Privacy Insights by Stewart Room
Sharing Stewart Room’s Privacy insights with his authorisation. Stewart Room is Partner at PwC UK.
Top reasons to cherish concepts of privacy:
? Discovery and development: we need a private place to develop and grow, to experiment and to find out who we are.
? Happiness: our relationships with one another require a private place to kindle, to sustain, for love.
? Sanctuary: a private place is a refuge from persecution, intolerance, abuse and harm.
? Disagreement, dissent: sometimes people need to resist or fight back against dictators, demagogues and dystopian potentials, for which privacy is essential.
? Trust in tech: amazing tech innovations have the capacity to change the world for the good, but not without privacy trust and confidence.
? Consumer protection: personal data fuels business and public services, but its our data, not theirs, so privacy rules protect us from abusive practices.
? Reputation: respecting privacy enhances reputations, from policing, to the workplace, to online activities and everything in between.
? Business purpose: creating and sustaining economic value for the long term can’t be divorced from the need to respect privacy.
? Our values: privacy is a fundamental right in a democratic society, upon which everything stands or falls, so it’s a differentiator between what we value and what we would dread to become.
Top reasons why Data_Protection programmes fail to deliver:
? Purpose: if an organisation doesn’t understand why a good approach to DP is integral to its purpose, how can we expect good outcomes?
? Tone from the top: leadership is everything, but if the Board won’t lead on DP, what’s there to follow?
? Skills: DP needs a multi-disciplinary team to deliver, so if key skills are lacking, problems will embed.
? Silos: silos mean behavioural, virtual and physical barriers standing in the way of DP success.
? Vision: yes, DP is a legal topic, but in the real world it needs more than a legalistic vision.
? Narrow and shallow transformation: DP needs to be delivered in all layers of the organisation, covering paper, people, tech and data, so change needs to be broad and deep.
? Technology Reference Architecture: a comprehensive approach needs a TRA, so if you haven’t got one, don’t be surprised by DP failure.
? Special Characteristics: buying off the peg is ok at times, but DP needs ‘made to measure’ solutions, knowing the factors that make your organisation unique.
? Adverse Scrutiny: DP needs to survive adversity, so ignoring your risks is a recipe for disaster.
? People: the main concern of DP is people and if you forget that, you’ve got nothing.
Top things that make #privacy professionals sigh:
?♂️ New oil: sorry, personal data isn’t oil, or some other kind of commodity that can be owned then exploited and until you understand that, you just won’t understand anything about privacy, period.
?♀️ GDPR is done: GDPR has barely started, so get real and stick with the programme, because there’s a 50 year history here and its not going away. ?♂️ Privacy activists are a pain: if they are, then power to them, because they do a good job and we need them.
?♀️ X owns privacy: no, everyone owns privacy. ?♂️ Decades of experience: really, tell us about it.
?♀️ Security or privacy: a false dichotomy, a mantra for a surveillance society or police state. ?♂️ Security is privacy: nope, still wrong, keep trying.
?♀️ They’re jumping on the bandwagon: hey, this is a community and everyone is welcome, so lend them a hand. ?♂️ Consent is best: yes, consent is important, but it’s not the only route to lawfulness and certainly not the best or appropriate route in all circumstances.
?♀️ Leading privacy expert: it’s not yours to claim, but for others to think. ?♂️ Privacy stymies innovation and competitiveness: ok, prove it.
?♀️ We need fines: we don’t, we need a change of mindset.
BECAUSE PRIVACY MATTERS