Striking a balance
With the potential to inspire business opportunities, unlock insights in advanced medical research, and uncover solutions for providing smarter public services, open data is at the forefront of today’s public discourse.
More and more, by analyzing personal data, open-data analytics can help uncover detailed consumer preferences and information gaps. So the question we’re all thinking is: Where does my privacy fit into this?
In an interview by data.world CPO & co-founder Jon Loyens, Andrea Glorioso, Counsellor for the Digital Economy at the Delegation of the European Union (EU) to the United States of America (USA), asserted that the underlying issue in the privacy and security debate is initial trust.
“People miss the fact that data, the correct use of data, the smart use of data, is of incredible value. If people don’t trust the technologies that are now on the market, they will simply not use them.”
This lack of initial trust stems from not only a misunderstanding of how the data is being used, but also from a fear of technologies that pose a threat to keeping private data anonymous. When businesses are able to hone the data through triangulation techniques like cross-referencing or cross-checking, anonymization is nearly impossible to attain, and the wall of personal protection our society values so much slips from our fingers.
According to Glorioso, the solution is to expand and enhance the conversations between the industries using personal data and their consumers. This will ultimately serve to create trust.
“Whether I have physical control over it or whether it’s out there, I should still have a certain degree of control on how the data is used. Who is going to use it? For which purposes will it be used? This is the area where I see there is a conversation to be had.”
Views on privacy and personal data in the EU vs. the USA
As a middle man between the EU and the USA, Glorioso has seen contrastingly different versions of the digital economy. While Europeans and Americans have a common understanding of the importance of consumer awareness and privacy, they differ in that Europeans talk more about personal protection.
“Privacy is about the fact that you have your private and personal space and you don’t want people to intrude into that. For Europeans, the concept of personal data is that data that relates to me is very intimately connected to me as a person.”
The EU outlines their data protection mandates in the recently updated General Data Protection Regulation (GDPR), one of the most lobbied pieces of legislation in the European Union according to Glorioso.
The GDPR’s requirements on personal data brought up many concerns from members of the scientific community who felt stifled by the legislation. However, Glorioso notes that this is not a binary issue, and that a balance must be found to protect personal privacy while still supporting scientific advancement.
“Once a piece of data becomes personal data, it’s not that you can’t use it anymore. It’s just that you need to make sure certain safeguards are in place. You need to grant the data subject a certain number of rights, including the right to know what you are doing with my data.”
The GDPR also hits on the point that the EU applies the same privacy rules to both data at rest and data in motion. ‘Data in motion’ means that the data is moving from its starting location to a distinct new end point, but nowadays, even if you have data at rest in the EU, it could hit servers 3 continents over before making the round trip back to being at rest in its original starting point.
Thus, effective data protection measures are critical for both data in motion and data at rest. According to Glorioso, from a legal standpoint, it doesn’t really matter for the legal system whether we are talking about data at rest or data in motion. If it is personal data of European citizens, the same rules apply.
“You cannot simply say that ‘I am processing data for European citizens or selling products to European citizens but I’m basing it in the US. So, you have no jurisdiction over me.’ No. You still are subject to our rules.”
A two-way street
Huge economic and societal opportunities are at stake if industries fail to educate consumers on their data usage and neglect to build long-term trust. In fact, the EU requires businesses to implement cookies on their websites that ensure they get consent from visitors to store or retrieve any user data. Consequently, consumers are made aware of how information about them is being used and collected.
Many companies see this directive as a hindrance to their bottom line and other downstream metrics like conversion and bounce rates.
“Some companies might be afraid that end users understand that their data actually has economic value. Services are not free. The currency is your data.”
As a response to companies with this stance, Glorioso argues the industry should show a little bit more creativity.
“If the position of the industry is ‘This may impact my bottom line,’ you’re telling me you don’t have enough skills and expertise and resources to come up with a smarter way to tell consumers how their data is being used.”
At the end of the day, this is a two-way street between consumers and corporations. Consumers need to be aware of what is actually possible to do with today’s technology, and industries should take steps to be more transparent on what is possible when it comes to using their consumers’ data.
Watch the full interview with Jon Loyens and Andrea Glorioso below.