Cavoukian Q&A: ‘Privacy by design’ restores control to consumers
By Byron Acohido, ThirdCertainty
Thanks to Edward Snowden, online privacy has become a hot button issue for many U.S. citizens. Snowden showed how the National Security Agency routinely taps into online tracking data to spy on individuals.
Of course the NSA would not have this capability if it were not for the relentless online tracking of commercial companies. In support of advertising profits, Google, Facebook, LinkedIn and others treat consumers’ online privacy as if it’s a valuable resource free for the taking, no permission needed.
But there is a bold new approach to essentially retrofit online privacy onto Internet commerce as we’ve come to know it. It’s called Privacy by Design and its champion is Dr. Ann Cavoukian, the former three-term Privacy Commission for Ontario, Canada.
ThirdCertainty asked Cavoukian, now Executive Director of Ryerson University’s Institute for Privacy and Big Data, to break down Privacy of Design.
3C: You’ve said Edward Snowden was a pivot point for how Americans view online privacy. How so?
Cavoukian: There was a lot of concern for privacy pre-Snowden, but the Snowden revelation just ramped up those concerns. The distrust of the public grew dramatically because they weren’t aware of the massive scale of surveillance. And they also weren’t aware of how the private companies were complicit in working with the government and giving out their information.
3C: So some companies are now open to changing that paradigm?
Cavoukian: In the past year and a half, I have been approached by both public and private sector companies and members of the public saying ‘What can we do to protect our privacy? What can we do to protect our customers’ privacy?’ They’re really concerned. There’s a payoff to be gained in protecting customer privacy, embedding privacy right from the beginning, in whatever you’re doing — into your programs and operations and business practices.
3C: You’ve said respecting privacy can breed innovation. Please explain.
Cavoukian: Privacy totally breeds innovation. People think, ‘Oh Big Data is here now, say goodbye to privacy.’ Somehow they think you can’t have both. That’s nonsense. Of course you can do both, but you have to be smart about it. You have to creative. We have dozens of examples of how this works right now.
3C: For example?
Cavoukian: Bering Media is a company that allows targeted ads to be delivered to particular socioeconomic levels without invading privacy. They get the information from the company and deliver it to the desired targets, but there is no connection. It’s called a double blind system of data architecture, such that neither party knows where the information is going and how it is being used. The individual’s personal information is totally protected from the companies.
3C: Does this then tilt control of privacy back towards the consumer?
Cavoukian: If the people getting the ads don’t want to receive them, they can always opt out. This double blind architecture enables both the companies to win and consumers to win in terms of having their privacy protected.
3C: And the companies win how?
Cavoukian: When you do build in privacy by design, bake it in, you don’t stay quiet about it, you shout it from the rooftops, you tell your customers, ‘We go to great lengths to protect your privacy–here are the measures we’re taking to ensure that privacy is assured. I want you to be comfortable that your privacy is assured with our company.’ It’s all about the customer, ‘We respect your privacy and we have some other opportunities that if you give us your consent, we will allow you to get these additional features. The choice is entirely yours.’
3C: Consumers will respond to that?
Cavoukian: When you put it that way, people don’t feel coerced or that they’re getting stuff they don’t want. They make an active decision because privacy is all about personal control, freedom of choice, freedom to say, ‘Yes I wanted to get that information,’ or ‘I don’t want that.’ It’s talking to your customers, telling them that the default is privacy assurance. This builds loyalty on the part of your customers, it keeps their business and it also attracts new opportunities because they tell their friends, they’re family. It’s a win-win proposition.
More on emerging privacy concerns