December 19, 2013
As 2013 comes to a close, it's clear to me that much of the rhetoric about privacy's death was not only premature but downright wrong. Just in this past week, there have been several events that point to how very alive and critically important the topic of privacy is:
- The US Senate Committee on Commerce, Science, and Transportation released a report (in advance of a public hearing) about the practices of the data brokerage industry, and how they impact consumers. The report claims that "data brokers operate behind a veil of secrecy, subject to limited statutory consumer protections." This certainly portends the possibility of new legislation being introduced by the committee in 2014.
- US District Court Judge Richard Leon ruled that the bulk collection of millions of Americans' call records likely violates the Fourth Amendment of the Constitution. While conflating surveillance with marketing privacy is a dangerous thing, I suspect that this ruling will draw further attention to the volume, scale, and methods of data collection, irrespective of who's doing the collecting.
- The Washington Post revealed that the NSA had, in fact, been able to piggyback onto at least one particular commercial industry cookie. The agency uses the cookie to identify individuals in order to "enable remote exploitation." This revelation blurred the line between behavioral tracking and surveillance tools that many privacy researchers (yours truly included) used to draw.
- Meanwhile, in the UK, the BBC reports that the Information Commissioner's Office has issued new guidance to mobile app developers regarding the collection and use of personal data. In addition to the need for clear notifications about data access, it encourages developers to go further by providing granular permissions options for specific types of data.
- And finally, on a lighter note, Dictionary.com named "privacy" its Word of the Year. (The Washington Post cheekily pointed out that, ironically, the site's landing page sets 90 cookies on visitors' browsers.)
I'd like to say that we knew this would be a week full of privacy news when we scheduled the publication of our report, "The New Privacy: It's All About Context," but alas, I don't have that kind of foresight! Still, it's fortuitous timing, and I hope that you'll take some time to read the research. Here's why:
- Privacy isn't dead, it just needs redefining. In an era of ubiquitous smartphones and sensors, privacy is not only possible, it's essential for building trust, the foundational currency of social, mobile, and local services. Consumers are willing to share data when it provides them with real value and when they have a choice about its collection and use. In other words, the "new privacy" is all about context, and we define "contextual privacy" as a business practice in which the collection and use of personal data is consensual, within a mutually agreed upon context, for a mutually agreed upon purpose.
- Privacy will be a market differentiator. Although most of the rhetoric around privacy focuses on risk and fear, we think there's another reason to do privacy better, too: opportunity. We're betting that a vocal, powerful, desirable cohort of consumers will demand "contextual privacy" just as they did cruelty-free cosmetics and hormone-free dairy products. Companies that ignore the signs today will be scampering to improve their privacy practices long after their competition has already won the trust and wallet share of these consumers.
I encourage you to read the report today; it lays out a framework for implementing contextual privacy, with practical steps for improving your organization's overall privacy practices. Because, as the privacy wars really heat up, wouldn't you rather be on the side of your customers?
As always, we look forward to your comments and questions. Post them below, or join the conversation on Twitter, where I can be found at @fatemehx2.