International conference draws attention to growing data protection needs
Callum Corr, data analytics specialist at ZL Technologies, recently attended the 40th International Conference of Data Protection and Privacy Commissioners in Brussels. Information Management connected with him to gauge his thoughts on the conference, along with his insights on where the US is heading with data privacy measures and how it will impact data professionals.
Information Management: What are your key takeaways stemming from the 40th International Conference of Data Protection and Privacy Commissioners in Brussels this year?
Callum Corr: This year’s conference in Brussels was the first event I attended that placed a huge emphasis on data ethics. The purpose of this conference was to bring together professionals who have been dealing with GDPR, from several industries. But the typical topics of how to comply, amendments to the text and industry best practices all took an unprecedented back seat to a full-fledged ethics discussion. It’s evident that we are at a pivotal time for technology.
Technology has thrived in the regulation-free wild west, where innovation hasn’t been hindered by compliance. However, data professionals are increasingly becoming more concerned with the compliance aspect. C-Suite executives of arguably the three largest tech companies in the world, Apple, Facebook and Google, all made strong promises that things are going to change. However, there wasn’t a suggestion that we were just heading in a new direction, there was a clear admission that what had happened in the past was no longer acceptable.
For me, the biggest takeaway was that Tim Cook, Erin Egan and Sundar Pichai, all gave their full support to a federal data privacy law in the United States. This public declaration of support was a step in the right direction from the perspective of most in the audience.
IM: At the conference, Apple’s CEO, Tim Cook, voiced his thoughts on the need for federal data privacy regulations in the United States, similar to GDPR. Do you agree with him?
Corr: I fully agree with Tim Cook’s commentary and I thought it was interesting that he made the effort to be at the conference in person, whereas executives from other GAMFA organizations attended virtually. Tim Cook said he felt the US needed a law that ensured personal data is minimized, the consumer has a right to knowledge, a right to access and a right to security. Once you comprehend that the data being discussed belongs to the individual, rather than the organization, these rights become extremely logical and almost a fundamental human right. Tim even went as far as saying, “anything less would be a sham”.
Personal data belongs to the individual. Like anything else we own, our consent should be sought before it can be used, it’s as simple as that. What I am keen for is Tim Cook and his peers to allow a law to be written that is independent and fair. We need to ensure this law isn’t unfairly biased to the juggernauts of the industry and still allows start-ups and innovation to enjoy the success they have for the past two decades.
Governance is a good thing, if it isn’t crippling for organizations trying to get off the ground. It is important to remember where all the large tech companies started, since other organizations also deserve that opportunity to succeed.
IM: What do you think will be the biggest challenge for information management professionals in 2019?
I believe that keeping up with current legislation and political changes around the world will continue to be the biggest challenge next year. Whether we receive a US Federal Data Privacy Law or not, just keeping up with the wealth of new regulations and understanding what they mean in the context of each organization will be a huge challenge.
Since so many organizations are conducting business overseas at a minimal cost, it means that laws like the GDPR, DPA 2018, Argentina Data Protection Laws, Brazilian Data Protection Laws, Convention 108 and Brexit all must be considered, when monitoring the flow of international data within the organization. It is difficult to understand what these laws mean, but more importantly what changes must take place in order to be compliance. Buy-in from the entire organization is necessary and if an organization doesn’t have an information governance program in place, it’s a very important place to get started.
IM: As we near the end of 2018, what are your predictions for the data privacy landscape in the United States?
Corr: I think it’s glaringly obvious that we are heading towards a more regulated industry with regards to technology and data than ever before. The CBI, a European outfit, conducts an annual survey of consumer opinion. A consistent question is ‘what would be the number one factor to make you stop conducting business with an organization?’ For the last two years the most popular answer to that question has been ‘mishandling of my personal data’. While the EU is ahead of the curve with regards to public opinion on data privacy, I think the US will start to catch up in 2019.
This public pressure following hacks and misuse of data by large scale organizations is really going to force the hand of both organizations and regulators. The California Consumer Privacy Act and Tim Cook’s speech is a starting point, but I think we will see a wealth of data privacy regulations brought to the forefront of discussion, if not implementation, in 2019.