Data protection day matters more than you think.

Today, trust is at an all time low. People are gaining more control of their data. They’re taking actions to protect their privacy and security. Global regulatory landscapes are becoming more progressive.

Because of this, many organisations are struggling. They’re actively searching for ways to competitively differentiate. Most aren’t doing a great job. In fact, recent moves like Facebook’s deceitful design patterns, have only eroded trust further.

Much of this is unacceptable. We can do better. A big part of this article is specifying how.

Specifically we will focus on:

1. The validated state of consumer distrust
2. A lack of organisational focus and thus investment in data protection and governance, along with the risks this creates
3. The pathway to a trusted digital ecosystem comprised of verifiably trustworthy information fiduciaries

If you’re already working in this space you’ll will recognise the challenges. If you’re not, it isn’t too late. This article will help you get started.

There’s an opportunity we’re all missing out on…

In 2012, The Boston Consulting Group estimated a trillion euros of new economic value could be unlocked in Europe if people had better control of their ‘digital identity’.

The opportunity is more nuanced. Billions of dollars per year are wasted on ads only seen by bots. Identity verification processes are inaccurate and costly. Organisations pay too much to acquire poor quality data. They make bad decisions based on the data they acquire. They further erode trust.

But it isn’t all doom and gloom.

Many organisations are taking a proactive stance. They’re collaborating with their customers. They’re embedding privacy and security into their technology stack. They’re re-thinking the purpose of their approach to data processing.

Many of these organisations envisage these steps will create a competitive advantage. They believe that with greater trust comes greater customer access. I agree.

Data Privacy and Data Protection Day

Privacy and data protection have never been as important as they are today. Snowden showed us surveillance and collusion runs deep. The Facebook and Cambridge Analytica events showed manipulation of public perception during elections. But, the GDPR, Consumer Data Right (AU) the California Consumer Privacy Act are all moving the needle. And days like today mark a clear intent to enact the change we all know is needed.

Collaborative efforts across the public and private sectors are growing. This is happening across jurisdictions and cultural boundaries. Data Protection Day in the EU, or Data Privacy Day in the US is one of them. (If you’re aware of the background of all this then skip to the next part below.)

In 2007 the Council of Europe formalised January 28 as European Data Protection Day. Two years later the US followed suit declaring January 28 National Data Privacy Day.

Although different terms get used the underlying sentiments are of a similar nature. Creating a world where a right to privacy is core to our principles, practices, policies and technologies.

Trust(worthiness) matters

Trust exists where verification doesn’t. We trust so we can act. In fact, trust has been the basis of human relationships for millennia. But that’s been written about before.

The real question; does trust in the digital economy mean the same thing it did to our ancestors? Do we need the same type of trust, or do our measures of trust and trustworthiness need to evolve?

Past generations placed their trust in institutions. Be that banks, insurance companies, governments, the medical profession or media outlets. But the way we trust is shifting. We’ve now moved to trusting a network of individuals. This is enabled through platforms like Airbnb, eBay, quora and stack-exchange.

At the heart of this exchange is our data. Yet data trust, the trust people place in organisations practices, is even lower than brand trust.

Everyday we hear of data breaches. We frequently learn of questionably ethical data processing activities. We experience design patterns that manipulate us into zero-sum choices. We witness contradictions in what gets said and what gets done. We are failing at data trust.

This matters because data trust is the new metric. Data is how we run our business. It’s how we get to know our customers. It’s how we communicate. It’s how we learn.

If we’re to maximise the value of data sharing activities for individuals, communities and society at large, we need to proactively design a high trust digital ecosystem.

The pathway towards a verifiably trustworthy digital ecosystem

Organisations globally are struggling. They’re searching for ways to competitively differentiate. Many desire to become more trustworthy, to practice strong data ethics and have the ability to prove it.

We believe organisations seek to become verifiably trustworthy information fiduciaries. Empirically we’re led to believe very few know how. This lack of directional clarity creates inertia. In fact, some of this is really bloody hard.

Even though this is the case, progress can be made by those that lead from the front. Here’s how;

1. Lead with strategy: Setting information strategy and managing information risks is a core competency for modern organisations. Yet information governance isn’t the entire picture. Organisations need to critically assess their current state. They need to project out into the future they want to be part of creating. They need to define the strategy, the tactics and the measurements that will enable them to progress toward their future state with clear visibility. We call this a Trust by Design Strategy.
2. Define your purpose, values and (data ethics) principles: Data Ethics, is a new branch of ethics studies. In essence, a data ethics framework defines the consistent process we execute to decide, document and verify how our data processing activities are socially preferable. Data Ethics define what we will and won’t do. They help hold us accountable. They help maintain alignment to customer outcomes. They increase the likelihood our conduct is positive. It’s our view that data ethics can be the difference between trustworthy services and trust hacks. This, as we’ve already discussed, matters now more than ever.
3. Make privacy the default setting: Strong data ethics will force this. Privacy and Security by Design principles will get you going. Embracing the practice of Privacy Engineering and actively experimenting with Privacy Enhancing Technologies will begin embedding privacy into your organisational culture and your customer-facing outputs.
4. Make it matter to your customers: So often customers loose. This may be the result of a manipulative design pattern. It may simply be because they’re poorly informed. By prioritising trustworthy experience design, organisations can increase customer comprehension, decrease time to comprehension and significantly increase people’s willingness to share data. This is Data Trust by Design.

What now?

This comes down to a question about our future. What type of world do you want your children to inherit?

Right now trust is at an all time low. We’re hindering the significant opportunities of data-enabled innovation. But we can be different. We can design an inherently trustworthy digital ecosystem. We can make data sharing valuable, meaningful and engaging for large groups of people all around the world.

To do this we need leaders in the public and private sectors to be courageous. We need faster action in smaller, more collaborative steps. We need verifiably trustworthy information fiduciaries.

Reach out to me if you’re interested in the how.