True Personal Data Innovation? The Market is Ripe.

Happy Data Privacy Day!

People’s Personal Data Needs and Desires Are (Surprise!) Personal

I finally did it – moved from a tiny condo to a huge house. And now I have smart home use cases that I resisted mightily before, being what researcher Alan Westin called a “privacy fundamentalist”, a strong believer in privacy and personal data protection.

It’s a big place, so running around turning off lights every night can now take serious time and mileage. Why not add Alexa-enabled lighting scenes? And we’re now in a neighborhood that anyone can drive into, along with doors and windows pre-wired for smart security. Why not use a smart door lock and camera? My personal data preferences have just changed big-time.

However, I’m also on the cusp of leaving Facebook entirely for, well, obvious reasons. (Anyone else?)

Here’s the thing: I’m not just a “privacy fundamentalist”; I’m also a “privacy pragmatic” in Westin’s terminology. When it comes to some situations and personal data, I see the pro/con tradeoffs in sharp relief. And when it comes to still others, I’m simply “privacy unconcerned”, what you might call a TMI person. Pretty much all of us are a mix, and the lines can move around over time.

Consumers Have Been Changing Their Privacy Behavior

Here’s some hard evidence that, in the modern era, consumers are willing to take action about privacy situations they don’t like.

Across the EU, the GDPR is enabling people to record complaints in greater numbers about personal data handling problems by data controllers. France’s data protection agency CNIL received 64% more individual complaints in the first few months since May 25th this year (the GDPR enforcement date) than the same period last year. In the UK, the Information Commissioner’s Office received more than two and a half times as many complaints.

Or look at the 50% growth rate of privacy-protective – and profitable – search engine DuckDuckGo. Less than a year after reaching twenty million daily searches, it recently announced it hit thirty million searches. The company recently took in ten million dollars in venture funding. And I see threads like this one on Twitter about how to live in a more privacy-protective way all the time lately (great advice there, by the way). People are growing ever more privacy-aware and once again taking control where they can.

US Regulation May Be Coming, But Innovation Is Always Your Responsibility

Serving customers the way they want to be served must include convenience, value, and earning their trust around personal data. The fact that people feel differently about different data at different times is one of the factors that makes it so hard for businesses to solve privacy challenges and manage consent. That’s on top of what businesses are made to do by the text of regulations alone, such as the GDPR, California’s new Consumer Privacy Act, and Colorado’s recently toughened-up Consumer Data Protection Act. But it opens up opportunities.

Yes, the drumbeat for US federal privacy legislation in 2019 is getting pretty loud. The latest in a string of recent data protection bills is Sen. Marco Rubio’s, called the American Data Dissemination Act. And Apple’s Tim Cook has kept up the pressure with his latest op-ed calling for comprehensive privacy reform that puts consumers in control. But as Cook acknowledges, legislation is only part of the equation; innovation is unquestionably another.

The most exciting work I’m involved in these days around personal data right now is happening in the area of delegation of access. It’s partly driven by regulation but partly also driven by practical needs, for example to help healthcare patients direct data sharing to family members, care providers, and others. The Internet of Things has an impact because of the rise of fitness wearables and the data they generate. Without an innovative mindset, it’s impossible to make progress in solving these challenges.

Think of it this way: In the same way that digital transformation isn’t solely a technical exercise but mainly a business innovation pivot, rethinking privacy and consent should not solely be a compliance exercise. Businesses have new opportunities to present data sharing deals to the individuals who interact with their brand. Even as the regulatory landscape changes, the consumer landscape is also changing. So the question becomes: How to strengthen those deals?

Who Is Eve Maler?

Who’s Eve? Well, she is definitely no stranger to the identity industry having worked with companies like Forrester Research, PayPal, and Sun Microsystems over the last 17-plus years. Today she kicks it as the VP of Innovation and Emerging Technology at ForgeRock, tasked with driving privacy and consent innovation in the Office of the CTO. In true ForgeRock fashion, she enjoys singing bluesy-funky rock 'n' roll in her free time. You might catch her on stage once in a while!

Recent Posts:

Augment Your Legacy IAM

Have you ever run into a situation where you know exactly what you have to do to solve the problem but can’t do it?

Modernize IAM for Government: A Real World Example

I recently had the chance to do a podcast with my friend and colleague Tommy Cathey, ForgeRock RVP of Public Sector. Tommy and I have worked together for years, and I am thrilled that he is bringing his deep public sector knowledge to ForgeRock (and this podcast).

How to Compare Digital Identity Providers for CIAM

Comparing and selecting digital identity providers for CIAM (customer identity and access management) is a daunting task. With the fast-paced nature of business and technology today, you need to ensure that you’re not only able to meet all your current requirements, but those to come.