Sharing Stewart Room’s Privacy insights with his authorisation. Stewart Room is Partner at PwC UK.
Top reasons to cherish concepts of privacy:
👤 Discovery and development: we need a private place to develop and grow, to experiment and to find out who we are.
👤 Happiness: our relationships with one another require a private place to kindle, to sustain, for love.
👤 Sanctuary: a private place is a refuge from persecution, intolerance, abuse and harm.
👤 Disagreement, dissent: sometimes people need to resist or fight back against dictators, demagogues and dystopian potentials, for which privacy is essential.
👤 Trust in tech: amazing tech innovations have the capacity to change the world for the good, but not without privacy trust and confidence.
👤 Consumer protection: personal data fuels business and public services, but its our data, not theirs, so privacy rules protect us from abusive practices.
👤 Reputation: respecting privacy enhances reputations, from policing, to the workplace, to online activities and everything in between.
👤 Business purpose: creating and sustaining economic value for the long term can’t be divorced from the need to respect privacy.
👤 Our values: privacy is a fundamental right in a democratic society, upon which everything stands or falls, so it’s a differentiator between what we value and what we would dread to become.
Top reasons why Data_Protection programmes fail to deliver:
😔 Purpose: if an organisation doesn’t understand why a good approach to DP is integral to its purpose, how can we expect good outcomes?
😔 Tone from the top: leadership is everything, but if the Board won’t lead on DP, what’s there to follow?
😔 Skills: DP needs a multi-disciplinary team to deliver, so if key skills are lacking, problems will embed.
😔 Silos: silos mean behavioural, virtual and physical barriers standing in the way of DP success.
😔 Vision: yes, DP is a legal topic, but in the real world it needs more than a legalistic vision.
😔 Narrow and shallow transformation: DP needs to be delivered in all layers of the organisation, covering paper, people, tech and data, so change needs to be broad and deep.
😔 Technology Reference Architecture: a comprehensive approach needs a TRA, so if you haven’t got one, don’t be surprised by DP failure.
😔 Special Characteristics: buying off the peg is ok at times, but DP needs ‘made to measure’ solutions, knowing the factors that make your organisation unique.
😔 Adverse Scrutiny: DP needs to survive adversity, so ignoring your risks is a recipe for disaster.
😔 People: the main concern of DP is people and if you forget that, you’ve got nothing.
Top things that make #privacy professionals sigh:
🤦♂️ New oil: sorry, personal data isn’t oil, or some other kind of commodity that can be owned then exploited and until you understand that, you just won’t understand anything about privacy, period.
🤦♀️ GDPR is done: GDPR has barely started, so get real and stick with the programme, because there’s a 50 year history here and its not going away. 🤦♂️ Privacy activists are a pain: if they are, then power to them, because they do a good job and we need them.
🤦♀️ X owns privacy: no, everyone owns privacy. 🤦♂️ Decades of experience: really, tell us about it.
🤦♀️ Security or privacy: a false dichotomy, a mantra for a surveillance society or police state. 🤦♂️ Security is privacy: nope, still wrong, keep trying.
🤦♀️ They’re jumping on the bandwagon: hey, this is a community and everyone is welcome, so lend them a hand. 🤦♂️ Consent is best: yes, consent is important, but it’s not the only route to lawfulness and certainly not the best or appropriate route in all circumstances.
🤦♀️ Leading privacy expert: it’s not yours to claim, but for others to think. 🤦♂️ Privacy stymies innovation and competitiveness: ok, prove it.
🤦♀️ We need fines: we don’t, we need a change of mindset.
BECAUSE PRIVACY MATTERS