In a survey we published in September, 80% of statisticians agreed that there should be an ethical framework in place for collecting and using data. In today's guest post, Dr. Ann Cavoukian, the Information and Privacy Commissioner of Ontario, Canada, describes Privacy by Design: an international standard for privacy protection.
by Dr. Ann Cavoukian
Big Privacy is Privacy by Design writ large. It is the application of the 7 Foundational Principles of Privacy by Design, not only to individual organizations, applications, or contexts, but to entire networks, value chains, and ecosystems, especially those that produce and use Big Data — without diminishing system functionality. Big Privacy empowers the individual and enables continuous Big Data innovations!
The goal of Big Privacy is the systemic protection of personal data and user control by data subjects over how it is collected and used. User control is an embodiment of “informational self-determination”— a right enshrined in the German Constitution, relating to an individual’s ability to determine the fate of his or her personal information.
While on the surface, Big Data and privacy may appear to be mutually exclusive, this represents a dated, zero-sum paradigm where it is believed that unnecessary trade-offs are made, between what turn out to be, false dichotomies, such as privacy vs. innovation. We must change the paradigm to a positive-sum model in which privacy and innovation become a doubly-enabling, “win-win” proposition for both consumers and businesses! This means that it is possible to assure individuals that their privacy is being respected because the network, value chain, and/or ecosystem producing and processing Big Data has implemented Privacy by Design, at a system-wide level. Big Data and Big Privacy may both be achieved in tandem.
Privacy by Design has been adopted as an international standard for privacy protection in 2010 and has been translated into 33 languages – becoming a true global venture. The Federal Trade Commission recommended PbD as a governing principle for all companies who collect personal data. I encourage you to take a look at the extensive work that my office has done in the field of Big Data and privacy: “Privacy by Design in the Age of Big Data and Big Privacy,” “Big Privacy: Bridging Big Data and the Personal Data Ecosystem Through Privacy by Design” “Privacy by Design in the Age of Big Data”.
By embedding Privacy by Design into new technical specifications, architectures, and systems, you will avoid the unintended consequences of increased data collection, and worst case scenario, Privacy by Disaster!