Data in 21st Century: Data is a precious thing and will last longer than the systems themselves. Data is serendipity, so you don’t know what people will make out of it. In today’s world data is wealth, emotion and behavior. However, for common people data is still a myth.
Data Privacy: On Jan 4, 2021 in the middle of devastating COVID19 pandemic suddenly “Data Privacy” became very important topic after @WhatsApp announced change in its privacy Policy. WhatsApp’s 1.2 BN users, apparently 17% of world’s population suddenly now interested in understanding data privacy and interpret it in any possible way. Though most people agree on the importance of data privacy, and everyone is agreed that data protection is at the heart of ensuring privacy, the definition of “data privacy” itself is notoriously complex.
Data States: Due to data always resides in these 3 different categories, none of the global laws define precisely what they mean by “data privacy”. Since every piece of legislation is different, trying to define exactly what is meant by “privacy” can be extremely difficult to add data privacy and security policy, procedures, controls, identity, ownership and accountability of access protocol in individual data category. In today’s digital world data can be categorized as
- Data at Rest
- Data in Transit
- Data in Execution
Data Economy: Irrespective of state of data it’s criticality, importance and data economy is at upmost precedence. Today’s world economy is changing, more adoption of digital platforms allowing enterprises to capture consumers and their behavioral data, “this is rise of the data economy”. Companies find enormous value in collecting, sharing and using data for enhanced user experience.
“Data is one of the most important assets a company has”
However, transparency in data privacy policies decree how businesses request consent, abide by their privacy policies, and manage the data that they’ve collected is vital to building trust and accountability with customers and partners who expect privacy. Unlike any other regulations or laws, common citizen and corporate enterprise are heavily depending on government guidance. However, in many cases most of these laws act like framework to suggest a number of best practices and spell out the rights of consumers and businesses with many flaws in it.
With data collection, ‘the sooner the better’ is always the best answer: Hence, new innovative data privacy and security approach needs to be defined, adopt and practice by consumers, businesses and government in more collaborative way.
Consumer / User:
- Apps on Devices: Consumer can regulate their usage by installing only essential apps on devices to limit / prevent unwanted data collection from devices
- Location Services: Approve and monitor the location and share data services only for required digital platforms, as data consumers audit them frequently
- Consent: Carefully read a consent for all required apps which demand your critical or behavior data collection or share policies
- Change in User Behavior: Please stop “Next-Next-Done” behavior while installing or using any digital platform/asset, spend some time on what you accept
Government / Regulatory Agencies:
- Data collection license: Government should introduce “Data collection license” and registration number for all existing / new companies
- License Registration: Companies need to provide detailed information to regulators on user or consumer data collection, system algorithm, technology workflow & business model, etc.
- Consent with Registration Number: In every privacy consent, data collection license or registration number is mandatory, so consumer or user can reference / cross check authenticity of the data collection with government database
- Data Re-usability: Introduce Strict laws about re-usability of the consumer data, this will prevent re-use of the data and eventually collection of data
- Data Centric Audits: Rather than conducting standard regulatory audits, change auditing in business model data centric audits
Enterprise / Business / Corporations:
- Data collection: Strictly collect only business essential and required data approved by regulator in data collection license
- Data is liability: Develop a culture within business and technology teams to improve the awareness that “data is liability”, so collect it carefully
- Consent Pages: Please stop showing multiple pages legal language consent on website to forcefully agree users, instead introduce a video or summary in user understandable language
- Transparency and Trust: Ensure user and regulators are notified on re-usability of the data to improve the transparency and trust.
You can have data without information, but you cannot have information without data. Data will forever be in rest, transit and execution traveling from one form of system to another, one source to another……!
About Author:
Sachin Ohal is seasoned and accomplished global information technology leader with 2 decades consistent track record of professional excellence in enterprise technology leadership, product management, Cyber Security, CxO Advisory, and Digital Transformation. He has worked at Fortune 500 leading firms. This article is also posted via Linkedin.