Privacy 2018: Reflections from a Privacy Professional
When we look back on watershed years for privacy issues, 2018 may be one for the ages. After more than a decade working towards the transformative potential of social media, the Internet and mobile devices, it seems we are finally beginning to wake to the real-world implications of such wide-reaching technology.
On one hand, 2018 was a year rife with privacy scandals, massive data breaches, congressional hearings about privacy and technology, and revelations about social media influence campaigns. On the other, we saw positive moves towards greater privacy protection and accountability with the California Consumer Privacy Act, proposed US federal legislation and the arrival of GDPR.
2018 undoubtedly led to greater awareness and public debate about privacy, data security and technology. In this post I share some thoughts on the downsides to the world we’ve woken to as well as the upsides.
In some senses, ignorance has been bliss when it comes to the privacy of our personal data. We’ve long assumed our privacy is protected by our government and commercial enterprises and our rights preserved, but understanding this is often not the case has intensified our anxiety. Many companies which may have kept privacy on the back burner now find themselves facing more scrutiny than ever. GDPR has elevated the sheer number of privacy issues to keep track of as well as the workload for those responsible for handling data and privacy. Compliance and security challenges are formidable, especially for those who have not yet recognized the value of integrating practices like Privacy by Design.
Then there’s the impact of the high-profile data breaches. The potential damage from the scope of data compromised and shared without our full knowledge and consent has yet to be fully realized. The economic and social toll from identity theft and unintended use of our data will ripple out for quite some time. A relatively small fraction of those affected by breaches are likely to act to protect themselves.
Finally, there’s the deeper issue of trust and the backlash against ad tech, social media and other companies – often termed ‘techlash’. One wonders if it’s possible to repair user confidence in technology and the companies offering online services. Rather than complete resignation to a social fabric without privacy, I suggest an open dialogue between customers, privacy advocates, government representatives and companies so we can collectively achieve the promise of technology without mindless or irresponsible collection and use of user data.
And yet there is light in the darkness. For privacy professionals like myself, it is gratifying to see privacy’s profile on the rise.
Five years ago, when I began writing The Privacy Guru blog, and certainly when I began my career as a privacy, it was far more difficult to articulate to people the nature of my work and the importance of advocating for privacy. We see privacy and data security as part of the zeitgeist, more interesting than ever and embraced in a wider way. And talk about job opportunity – there is more demand than ever for privacy professionals who care and want to treat data ethically and responsibly.
2018 is a tipping point. We see clearly how we may each participate meaningfully in the protection of privacy, by making mindful choices about our use of technology. Now is also the time to discuss smart, thoughtful regulation which balances customer and business interests. It’s a chance for privacy professionals to make a difference.
The right to privacy will be an ongoing project. Nothing will be solved easily in 2019, but I feel optimistic about the direction we’re choosing. Let’s build on the momentum from here in 2019 and beyond. Now is a great time to review and reaffirm your privacy practice for the new year.