EU Privacy protection – Hint of the Century
Upcoming EU Privacy legislation has potential high impact to both public and public sector operators and especially digital services including web shops. This is no news to many, who have dwelled into the topic a bit deeper than the mere surface. Under the surface one starts to understand the complexity that “simple” requirement like the e-client’s or e-citizen’s Right to be forgotten.
Not many operators are mature enough in their information architecture (where everywhere the data under privacy’s scope resides) and agile in rapid process development to easily establish transparent, repeatable and low-cost daily-routine processes to answer to subject’s will to remove all personal data on her from all systems and operations. And last but not least – being able to prove that this has really been successfully carried out.
I desire not to present gloomy judgement day talks on the topic with prophesies how damn hard it’s going to be. Rather, trying my best to present ideas and solutions on how to best to tackle the legislation requirements.
One of the hints I gave, speaking at a Privacy -conference arranged by Prague Security Studies Institute (thanks guys for the invitation!) was the principle of data minimization. It’s not a silver bullet, not even sterling silver one, but I do see a possibility to make the upcoming job much easier, if one gives a moment or two to really think about the data minimization.
What I mean with data minimization is a simple question: “what is the minimum subject’s personal data, which we need to run our services (e.g. sell a product)?” Although it sounds obvious that one should consider to only process the data absolutely minimum (I call this minimum viable information (MVI)), it is not – not, what I have had the discussions with businesses, the privacy professionals and lawyers. The less you have to protect (data) the easier to efficiently protect it, yes? And should the worst happen, the less you leak data the easier the mess’s clean- up job is.
Many service providers do not really need much of the “dangerous” data, actually. Web shops with no customer loyalty plans and dreams of customer profiling (remember, you need subject’s specific permission to do that!) should be able to survive with rather a small set of data. If they are really smart, they can anonymize the data after the transaction (e.g. for warranty/claim purposes), and perhaps move it to a non-connected data storage for retention needs.
Think about it – give it a try and perhaps you’ll be rather positively surprised! I’ve seen many have been. The whole thing does not seem so impossible after all – and it’s to keep in mind what Mandela said: It ALWAYS seems impossible – until it’s DONE!