We need to add secure connectivity for our first-party data strategy After decades of working in the consumer data industry, I became convinced that sharing Personally Identifiable Information (PII)...
We have been seeing a steady flow of developments in the legal rights of consumers to information privacy from governments across the globe. While the European Union has made significant strides with its robust GDPR regulations, we’re now witnessing a surge of impactful changes emanating from California and Australia. These developments have prompted numerous businesses to express genuine apprehension about the evolving data usage regulations.
The perception of the problem is that any advance towards protecting consumer identity will bring doom to any data-driven business function. This isn’t true.
Protected data can still be actionable, and cutting down on the leaks, breaches, and propagation of an individual’s personal information is a worthy endeavor and a sensible expectation of the public at large.
Picture a bank offering safety deposit boxes to customers within its vault. To make it easier for bank personnel to locate your box, they label the front of the lockbox with your name and address for all to see. Additionally, since they often have difficulty finding a customer’s key, they leave each of the locker keys inserted into the locks, so no time is wasted searching for the key. Yes, these approaches to security make things easier for the bank, but it is not a reasonable exchange for the negative effects to the customer’s security.
Striking a Balance: Privacy and Data Utility
In the realm of Big Data, your identifying information is like the key; it can link specific information with anything else associated with you. Keeping your personal information stored in an unprotected, accessible manner (akin to the name written on the front of the lockbox) because it simplifies linking isn’t a balanced arrangement with the risk to the consumer’s or patient’s privacy. Instead, a business should manage those risks with the proper and appropriate controls even if it requires a bit of one-time re-engineering.
The wrongness of trafficking people’s personal identity has left a mark on me, and I have spent the last decade actively developing solutions that can provide a sustainable approach that can replace the status quo. The goal is not to work around the problem. The mission is to build a technology that is very easy to use yet redacts all the personal information in the process.
Technology can handle the challenges of identity protection.
It’s time to rework the use of identifying data to balance useability and protection. Claiming that enhancements to privacy rights helps individuals but damages businesses is only valid if the business isn’t willing to “lock the boxes.” Modern cryptography brings the protection that, quite frankly, should have been in place prior to emerging privacy legislation.
Fix the data protection practices and both businesses and individuals can win.