Category Archives: Data Ethics

The Data Use Imperatives – Effective Data Protection Governance

We are on a cusp of many dramatically new ways to think about data and data use that will increasingly place pressure on public policy models and organisational governance. This overall challenge was introduced in our blog last month and is the cornerstone of The Information Accountability Foundation (IAF) work on an Effective Data Protection Governance (EDPG) approach that responds to the complexities of today’s information flows and use. What does this cusp look like?

To illustrate, I found Gartner’s Top 10 Strategic Technology Trends for 2017 striking in a number of ways. First, when contrasted to the same forward looking view less than two years ago, the number of “data related” technology trends are vast. Second, what this means is the cusp of data and data use scenarios is about to undergo a steep vertical climb. By extension, this means today’s challenges will amplify and extenuate other nascent challenges. For example, the role consent plays when data and data use are beyond the understanding of the individual highlights the challenges relating to transparency and individual engagement or participation in these much more complex information systems, especially where the number of participants, types and uses of data are growing quickly. This puts increasing pressure on organisations to develop much more robust governance approaches to data and data use.

An IAF supporter, PricewaterhouseCoopers (PWC)[1] has just released ground breaking work on this governance need and what organisations have to build. The first paper in a two-part series relates to evolving “Data Use Governance” as a means of enabling organisations to fully capitalise on the value of data while managing the many risks. The second part, ”Responsibly Leveraging Data in the Marketplace”, outlines many of the leading best practices around the maturity model shown in the first paper that in effect are the key ingredients to a more advanced governance approach. This data use cusp means data governance structures increasingly have to be aligned with a more integrated approach to a defined, organisational, digital strategy. This strategy needs to address and encompass more evolved ways to address individual engagement as a means of building participation and trust. As the Gartner Trend report highlights, “Every organisation will have some mix of five digital technology platforms: information systems, customer experience, analytics and intelligence, the Internet of Things and business ecosystems…Companies should identify how industry platforms will evolve and plan ways to evolve their platforms to meet the challenges of digital business.”

The related pressure this data use cusp will continue to create is external. As Giovanni Buttarelli, the European Data Protection Supervisor, often says, “data should serve people.” Regulatory models should evolve to assure people, in all of their diverse roles, are served by these complex data systems. As regulators and policy makers grapple with this data use trajectory, there will be tension to respond, particularly considering the “trust deficit” covered in a recent IAF blog as well as an increasing realisation these new data uses cannot fit as well into the regulatory models that exist today.

Two things are clear with this trend. A multi-faceted approach is required to create trusted information ecosystems where all stakeholders can both benefit and be protected. The work PWC is doing creates more advanced data governance models organisation will adopt. At the other end of this continuum, the work the IAF is doing to design an Effective Data Protection Governance approach contributes to the evolving public policy.

[1] In addition to Peter Cullen’s role with the IAF, he also serves as an advisor to PWC as their Privacy Innovation Strategist.

Big Data Ecosystem, Fairness and Enforcement

Big data has become an increasingly scary phrase for all stakeholders in data protection. For privacy advocates, it often means loss of control, asymmetrical power and hidden discrimination. For regulators, it often means regulatory round pegs in operational holes of different sizes, in constantly moving locations, with mismatches that begin with vocabulary. For companies, it… Continue Reading

IAF Holds Brainstorming Event on Ethics, Created Data, AI and Accountability

On 13 September, IAF held its Annual Brainstorming Meeting. HP Inc. hosted the event. This year’s sessions focused on ethics and data protection, created data and accountability, and artificial intelligence and governance. Below are documents related to the meeting and photos of the event. Meeting Documents Brainstorming Session Agenda Session Attendee List Background Reading IAF… Continue Reading

Crosley: Make Privacy Great Again

On August 18, 2016, IAPP Privacy Perspectives published an article by IAF Senior Strategist Stan Crosley. The article has been reposted in its entirety below. Crosley: Make Privacy Great Again Presidential campaigns. The Olympics. Game of Thrones. I’ve been reading and viewing a lot lately: newspapers (it is Indiana, we still have paper), documentaries, blogs,… Continue Reading