Cavoukian Q&A: ‘Privacy by design’ restores control to consumers

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Thanks to Edward Snow­den, online pri­va­cy has become a hot but­ton issue for many U.S. cit­i­zens.  Snow­den showed how the Nation­al Secu­ri­ty Agency rou­tine­ly taps into online track­ing data to spy on individuals.

Of course the NSA would not have this capa­bil­i­ty if it were not for the relent­less online track­ing of com­mer­cial com­pa­nies. In sup­port of adver­tis­ing prof­its, Google, Face­book, LinkedIn and oth­ers treat con­sumers’ online pri­va­cy as if it’s a valu­able resource free for the tak­ing, no per­mis­sion needed.

More: Pro­tect­ing your dig­i­tal foot­print in the post pri­va­cy era

But there is a bold new approach to essen­tial­ly retro­fit online pri­va­cy onto Inter­net com­merce as we’ve come to know it. It’s called Pri­va­cy by Design and its cham­pi­on is Dr. Ann Cavoukian, the for­mer three-term Pri­va­cy Com­mis­sion for Ontario, Canada.

Third­Cer­tain­ty asked Cavoukian, now Exec­u­tive Direc­tor of Ryer­son University’s Insti­tute for Pri­va­cy and Big Data, to break down Pri­va­cy of Design.

3C: You’ve said Edward Snow­den was a piv­ot point for how Amer­i­cans view online pri­va­cy. How so?

Cavoukian: There was a lot of con­cern for pri­va­cy pre-Snow­den, but the Snow­den rev­e­la­tion just ramped up those con­cerns. The dis­trust of the pub­lic grew dra­mat­i­cal­ly because they weren’t aware of the mas­sive scale of sur­veil­lance. And they also weren’t aware of how the pri­vate com­pa­nies were com­plic­it in work­ing with the gov­ern­ment and giv­ing out their information.

3C: So some com­pa­nies are now open to chang­ing that paradigm?

Cavoukian: In the past year and a half, I have been approached by both pub­lic and pri­vate sec­tor com­pa­nies and mem­bers of the pub­lic say­ing ‘What can we do to pro­tect our pri­va­cy? What can we do to pro­tect our cus­tomers’ pri­va­cy?’ They’re real­ly con­cerned. There’s a pay­off to be gained in pro­tect­ing cus­tomer pri­va­cy, embed­ding pri­va­cy right from the begin­ning, in what­ev­er you’re doing — into your pro­grams and oper­a­tions and busi­ness practices.

3C: You’ve said respect­ing pri­va­cy can breed inno­va­tion. Please explain.

Cavoukian: Pri­va­cy total­ly breeds inno­va­tion. Peo­ple think, ‘Oh Big Data is here now, say good­bye to pri­va­cy.’ Some­how they think you can’t have both. That’s non­sense. Of course you can do both, but you have to be smart about it. You have to cre­ative. We have dozens of exam­ples of how this works right now.

Dr. Ann Cavoukian
Dr. Ann Cavoukian

3C: For example?

Cavoukian: Bering Media is a com­pa­ny that allows tar­get­ed ads to be deliv­ered to par­tic­u­lar socioe­co­nom­ic lev­els with­out invad­ing pri­va­cy. They get the infor­ma­tion from the com­pa­ny and deliv­er it to the desired tar­gets, but there is no con­nec­tion. It’s called a dou­ble blind sys­tem of data archi­tec­ture, such that nei­ther par­ty knows where the infor­ma­tion is going and how it is being used. The individual’s per­son­al infor­ma­tion is total­ly pro­tect­ed from the companies.

3C: Does this then tilt con­trol of pri­va­cy back towards the consumer?

Cavoukian: If the peo­ple get­ting the ads don’t want to receive them, they can always opt out. This dou­ble blind archi­tec­ture enables both the com­pa­nies to win and con­sumers to win in terms of hav­ing their pri­va­cy protected.

3C:  And the com­pa­nies win how?

Cavoukian: When you do build in pri­va­cy by design, bake it in, you don’t stay qui­et about it, you shout it from the rooftops, you tell your cus­tomers, ‘We go to great lengths to pro­tect your privacy–here are the mea­sures we’re tak­ing to ensure that pri­va­cy is assured. I want you to be com­fort­able that your pri­va­cy is assured with our com­pa­ny.’ It’s all about the cus­tomer, ‘We respect your pri­va­cy and we have some oth­er oppor­tu­ni­ties that if you give us your con­sent, we will allow you to get these addi­tion­al fea­tures. The choice is entire­ly yours.’

3C: Con­sumers will respond to that?

Cavoukian: When you put it that way, peo­ple don’t feel coerced or that they’re get­ting stuff they don’t want. They make an active deci­sion because pri­va­cy is all about per­son­al con­trol, free­dom of choice, free­dom to say, ‘Yes I want­ed to get that infor­ma­tion,’ or ‘I don’t want that.’ It’s talk­ing to your cus­tomers, telling them that the default is pri­va­cy assur­ance. This builds loy­al­ty on the part of your cus­tomers, it keeps their busi­ness and it also attracts new oppor­tu­ni­ties because they tell their friends, they’re fam­i­ly. It’s a win-win proposition.

More on emerg­ing pri­va­cy concerns

Ver­i­zon begins track­ing cell phone users for advertisers

Mys­tery shrouds con­sumer pri­va­cy invasion