In today’s digital world, we have an incredible opportunity to finally solve some of the world’s most intractable problems, using connectivity to pool ideas and resources across time zones and geographies, and to fuel innovative ideas and solutions. And yet, even as connectivity bridges divides, it leaves one big issue in place: data. For the fact is, society’s digital adoption outpaces its understanding of who should own the data that digital creates, who should be able to use it, and to what end.
It’s a fact that every consumer product and most consumer habits today generate personal data. By 2020, 20 billion connected devices will exist, all producing data streams and information. And business models are continuing to emerge related to this data explosion, where consumers, in effect, pay for free services by handing over their data. And it is the processing and analysis of this data that has the potential to solve some of our biggest problems – making Cities safer, safeguarding water supplies, optimizing food production, improving energy usage and much more. The question is, if these opportunities and efficiency gains are to be realized, what is the role of Government, industry and society in protecting, sharing, and analyzing data. It’s also a fact that today, only a handful of people across the entire will globe know how much personal data they generate, who has access to it, or how it gets used.
The explosion of data and the emergence of the digital economy and society, has also seen the growing risks around cybersecurity. Recurrent cybersecurity incidents threaten to overshadow the immense positive power of big data. When personal information is stolen to order and shared publicly, individuals are rightly upset. But even the safest database has the potential to be compromised – so is it the fault of individuals for handing their data over in the first place? Or the responsibility of business, Government and NGOs who request this data to ensure their systems can defeat the cyber thieves?
My colleague, Tom Dailey, discussed data privacy in detail in a post a few years ago – and I would suggest that the position today is not widely different. Data privacy remains a key topic of discussion for individuals, business and policy-makers around the globe, and will only be more so as the digital world slowly infiltrates every area of our lives.
The importance of privacy
Verizon has long been a strong proponent of privacy and the protection of personal data. We established a privacy-by-design approach to product development many years ago; and privacy and security are right at the heart of Verizon’s compliance model and culture.
Today, as we enter the Fourth Industrial Revolution, data has shifted into new locations, and its value has transformed. For many organizations, customer value today resides in how individuals use apps and consume content. Privacy and security are essential to build trust and confidence in the digital economy to enable stakeholders to fully benefit from it. From a policy standpoint the question is not whether but how best to regulate privacy and security
When it comes to privacy Europe today has two major privacy regimes in place: the current ePrivacy Directive under review, and the recently adopted General Data Protection Regulation (GDPR). The GDPR, specifically developed to address the protection of personal data in a digital world, applies to all technologies and sectors. So, while not perfect, it represents a largely harmonized level playing field approach to the protection of personal data across the EU at all levels of the economy (digital or not). The ePrivacy Directive, dating back to 1997 however, targets mainly telecommunications providers. Is this dual regulatory regime the most appropriate approach to address the issues at stake? A key question for decision-makers is how to balance the rights of the individual against the corporation’s need to compete and innovate.
One of the more remarkable outcomes of the digital revolution has been the ability of Internet companies to monetize data. They benefit from an individual deciding to trade-off handing over their personal information in exchange for services like content search tools or social media platforms. The real question is, shouldn’t the GDPR itself be robust enough to meet the challenges of the online world through a technology neutral approach? And of course, another reason to regulate technology horizontally is that businesses change, business models change. Such an approach would provide the necessary flexibility to adapt to such a dynamic environment. Look at where some of the best known Internet companies around today started, and where they are now. And think of all the formerly ‘major’ players that today simply no longer exist.
The point is that if markets, industries and players all change, it only makes sense for regulation and regulatory models to change as well. Regulation based on sector-specific rules just can’t keep up.
So what do we suggest? The key question should be to consider the economic value and pertinence of data today, rather than regulating for historical reasons. Strong privacy protection today has to be built around regulatory simplicity, predictability and harmonization for the benefit of all stakeholders. A focused effort to harmonize laws – through horizontal regulation that doesn’t single out particular parts of the increasingly interconnected, converged digital economy – and to simplify rules and obligations, will go a long way to creating a regulatory environment fit for the digital age.
I’m looking forward to the discussions at the Xynteo Exchange this week. What’s clear is that all stakeholders need to be able to move forwards to build the opportunities the digital economy offers today, rather than those offered a generation ago.
For related media inquiries, please contact firstname.lastname@example.org