2018's turning point: Privacy

Regainig trust, gently but with authority.

GDPR rediscovers the forgotten concept of ethics and fair play.

There is a huge thirst for bringing back the strength of fairness to the equation, a move from a totalitarian corporate mindset to a trustworthy one. Here is why…and how ;)


Big Data ≈ Personal Data.

Understanding the significance of the GDPR directive triggers the notion of Data as a potential liability.

The majority and the fastest growing sets of Data held by any online store or platform are in fact made of Personal Data.

The birth of the “Epiphany of Personal Data

This Epiphany of Personal Data is triggered by the fact that Data does not belong to the company but to the user who created it.

Some additional realisations this Epiphany presents:

  • Personal Data is only temporarily Controlled or Processed for and in service of its owner.
  • Personal Data will eventually be deleted or ported.
  • This portability will eventually need to be facilitated (bi-directionally).

To put things in perspective, aiming for the so called 360° view of the customer (-that most digital transformators long for and that consists on heavy User Profiling-) turns into a intricate legal, technical and strategical challenge.

Also, GDPR states that Stores (as Personal Data Controllers) and Vendors (as Processors), must ensure, when Profiling that (-See Articles 4(4), 9, 22 and Recitals 71, 72-):

  • Processing is fair and transparent by providing meaningful information about the logic involved, as well as the significance and the envisaged consequences.
  • Use appropriate mathematical or statistical procedures for the profiling.
  • Implement appropriate technical and organisational measures to enable inaccuracies to be corrected and minimise the risk of errors.
  • Secure personal data in a way that is proportionate to the risk to the interests and rights of the individual and prevents discriminatory effects.
The sinking of the “Epiphany of Personal Data

The end of Data Secrecy.

Realising that most Data assets are in fact made of Personal Data also provokes new tactics, first by the big online players and secondly by everyone else in yet another imitative chain of “innovations”.

Online giants are already taking clear steps, trying to position themselves away from the dangerous perception of totalitarian companies that secretly capture data for hidden purposes and instead are rapidly presenting themselves as fair data players.

Here some of the initiatives that exemplify this shift:

  1. Amazon’s GDPR Center and Store’s Manage Browse History (where the user controls if Data is used or not to personalise).
  2. Zalando’s GDPR alliance in pursue of a single Personal Data point of access.
  3. Google’s Cloud & GDPR as well as initiatives like Google My Activity that set a trend of Personal Data inter-operability.

Underneath these initiatives there is a fundamental shift in how these giants deal with the individual; a new way to honesty, duty and trustworthiness for which GDPR will be recognised as a critical turning point.

Conclusions

  • One needs to think beyond compliance and into giving strong and continuous signs that tell your company is trustworthy.
  • Trustworthiness is transparency, vulnerability, openness, concentrating on ethics and duty; a set of values for which the considered opinion of Data being an asset will come to an end.