Deborah Evans, Associate Chief Privacy Officer, Rogers.
In the run-up to International Privacy Day on January 28, I wanted to reflect on what has changed in the field of privacy since I began working in the area over 15 years ago. The starting point for me when I think about privacy ‘then’ and ‘now’ is how the legislation has evolved, closely followed by consumer behaviour, rounded off by how organisations have had to adapt.
The Law: the foundation of our Privacy Requirements.
Privacy laws have not changed significantly over the years. The main challenge with the legislation is that it was designed before smartphones and social media. While the law is black and white, when it comes to keeping pace with technology, there is a lot of gray. For example the difference between what is ‘public’ versus what is publicly available. The legislation speaks to publicly available information, but just because someone’s social media profile is publicly available, it does not mean that the information can be used by businesses. This is an ongoing balancing act when providing guidance on privacy matters, especially in the context of people who willingly make their private lives public.
Does Privacy still exist?
More interesting than legislation is how younger generations approach privacy. There is a large swath of millennials who seem ambivalent about their privacy. This won’t come as a surprise to anyone who has observed the ‘coming of age’ of the millennial generation and their reliance on smartphones.
The risks related to not caring about privacy have not really been prioritised as a public policy issue. There is now a generation of people who have willingly traded away their privacy for access to free services. While having a public social media profile may seem insignificant, when you layer on other aspects of this laissez-faire approach, there is more reason to be alarmed. In some jurisdictions, if you have any aspiration to be accepted into a certain college, get a job, or secure a loan you should care. Likewise, if you do not want your identity defrauded, you should also care, a lot. Any victim of identity theft will attest to the nuisance of having someone clone them, it is costly, invasive and criminal.
The Rise of the Advocate
Another notable consumer trend is the increase in ‘advocates’. This group is well versed in knowing their rights when it comes to disclosing personal information. Advocates are not afraid to voice their concerns about how/why personal information is collected. This group exists in stark contrast to Millennial. Advocates are important, their probing makes governments and corporations accountable. They help strengthen the overall privacy landscape.
The Role of the Privacy Office
Organiations have had to respond to these changes in consumer behaviour. In the last decade, the role of the Privacy Office has evolved from being an add-on job title to playing an intrinsic part of organisations. Fifteen years ago if you asked someone what they thought constituted great customer service, it is unlikely that the response would have been, “a strong privacy policy”. The notion of striving for excellent customer service is not new but ensuring customers personal information and data is properly managed and secured is now an integral part of customer service. No company can claim to have a superior customer service strategy if they haven’t considered where privacy fits as part of that. This is central to the work of the Privacy Office here at Rogers.
This walk down privacy memory lane really demonstrates how the privacy profession has come of age, where we have excelled and where we can continue to focus our efforts to ensure more privacy awareness and best practice.