Data privacy is in the same position as cybersecurity five years ago

It has taken years for the technology and telecoms industry to take security seriously, and now we are at the beginning of the same story arc with privacy.

Jamie Davies

May 27, 2020

6 Min Read
Data privacy is in the same position as cybersecurity five years ago

It has taken years for the technology and telecoms industry to take security seriously, and now we are at the beginning of the same story arc with privacy.

The purpose of a story arc in popular culture is to take the character on a journey, agonising through challenges and failures, and up to success and lessons, ultimately concluding with some sort of resolution. There are seven different types, for example, a Cinderella story arc where the protagonist experiences a rise, then a fall, before a final rise, or an Icarus arc where there is simply a rise before an ultimate failure.

The security segment of the technology and telecoms world has gone through somewhat of a Rags to Riches story arc, with adequate protections being ignored for years before becoming a critical component of the technology landscape. That said, some would argue the arc has not been completed as there is still not enough investment.

Perhaps privacy is treading the same path as security, and it will have to battle moral dilemmas, successes and failures over numerous series before it is finally appreciated. The principles of privacy are certainly being ignored, massaged and bent sideways by private and public organisations today.

One question which might be raised is whether we need to reconsider the definitions of privacy for the new world; are we inappropriately judging digital privacy by the standards of the analogue era?

“In my view, there is currently no case for relaxing the privacy rules. There is a need to embed privacy considerations in design of technology,” said Joann O’Brien, VP of Digital Ecosystems at the TM Forum.

“In many cases architectural design/best practice and the embedding of the citizen at the centre of the design still needs to happen. When this happens, meeting privacy requirements becomes exponentially easier to achieve. In many cases relaxing any privacy policy due to impacts on innovation is really playing into the hands of lazy architectures and exploitative technologies.”

This sounds remarkably similar to the same rhetoric which was positioned around security technologies for years. Experts said security needs to be built into the products foundations, not simply an add-on. It does appear the same mistakes are being made with privacy.

One country which does seem to be taking the right approach to building contact tracing applications to combat COVID-19 is Switzerland. Using the decentralised approach, the app was built around the privacy foundations, with all sensitive operations taking place on the user’s device. Other countries should take note of this example championing privacy rights.

“TM Forum advocates for continuing and upholding the privacy rules as the long-term consequences of not doing so will have a negative impact on society and potentially run the risk of citizens losing trust in technology.”

While any reasonable person should not advocate the dilution of privacy rules, perhaps there is a case for reimagining them.

Should governments be able to ensure the same levels of protections and privacy are maintained, there is a case for rewriting rules to ensure they are fit for the digital society. After all, privacy rules as we know them today were written for a bygone era. It is like trying to fit a square peg through a round hole, it might fit if you try hard enough, but it is more suitable for another hole.

“The problem with the current system is it insists that every company asks for consent at a very granular level, which makes it impossible for people to read and understand what they are agreeing to,” said Ross Fobian, CEO of ResponseTap, a provider of intelligent call tracking software.

“It is also annoying because you are presented with messages on every website, but don’t have the time to really understand each one. This results in the user simply trying to get the box out of the way as quickly as possible. This means that generally people default to simply clicking the ‘I agree’ button, without understanding what they are agreeing to.”

The transfer of data to corporations can benefit both sides, however. Companies more intelligently and appropriately are able to target potential customers, while experience of products and services can be enhanced for the consumer.

“The problem is that some companies or even government entities don’t necessarily use your data just to help you,” said Fobian. “They use your data to manipulate you. Cambridge Analytica is a perfect example of this. Also, companies can get hacked and hackers can use that data in ways it was never intended. For this reason, at ResponseTap we don’t store personal data by default, which minimises the risk. However, this is not always possible.”

There are new privacy rules being created for this era, which are heading in the right direction according to Fobian. Telecoms.com readers generally agree with this statement also, with 32% believing privacy rules should be re-imagined for the digital era and 48% suggesting the user should be given more choice to create own privacy rights.

Privacy is a challenge today for several reasons, most of which can be directly linked back to corporations and governments ignoring its importance. In years gone, security was an add-on, despite what anyone told you, and the exact same position has been created for privacy today.

All these companies are telling us that they are pro-privacy, but eventually they will have to start showing us with actions which back up the rhetoric.

Telecoms.com Daily Poll:

Should Huawei be allowed to operate in the UK?

  • No, the company is a pawn of the Chinese Government (34%, 152 Votes)

  • No, its security credentials fall below expectations (31%, 137 Votes)

  • Yes, the UK Government should allow the telecoms industry to make informed decisions (18%, 81 Votes)

  • Yes, there is no evidence of wrong-doing (9%, 39 Votes)

  • Yes, but the High Risk vendors limit should be lower (3%, 15 Votes)

  • No, Open RAN is a suitable replacement to ensure competition (3%, 13 Votes)

  • The Supply Chain Review should be reconsidered (2%, 8 Votes)

Total Voters: 445

test new title

See more
Subscribe and receive the latest news from the industry.
Join 56,000+ members. Yes it's completely free.

You May Also Like