Doing the right thing? – Data Responsibility
We have come a long way from the launch of the data protection directive to the era of the GDPR. However, I still bump into narrow and one-sided views on data protection. In my mind good privacy practice is more than just confidentiality and it all goes beyond data security, not forgetting the rights of the individuals.
Although it might be just fine to go for the compliance and doing the minimum to avoid regulatory sanctions, the forerunners go further. The three pillars of corporate responsibility or sustainability are economic, social and environment. It is simply put about meeting the needs of the present without compromising the ability of future generations to meet theirs. Personal data e.g. customer data falls into economic and social pillars as privacy is a fundamental human right. In most cases you have data component to it whatever you do. Privacy is a part of the overall business responsibility. The stakeholders are not just current and prospective customers, but also employees when attracting, retaining and motivating talents and investors. It all comes to trust. Privacy is about trust and it is intertwined with corporate and brand ethics.
The compliance is the first step on this journey, of course. Some of the requirements of responsible data use are based on law. However, it is also important how you do it and how you engage your customers but also the like-minded suppliers and other co-operation partners along the way. Now it is a good time to assess whether privacy is embedded in what your company or organization do. It will come more and more important to pay attention to also data equality and minimization of bias. Algorithms are just opinions embedded in code. Those are not objective, but optimized to some definition of a success, a goal. These things need to be taking into consideration whether we talk about data analytics, machine learning or AI. We must be transparent and ensure that there isn’t unintended bias built in it.
Do you know what privacy does mean to your customers and employees? Could privacy be something more than just a compliance function in your organization?