The real challenge for businesses is to develop trust with your customers and engage responsibly in legitimate uses of data. There is a data revolution which means we must embrace data usage while respectfully taking care of it.
What we find is that legislation tends to be reactive rather than forward looking, often focused on fixing things in the past, rather than paving the way for the future, and thereby failing to create a suitable environment for business to flourish. There are also significant cultural differences when one looks at the approaches to data privacy around the world. In the US, for example, the transaction value of data is a very strong theme, whereas in the EU, it’s more about privacy and data, with personal data seen as a fundamental human right. This creates a lot of tension – particularly in the context of cross-border data flows, around different cultural value mechanisms, what privacy means, and how it interacts with business. Asia, again, has a very different cultural perspective on privacy from both the EU and the US.
At Thomson Reuters, we launched a program last year called Privacy Matters, principally to prepare our business, our customers and our people for the introduction of the GDPR. It is, however, so much more than this; what the GDPR does is draw a line in the sand for everyone to take privacy seriously, build it in to everyday practices and design, or face serious fines and penalties in terms of reputation. After May 25, GDPR is business as usual, and privacy becomes the new normal.
For us here at Thomson Reuters, data privacy is fundamental to our business and for our customers. Data drives our products and services, and we pride ourselves on providing answers to our customers throughout the world on our many products. We rely on the trust that our customers place in us and we work hard to earn this.
So, what happens after May 2018? Well, the GDPR is really an indication that, post-May 25, it is business as usual for us and that privacy remains a focus for us as an organization. We will continue to embed the right behaviors across the organization, including ensuring that Privacy by Design and Default is central to our development efforts when we look to new products, applications and services. What is important is that privacy continues to play an increasingly important part in our lives, both at home and at work and that, together with security and ethics, is a behavior that is inherent in our personal and corporate DNA.
For additional content concerning the use of personal data in the digital age, be sure to explore the rest of our multimedia series: A new dawn for data privacy and transparency.