SlideShare una empresa de Scribd logo

Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design

B
bradley_g

A presentation by Commissioner Cavoukian to the Canadian Institute Advertising and Marketing Law Conference on how Privacy by Design can give a sustainable competitive advantage in advertising and marketing.

Educación
1 de 35
Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing by Design Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada Canadian Institute Advertising and Marketing Law Conference January 23, 2013
Presentation Outline 1. We Need a Paradigm Shift 2. Positive-Sum, NOT Zero-Sum 3. Privacy by Design: The Gold Standard 4. Privacy in Advertising and Marketing 5. Why Privacy is Good for Business 6. Operationalizing Privacy by Design 7. Conclusions
We need to change the paradigm
Why We Need Privacy by Design Most privacy breaches remain undetected – as regulators, we only see the tip of the iceberg The majority of privacy breaches remain unchallenged, unregulated ... unknown Regulatory compliance alone, is unsustainable as the sole model for ensuring the future of privacy
The Future of Privacy Change the Paradigm to Positive-Sum, NOT Zero-Sum
Positive-Sum Model Change the paradigm from a zero-sum to a “positive-sum” model: Create a win-win scenario, not an either/or (vs.) involving unnecessary trade-offs and false dichotomies … replace the “vs.” with “and”
Privacy by Design: “Build It In” • I first developed the concept of “Privacy by Design” in the 90s, as a response to the growing threats to online privacy that were beginning to emerge; • “Privacy by Design” seeks to build in privacy – up front, right into the design specifications; into the architecture; embed privacy into the technology used – bake it in; • Data minimization is key: minimize the routine collection and use of personally identifiable information – use encrypted or coded information whenever possible; • Use privacy-enhancing technologies (PETs) plus where possible: give people maximum control over their own data.
The Decade of Privacy by Design
Adoption of “Privacy by Design” as an International Standard Landmark Resolution Passed to Preserve the Future of Privacy By Anna Ohlden – October 29th 2010 - http://www.science20.com/newswire/landmark_resolution_passed_preserve_future_privacy JERUSALEM, October 29, 2010 – A landmark Resolution by Ontario's Information and Privacy Commissioner, Dr. Ann Cavoukian, was approved by international Data Protection and Privacy Commissioners in Jerusalem today at their annual conference. The resolution recognizes Commissioner Cavoukian's concept of Privacy by Design - which ensures that privacy is embedded into new technologies and business practices, right from the outset - as an essential component of fundamental privacy protection. Full Article: http://www.science20.com/newswire/landmark_resolution_passed_preserve_future_privacy
Privacy by Design: The 7 Foundational Principles 1. Proactive not Reactive: Preventative, not Remedial; 2. Privacy as the Default setting; 3. Privacy Embedded into Design; 4. Full Functionality: Positive-Sum, not Zero-Sum; 5. End-to-End Security: Full Lifecycle Protection; 6. Visibility and Transparency: Keep it Open; 7. Respect for User Privacy: Keep it User-Centric. www.ipc.on.ca/images/Resources/7foundationalprinciples.pdf
Privacy by Design: Proactive in 29 Languages! 1.English 11.Chinese 21.Greek 2.French 12.Japanese 22.Macedonian 3.German 13.Arabic 23.Bulgarian 4.Spanish 14.Armenian 24.Croatian 5.Italian 15.Ukrainian 25.Polish 6.Czech 16.Korean 26.Turkish 7.Dutch 17.Russian 27.Malaysian 8.Estonian 18.Romanian 28.Indonesian 9.Hebrew 19.Portuguese 29.Lithuanian 10.Hindi 20.Maltese
Privacy in Advertising and Marketing
Personal Information Protection and Electronic Documents Act (PIPEDA) • Online behavioural advertising may be considered a reasonable purpose under PIPEDA; • PIPEDA requires an individual’s knowledge and consent for the collection, use, or disclosure of personal information; • PIPEDA also requires that the purposes for which an individual’s information is to be collected, used or disclosed be explained in a clear and transparent manner; • Any collection or use of an individual’s web browsing activity must be done with that person’s knowledge and consent.
Report from Advertising Standards Canada According to a report from Advertising Standards Canada: •89% agreed with the statement, “people share far too much personal information online these days;” •72% responded that they were worried about the erosion of personal privacy; •73% said they were aware that businesses were tracking people's activities on the Web in order to understand their interests. — Susan Krashinsky, Give consumers choice, control on personal data, advertisers urged; ASC recommending a four-step process for building trust, Globe and Mail, November 20, 2012. www.theglobeandmail.com/report-on-business/give-consumers-choice-control-on-personal-data-advertisers-urged/article5461959/
Consumers Favour Do Not Track (DNT) by Default “Seventy-five percent of the consumers we surveyed in the U.S. and Europe said they wanted DNT on, by default.” — Brad Smith Microsoft Executive Vice-President December, 2012. http://www.bloomberg.com/news/2012-12- 13/microsoft-rankles-advertisers-with-web-user- privacy-plan.html
Microsoft Internet Explorer 10 Do Not Track • June 2012 – Microsoft announced the Do Not Track option would be activated by default in Internet Explorer 10 on Windows 8, as part of its commitment to user privacy; • The Default Rules – research shows that whatever the default condition is, that is the one that will prevail; • Microsoft was criticized by advertising companies, who said Do Not Track must be a choice made by users and should not be automatically enabled – this despite the fact that they have been making the choice for users all along; • Companies have always made the choice for their users – the existing default is one of tracking/advertising; • Microsoft responded that users would prefer a browser that automatically respected their privacy – I totally agree – see my YouTube video here: http://www.youtube.com/watch?v=1OtV-sGu17U
Berkeley Center for Law and Technology Survey on Online Privacy • At the Amsterdam Privacy Conference in October, 2012, the Berkeley Center for Law and Technology released its survey findings: • 87% of those surveyed had not heard about proposals to create a Do Not Track option for the Internet; • 30% understood that advertisers can track users on medical information sites; • 40% believed they had fewer privacy rights when visiting a free website supported by advertising. www.law.berkeley.edu/13260.htm
“Most consumers want Do Not Track to mean exactly that: do not collect information that allows companies to track them across the Internet. This may seem obvious, but even the definition articulated by the FTC may fall short of these consumer expectations.” — Chris Jay Hoofnagle, Director, Information Privacy Programs, Berkeley Center for Law & Technology, October, 2012.
Would you allow a social networking app to collect your contact list in order to suggest more friends? 51% 30% www.law.berkeley.edu/13260.htm
Would you allow a coupons app to collect your contact list in order to offer coupons to your contacts? 75% 18% www.law.berkeley.edu/13260.htm
Would you allow your cell phone provider to use your location to tailor ads to you? 70% 22% www.law.berkeley.edu/13260.htm
There is another way … Applying Fair Information Practices to CRM: • Accountability • Identifying Purposes • Consent • Limiting Collection • Limiting Use, Disclosure, and Retention • Accuracy • Safeguards • Openness • Individual Access • Challenging Compliance www.ipc.on.ca/English/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=234
Permission-Based Marketing: The Personal Touch • Essential premise: persuade consumers to volunteer their attention; • Predicated on Consent: make consumers active recipients of marketing information; • Puts control in the hands of consumers; “Just because you somehow get my email address doesn’t mean you have permission.” . — Seth Godin, Permission-Based Marketing, 2001.
Why Privacy is Good for Business
The Privacy Dividend 1. The Business Case 2. Personal Information in the Business Context 3. Creating the Business Case “In the words of Commissioner Cavoukian, “The ‘payoff’ to privacy- respecting organisations is ... ultimately, enduring competitive advantage. In a world of increasingly savvy and inter- connected customers, an organisation’s approach to privacy may offer precisely the competitive advantage needed to succeed.” www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/privacy_dividend.pdf
• Bering Media has built Privacy into IP Geolocation: • Using a unique double-blind privacy architecture; • Minimum-match thresholds/ Anti-inference algorithms; • Dynamic IP address management; • Persistent, permanent opt-out, globally. www.ipc.on.ca/images/Resources/pbd-ip-geo.pdf
The Bottom Line Privacy should be viewed as a business issue, not a compliance issue Think strategically and transform privacy into a competitive business advantage
Cost of Taking the Reactive Approach to Privacy Breaches Damaged Lawsuits Brand Name Proactive Reactive Loss of Consumer Trust
Consumer Choice and Privacy • There is a strong competitive advantage for businesses to invest in good data privacy and security practices; • “A significant portion of the population is becoming concerned about identity theft, and it is influencing their purchasing decisions.” — Rena Mears, Deloitte & Touche LLP, Survey Reports An Increase in ID Theft and Decrease in Consumer Confidence, 2005.
Online Consumers Willing to Pay for Privacy • A study conducted at Carnegie-Mellon University found that when privacy information is made more salient and accessible, some consumers are willing to pay a premium to purchase goods from privacy-protective websites; • When shopping online, participants made significantly more purchases from sites rated “High Privacy” (47.4%) compared to participants buying from sites rated “No Privacy” (5.6%). — Online Consumers Willing to Pay Premium for Net Privacy, Study Finds, ScienceDaily, July 11, 2011. Study conducted by Janice Y. Tsai, Serge Egelman, Lorrie Cranor, and Alessandro Acquisti of Carnegie Mellon University http://www.informs.org/Pubs/ISR
Bottom Line: It’s All About Trust “Trust is more important than ever online … Price does not rule the Web … Trust does.” — Frederick F. Reichheld, Loyalty Rules: How Today’s Leaders Build Lasting Relationships
Reasons for Building Consumer Trust • Continuation of valuable business relationships; • Loyal, repeat customers; • Sustainable competitive edge; • Consumer confidence and trust. — Ann Cavoukian, Ph.D., Tyler Hamilton, The Privacy Payoff: How Successful Businesses Build Consumer Trust, McGraw-Hill Ryerson, 2002, pp. 13-14.
Operationalizing Privacy by Design 9 PbD Application Areas •CCTV/Surveillance cameras in mass transit systems; •Biometrics used in casinos and gaming facilities; •Smart Meters and the Smart Grid; •Mobile Communications; •Near Field Communications; •RFIDs and sensor technologies; •Redesigning IP Geolocation; •Remote Home Health Care; •Big Data and Data Analytics. www.privacybydesign.ca
Conclusions • Make privacy a priority – ensure that privacy is embedded into your systems and operational processes – into your business practices; • It is easier and far more cost-effective to build in privacy up-front, rather than after-the-fact; • Privacy risks are best managed by proactively embedding the principles of Privacy by Design; • Get smart – lead with Privacy – by Design, not privacy by chance or, worse, Privacy by Disaster!
How to Contact Us Ann Cavoukian, Ph.D. Information & Privacy Commissioner of Ontario 2 Bloor Street East, Suite 1400 Toronto, Ontario, Canada M4W 1A8 Phone: (416) 326-3948 / 1-800-387-0073 Web: www.ipc.on.ca E-mail: info@ipc.on.ca For more information on Privacy by Design, please visit: www.privacybydesign.ca

Recomendados

John Locke Essay Prize 2014
John Locke Essay Prize 2014John Locke Essay Prize 2014
John Locke Essay Prize 2014Marco Bertone
 
How to Integrate Privacy into Your Customer Care
How to Integrate Privacy into Your Customer CareHow to Integrate Privacy into Your Customer Care
How to Integrate Privacy into Your Customer CareTRUSTe
 
Designing for Privacy in an Increasingly Public World
Designing for Privacy in an Increasingly Public WorldDesigning for Privacy in an Increasingly Public World
Designing for Privacy in an Increasingly Public WorldRobert Stribley
 
In-house counsel Masterclass: Navigating the Social Network
In-house counsel Masterclass: Navigating the Social NetworkIn-house counsel Masterclass: Navigating the Social Network
In-house counsel Masterclass: Navigating the Social NetworkMHCLawyers
 
Designing for Privacy
Designing for PrivacyDesigning for Privacy
Designing for Privacyexultantwarning51
 
Designing for Privacy
Designing for PrivacyDesigning for Privacy
Designing for Privacywrathfulplaza6959
 
WIFUTURE Conference - Artificial Intelligence and ChatBots - Milan
WIFUTURE Conference - Artificial Intelligence and ChatBots - MilanWIFUTURE Conference - Artificial Intelligence and ChatBots - Milan
WIFUTURE Conference - Artificial Intelligence and ChatBots - MilanPietro Leo
 
Digital Marketing 101 | The Basics You Need to Know
Digital Marketing 101 | The Basics You Need to KnowDigital Marketing 101 | The Basics You Need to Know
Digital Marketing 101 | The Basics You Need to KnowMarcus Herrington
 

Recomendados

John Locke Essay Prize 2014
John Locke Essay Prize 2014John Locke Essay Prize 2014
John Locke Essay Prize 2014Marco Bertone
 
How to Integrate Privacy into Your Customer Care
How to Integrate Privacy into Your Customer CareHow to Integrate Privacy into Your Customer Care
How to Integrate Privacy into Your Customer CareTRUSTe
 
Designing for Privacy in an Increasingly Public World
Designing for Privacy in an Increasingly Public WorldDesigning for Privacy in an Increasingly Public World
Designing for Privacy in an Increasingly Public WorldRobert Stribley
 
In-house counsel Masterclass: Navigating the Social Network
In-house counsel Masterclass: Navigating the Social NetworkIn-house counsel Masterclass: Navigating the Social Network
In-house counsel Masterclass: Navigating the Social NetworkMHCLawyers
 
Designing for Privacy
Designing for PrivacyDesigning for Privacy
Designing for Privacyexultantwarning51
 
Designing for Privacy
Designing for PrivacyDesigning for Privacy
Designing for Privacywrathfulplaza6959
 
WIFUTURE Conference - Artificial Intelligence and ChatBots - Milan
WIFUTURE Conference - Artificial Intelligence and ChatBots - MilanWIFUTURE Conference - Artificial Intelligence and ChatBots - Milan
WIFUTURE Conference - Artificial Intelligence and ChatBots - MilanPietro Leo
 
Digital Marketing 101 | The Basics You Need to Know
Digital Marketing 101 | The Basics You Need to KnowDigital Marketing 101 | The Basics You Need to Know
Digital Marketing 101 | The Basics You Need to KnowMarcus Herrington
 
Razorfish Liminal 2011 — Customer Engagement In Transition
Razorfish Liminal 2011 — Customer Engagement In TransitionRazorfish Liminal 2011 — Customer Engagement In Transition
Razorfish Liminal 2011 — Customer Engagement In TransitionZeb Dropkin
 
Creative Computing: how artificial intelligence could augment designer’s deci...
Creative Computing: how artificial intelligence could augment designer’s deci...Creative Computing: how artificial intelligence could augment designer’s deci...
Creative Computing: how artificial intelligence could augment designer’s deci...Pietro Leo
 
Collective Intelligence Lecture 1: Introduction
Collective Intelligence Lecture 1: IntroductionCollective Intelligence Lecture 1: Introduction
Collective Intelligence Lecture 1: IntroductionMichael Shilman
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksProtecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksSocialKwan
 
FUTURE Perspective #11 trends newsletter
FUTURE Perspective #11 trends newsletterFUTURE Perspective #11 trends newsletter
FUTURE Perspective #11 trends newsletterElaine Cameron
 
Data Protection and Privacy in the Social Web
Data Protection and Privacy in the Social Web Data Protection and Privacy in the Social Web
Data Protection and Privacy in the Social Web ADTELLIGENCE GmbH
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firmsJake Weaver
 
Mobile Privacy and Security - Study by Mobidigger
Mobile Privacy and Security - Study by MobidiggerMobile Privacy and Security - Study by Mobidigger
Mobile Privacy and Security - Study by MobidiggerHubert Moik
 
Malware & Data Breaches: Combatting the Biggest Threat
Malware & Data Breaches: Combatting the Biggest ThreatMalware & Data Breaches: Combatting the Biggest Threat
Malware & Data Breaches: Combatting the Biggest ThreatChris Ross
 
The Rise of Incognito Tech
The Rise of Incognito TechThe Rise of Incognito Tech
The Rise of Incognito TechElaine Cameron
 
PRSA Presentation
PRSA PresentationPRSA Presentation
PRSA PresentationRaidious
 
Cognitive Computing: Challenges and opportunities in Building an Artificial I...
Cognitive Computing: Challenges and opportunities in Building an Artificial I...Cognitive Computing: Challenges and opportunities in Building an Artificial I...
Cognitive Computing: Challenges and opportunities in Building an Artificial I...Pietro Leo
 
ConsumerPrivacy-BEAR-2015-Final (1)
ConsumerPrivacy-BEAR-2015-Final (1)ConsumerPrivacy-BEAR-2015-Final (1)
ConsumerPrivacy-BEAR-2015-Final (1)Zohra Razaq
 
Data protection and privacy in the social web en 201006
Data protection and privacy in the social web en 201006Data protection and privacy in the social web en 201006
Data protection and privacy in the social web en 201006ADTELLIGENCE GmbH
 
Publish expo 2012 agility without damnation
Publish expo 2012 agility without damnationPublish expo 2012 agility without damnation
Publish expo 2012 agility without damnationAnne Caborn
 
Top Trends from SXSW Interactive 2014. The Big Roundup.
Top Trends from SXSW Interactive 2014. The Big Roundup.Top Trends from SXSW Interactive 2014. The Big Roundup.
Top Trends from SXSW Interactive 2014. The Big Roundup.Ashika Chauhan
 
Secret to Effective Digital Connection for Insurance Marketers
Secret to Effective Digital Connection for Insurance MarketersSecret to Effective Digital Connection for Insurance Marketers
Secret to Effective Digital Connection for Insurance Marketersedynamic
 
LIBRA: IS IT REALLY ABOUT MONEY? Valerie Khan
LIBRA: IS IT REALLY ABOUT MONEY? Valerie KhanLIBRA: IS IT REALLY ABOUT MONEY? Valerie Khan
LIBRA: IS IT REALLY ABOUT MONEY? Valerie Khaneraser Juan José Calderón
 
Privacy vs personalization: advisory for brand and comms practitioners into 2...
Privacy vs personalization: advisory for brand and comms practitioners into 2...Privacy vs personalization: advisory for brand and comms practitioners into 2...
Privacy vs personalization: advisory for brand and comms practitioners into 2...Dave Holland
 
issue and trend in integrative media
issue and trend in integrative mediaissue and trend in integrative media
issue and trend in integrative mediaAnies Syahieda
 
FINAL presentationMay2016
FINAL presentationMay2016FINAL presentationMay2016
FINAL presentationMay2016Melissa Krasnow
 
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdf
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdfThinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdf
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdfPrasadraoBucche
 

Más contenido relacionado

La actualidad más candente

Razorfish Liminal 2011 — Customer Engagement In Transition
Razorfish Liminal 2011 — Customer Engagement In TransitionRazorfish Liminal 2011 — Customer Engagement In Transition
Razorfish Liminal 2011 — Customer Engagement In TransitionZeb Dropkin
 
Creative Computing: how artificial intelligence could augment designer’s deci...
Creative Computing: how artificial intelligence could augment designer’s deci...Creative Computing: how artificial intelligence could augment designer’s deci...
Creative Computing: how artificial intelligence could augment designer’s deci...Pietro Leo
 
Collective Intelligence Lecture 1: Introduction
Collective Intelligence Lecture 1: IntroductionCollective Intelligence Lecture 1: Introduction
Collective Intelligence Lecture 1: IntroductionMichael Shilman
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksProtecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksSocialKwan
 
FUTURE Perspective #11 trends newsletter
FUTURE Perspective #11 trends newsletterFUTURE Perspective #11 trends newsletter
FUTURE Perspective #11 trends newsletterElaine Cameron
 
Data Protection and Privacy in the Social Web
Data Protection and Privacy in the Social Web Data Protection and Privacy in the Social Web
Data Protection and Privacy in the Social Web ADTELLIGENCE GmbH
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firmsJake Weaver
 
Mobile Privacy and Security - Study by Mobidigger
Mobile Privacy and Security - Study by MobidiggerMobile Privacy and Security - Study by Mobidigger
Mobile Privacy and Security - Study by MobidiggerHubert Moik
 
Malware & Data Breaches: Combatting the Biggest Threat
Malware & Data Breaches: Combatting the Biggest ThreatMalware & Data Breaches: Combatting the Biggest Threat
Malware & Data Breaches: Combatting the Biggest ThreatChris Ross
 
The Rise of Incognito Tech
The Rise of Incognito TechThe Rise of Incognito Tech
The Rise of Incognito TechElaine Cameron
 
PRSA Presentation
PRSA PresentationPRSA Presentation
PRSA PresentationRaidious
 
Cognitive Computing: Challenges and opportunities in Building an Artificial I...
Cognitive Computing: Challenges and opportunities in Building an Artificial I...Cognitive Computing: Challenges and opportunities in Building an Artificial I...
Cognitive Computing: Challenges and opportunities in Building an Artificial I...Pietro Leo
 
ConsumerPrivacy-BEAR-2015-Final (1)
ConsumerPrivacy-BEAR-2015-Final (1)ConsumerPrivacy-BEAR-2015-Final (1)
ConsumerPrivacy-BEAR-2015-Final (1)Zohra Razaq
 
Data protection and privacy in the social web en 201006
Data protection and privacy in the social web en 201006Data protection and privacy in the social web en 201006
Data protection and privacy in the social web en 201006ADTELLIGENCE GmbH
 
Publish expo 2012 agility without damnation
Publish expo 2012 agility without damnationPublish expo 2012 agility without damnation
Publish expo 2012 agility without damnationAnne Caborn
 
Top Trends from SXSW Interactive 2014. The Big Roundup.
Top Trends from SXSW Interactive 2014. The Big Roundup.Top Trends from SXSW Interactive 2014. The Big Roundup.
Top Trends from SXSW Interactive 2014. The Big Roundup.Ashika Chauhan
 
Secret to Effective Digital Connection for Insurance Marketers
Secret to Effective Digital Connection for Insurance MarketersSecret to Effective Digital Connection for Insurance Marketers
Secret to Effective Digital Connection for Insurance Marketersedynamic
 
Privacy vs personalization: advisory for brand and comms practitioners into 2...
Privacy vs personalization: advisory for brand and comms practitioners into 2...Privacy vs personalization: advisory for brand and comms practitioners into 2...
Privacy vs personalization: advisory for brand and comms practitioners into 2...Dave Holland
 
issue and trend in integrative media
issue and trend in integrative mediaissue and trend in integrative media
issue and trend in integrative mediaAnies Syahieda
 

La actualidad más candente (20)

Razorfish Liminal 2011 — Customer Engagement In Transition
Razorfish Liminal 2011 — Customer Engagement In TransitionRazorfish Liminal 2011 — Customer Engagement In Transition
Razorfish Liminal 2011 — Customer Engagement In Transition
 
Creative Computing: how artificial intelligence could augment designer’s deci...
Creative Computing: how artificial intelligence could augment designer’s deci...Creative Computing: how artificial intelligence could augment designer’s deci...
Creative Computing: how artificial intelligence could augment designer’s deci...
 
Collective Intelligence Lecture 1: Introduction
Collective Intelligence Lecture 1: IntroductionCollective Intelligence Lecture 1: Introduction
Collective Intelligence Lecture 1: Introduction
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksProtecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaks
 
FUTURE Perspective #11 trends newsletter
FUTURE Perspective #11 trends newsletterFUTURE Perspective #11 trends newsletter
FUTURE Perspective #11 trends newsletter
 
Data Protection and Privacy in the Social Web
Data Protection and Privacy in the Social Web Data Protection and Privacy in the Social Web
Data Protection and Privacy in the Social Web
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firms
 
Mobile Privacy and Security - Study by Mobidigger
Mobile Privacy and Security - Study by MobidiggerMobile Privacy and Security - Study by Mobidigger
Mobile Privacy and Security - Study by Mobidigger
 
Malware & Data Breaches: Combatting the Biggest Threat
Malware & Data Breaches: Combatting the Biggest ThreatMalware & Data Breaches: Combatting the Biggest Threat
Malware & Data Breaches: Combatting the Biggest Threat
 
The Rise of Incognito Tech
The Rise of Incognito TechThe Rise of Incognito Tech
The Rise of Incognito Tech
 
PRSA Presentation
PRSA PresentationPRSA Presentation
PRSA Presentation
 
Cognitive Computing: Challenges and opportunities in Building an Artificial I...
Cognitive Computing: Challenges and opportunities in Building an Artificial I...Cognitive Computing: Challenges and opportunities in Building an Artificial I...
Cognitive Computing: Challenges and opportunities in Building an Artificial I...
 
ConsumerPrivacy-BEAR-2015-Final (1)
ConsumerPrivacy-BEAR-2015-Final (1)ConsumerPrivacy-BEAR-2015-Final (1)
ConsumerPrivacy-BEAR-2015-Final (1)
 
Data protection and privacy in the social web en 201006
Data protection and privacy in the social web en 201006Data protection and privacy in the social web en 201006
Data protection and privacy in the social web en 201006
 
Publish expo 2012 agility without damnation
Publish expo 2012 agility without damnationPublish expo 2012 agility without damnation
Publish expo 2012 agility without damnation
 
Top Trends from SXSW Interactive 2014. The Big Roundup.
Top Trends from SXSW Interactive 2014. The Big Roundup.Top Trends from SXSW Interactive 2014. The Big Roundup.
Top Trends from SXSW Interactive 2014. The Big Roundup.
 
Secret to Effective Digital Connection for Insurance Marketers
Secret to Effective Digital Connection for Insurance MarketersSecret to Effective Digital Connection for Insurance Marketers
Secret to Effective Digital Connection for Insurance Marketers
 
LIBRA: IS IT REALLY ABOUT MONEY? Valerie Khan
LIBRA: IS IT REALLY ABOUT MONEY? Valerie KhanLIBRA: IS IT REALLY ABOUT MONEY? Valerie Khan
LIBRA: IS IT REALLY ABOUT MONEY? Valerie Khan
 
Privacy vs personalization: advisory for brand and comms practitioners into 2...
Privacy vs personalization: advisory for brand and comms practitioners into 2...Privacy vs personalization: advisory for brand and comms practitioners into 2...
Privacy vs personalization: advisory for brand and comms practitioners into 2...
 
issue and trend in integrative media
issue and trend in integrative mediaissue and trend in integrative media
issue and trend in integrative media
 

Similar a Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design

FINAL presentationMay2016
FINAL presentationMay2016FINAL presentationMay2016
FINAL presentationMay2016Melissa Krasnow
 
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdf
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdfThinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdf
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdfPrasadraoBucche
 
Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade ...
Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade ...Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade ...
Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade ...NextVision Media
 
Stop hiding behind your privacy policy: build consumer trust (ADM.be, 2015)
Stop hiding behind your privacy policy: build consumer trust (ADM.be, 2015)Stop hiding behind your privacy policy: build consumer trust (ADM.be, 2015)
Stop hiding behind your privacy policy: build consumer trust (ADM.be, 2015)Ann Wuyts
 
Cookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCastlebridge Associates
 
The Myth of Zero-Risk Solutions; The Benefits of Privacy by Design
The Myth of Zero-Risk Solutions; The Benefits of Privacy by DesignThe Myth of Zero-Risk Solutions; The Benefits of Privacy by Design
The Myth of Zero-Risk Solutions; The Benefits of Privacy by DesignDr. Ann Cavoukian
 
Privacy and Big Data Overload!
Privacy and Big Data Overload!Privacy and Big Data Overload!
Privacy and Big Data Overload!SparkPost
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspectiveSravan Ankaraju
 
WI - IDENTITY CHALLENGE - Admonsters Publisher Forum 2023.pptx
WI - IDENTITY CHALLENGE - Admonsters Publisher Forum 2023.pptxWI - IDENTITY CHALLENGE - Admonsters Publisher Forum 2023.pptx
WI - IDENTITY CHALLENGE - Admonsters Publisher Forum 2023.pptxIdentitiLab
 
Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy Ensighten
 
Consumer engagement principles
Consumer engagement principlesConsumer engagement principles
Consumer engagement principlesdefault default
 
Designing products and services with GDPR
Designing products and services with GDPRDesigning products and services with GDPR
Designing products and services with GDPRCyber-Duck
 
Golden Gekko, 10 burning questions on privacy
Golden Gekko, 10 burning questions on privacyGolden Gekko, 10 burning questions on privacy
Golden Gekko, 10 burning questions on privacyDMI
 
Targeted Advertisements & Privacy
Targeted Advertisements & Privacy Targeted Advertisements & Privacy
Targeted Advertisements & Privacy Afnan Rjoub
 
How to Build a Privacy Program
How to Build a Privacy ProgramHow to Build a Privacy Program
How to Build a Privacy ProgramDaniel Ayala
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO
 
ETHICAL WEB DEVELOPMENT: BALANCING USER PRIVACY AND INNOVATION
ETHICAL WEB DEVELOPMENT: BALANCING USER PRIVACY AND INNOVATIONETHICAL WEB DEVELOPMENT: BALANCING USER PRIVACY AND INNOVATION
ETHICAL WEB DEVELOPMENT: BALANCING USER PRIVACY AND INNOVATIONBeliev-In Technologies
 
Privacy by Design Seminar - Jan 22, 2015
Privacy by Design Seminar - Jan 22, 2015Privacy by Design Seminar - Jan 22, 2015
Privacy by Design Seminar - Jan 22, 2015Dr. Ann Cavoukian
 

Similar a Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design (20)

FINAL presentationMay2016
FINAL presentationMay2016FINAL presentationMay2016
FINAL presentationMay2016
 
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdf
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdfThinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdf
Thinking_Beyond_the_Third_Party_Cookie_Guide_Refresh_Offer.pdf
 
Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade ...
Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade ...Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade ...
Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade ...
 
Stop hiding behind your privacy policy: build consumer trust (ADM.be, 2015)
Stop hiding behind your privacy policy: build consumer trust (ADM.be, 2015)Stop hiding behind your privacy policy: build consumer trust (ADM.be, 2015)
Stop hiding behind your privacy policy: build consumer trust (ADM.be, 2015)
 
Cookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspective
 
The Myth of Zero-Risk Solutions; The Benefits of Privacy by Design
The Myth of Zero-Risk Solutions; The Benefits of Privacy by DesignThe Myth of Zero-Risk Solutions; The Benefits of Privacy by Design
The Myth of Zero-Risk Solutions; The Benefits of Privacy by Design
 
Privacy and Big Data Overload!
Privacy and Big Data Overload!Privacy and Big Data Overload!
Privacy and Big Data Overload!
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
 
WI - IDENTITY CHALLENGE - Admonsters Publisher Forum 2023.pptx
WI - IDENTITY CHALLENGE - Admonsters Publisher Forum 2023.pptxWI - IDENTITY CHALLENGE - Admonsters Publisher Forum 2023.pptx
WI - IDENTITY CHALLENGE - Admonsters Publisher Forum 2023.pptx
 
Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy Webinar Deck - Protect Your Users' Online Privacy
Webinar Deck - Protect Your Users' Online Privacy
 
Jules Polonetsky: Ethics & Privacy & Strategy in the Age of Big Data
Jules Polonetsky: Ethics & Privacy & Strategy in the Age of Big DataJules Polonetsky: Ethics & Privacy & Strategy in the Age of Big Data
Jules Polonetsky: Ethics & Privacy & Strategy in the Age of Big Data
 
Jules Polonetsky: Ethics & Privacy & Strategy in the Age of Big Data
Jules Polonetsky: Ethics & Privacy & Strategy in the Age of Big DataJules Polonetsky: Ethics & Privacy & Strategy in the Age of Big Data
Jules Polonetsky: Ethics & Privacy & Strategy in the Age of Big Data
 
Consumer engagement principles
Consumer engagement principlesConsumer engagement principles
Consumer engagement principles
 
Designing products and services with GDPR
Designing products and services with GDPRDesigning products and services with GDPR
Designing products and services with GDPR
 
Golden Gekko, 10 burning questions on privacy
Golden Gekko, 10 burning questions on privacyGolden Gekko, 10 burning questions on privacy
Golden Gekko, 10 burning questions on privacy
 
Targeted Advertisements & Privacy
Targeted Advertisements & Privacy Targeted Advertisements & Privacy
Targeted Advertisements & Privacy
 
How to Build a Privacy Program
How to Build a Privacy ProgramHow to Build a Privacy Program
How to Build a Privacy Program
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy
 
ETHICAL WEB DEVELOPMENT: BALANCING USER PRIVACY AND INNOVATION
ETHICAL WEB DEVELOPMENT: BALANCING USER PRIVACY AND INNOVATIONETHICAL WEB DEVELOPMENT: BALANCING USER PRIVACY AND INNOVATION
ETHICAL WEB DEVELOPMENT: BALANCING USER PRIVACY AND INNOVATION
 
Privacy by Design Seminar - Jan 22, 2015
Privacy by Design Seminar - Jan 22, 2015Privacy by Design Seminar - Jan 22, 2015
Privacy by Design Seminar - Jan 22, 2015
 

Último

mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 

Último (20)

mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 

Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design

  • 1. Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing by Design Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada Canadian Institute Advertising and Marketing Law Conference January 23, 2013
  • 2. Presentation Outline 1. We Need a Paradigm Shift 2. Positive-Sum, NOT Zero-Sum 3. Privacy by Design: The Gold Standard 4. Privacy in Advertising and Marketing 5. Why Privacy is Good for Business 6. Operationalizing Privacy by Design 7. Conclusions
  • 3. We need to change the paradigm
  • 4. Why We Need Privacy by Design Most privacy breaches remain undetected – as regulators, we only see the tip of the iceberg The majority of privacy breaches remain unchallenged, unregulated ... unknown Regulatory compliance alone, is unsustainable as the sole model for ensuring the future of privacy
  • 5. The Future of Privacy Change the Paradigm to Positive-Sum, NOT Zero-Sum
  • 6. Positive-Sum Model Change the paradigm from a zero-sum to a “positive-sum” model: Create a win-win scenario, not an either/or (vs.) involving unnecessary trade-offs and false dichotomies … replace the “vs.” with “and”
  • 7. Privacy by Design: “Build It In” • I first developed the concept of “Privacy by Design” in the 90s, as a response to the growing threats to online privacy that were beginning to emerge; • “Privacy by Design” seeks to build in privacy – up front, right into the design specifications; into the architecture; embed privacy into the technology used – bake it in; • Data minimization is key: minimize the routine collection and use of personally identifiable information – use encrypted or coded information whenever possible; • Use privacy-enhancing technologies (PETs) plus where possible: give people maximum control over their own data.
  • 8. The Decade of Privacy by Design
  • 9. Adoption of “Privacy by Design” as an International Standard Landmark Resolution Passed to Preserve the Future of Privacy By Anna Ohlden – October 29th 2010 - http://www.science20.com/newswire/landmark_resolution_passed_preserve_future_privacy JERUSALEM, October 29, 2010 – A landmark Resolution by Ontario's Information and Privacy Commissioner, Dr. Ann Cavoukian, was approved by international Data Protection and Privacy Commissioners in Jerusalem today at their annual conference. The resolution recognizes Commissioner Cavoukian's concept of Privacy by Design - which ensures that privacy is embedded into new technologies and business practices, right from the outset - as an essential component of fundamental privacy protection. Full Article: http://www.science20.com/newswire/landmark_resolution_passed_preserve_future_privacy
  • 10. Privacy by Design: The 7 Foundational Principles 1. Proactive not Reactive: Preventative, not Remedial; 2. Privacy as the Default setting; 3. Privacy Embedded into Design; 4. Full Functionality: Positive-Sum, not Zero-Sum; 5. End-to-End Security: Full Lifecycle Protection; 6. Visibility and Transparency: Keep it Open; 7. Respect for User Privacy: Keep it User-Centric. www.ipc.on.ca/images/Resources/7foundationalprinciples.pdf
  • 11. Privacy by Design: Proactive in 29 Languages! 1.English 11.Chinese 21.Greek 2.French 12.Japanese 22.Macedonian 3.German 13.Arabic 23.Bulgarian 4.Spanish 14.Armenian 24.Croatian 5.Italian 15.Ukrainian 25.Polish 6.Czech 16.Korean 26.Turkish 7.Dutch 17.Russian 27.Malaysian 8.Estonian 18.Romanian 28.Indonesian 9.Hebrew 19.Portuguese 29.Lithuanian 10.Hindi 20.Maltese
  • 12. Privacy in Advertising and Marketing
  • 13. Personal Information Protection and Electronic Documents Act (PIPEDA) • Online behavioural advertising may be considered a reasonable purpose under PIPEDA; • PIPEDA requires an individual’s knowledge and consent for the collection, use, or disclosure of personal information; • PIPEDA also requires that the purposes for which an individual’s information is to be collected, used or disclosed be explained in a clear and transparent manner; • Any collection or use of an individual’s web browsing activity must be done with that person’s knowledge and consent.
  • 14. Report from Advertising Standards Canada According to a report from Advertising Standards Canada: •89% agreed with the statement, “people share far too much personal information online these days;” •72% responded that they were worried about the erosion of personal privacy; •73% said they were aware that businesses were tracking people's activities on the Web in order to understand their interests. — Susan Krashinsky, Give consumers choice, control on personal data, advertisers urged; ASC recommending a four-step process for building trust, Globe and Mail, November 20, 2012. www.theglobeandmail.com/report-on-business/give-consumers-choice-control-on-personal-data-advertisers-urged/article5461959/
  • 15. Consumers Favour Do Not Track (DNT) by Default “Seventy-five percent of the consumers we surveyed in the U.S. and Europe said they wanted DNT on, by default.” — Brad Smith Microsoft Executive Vice-President December, 2012. http://www.bloomberg.com/news/2012-12- 13/microsoft-rankles-advertisers-with-web-user- privacy-plan.html
  • 16. Microsoft Internet Explorer 10 Do Not Track • June 2012 – Microsoft announced the Do Not Track option would be activated by default in Internet Explorer 10 on Windows 8, as part of its commitment to user privacy; • The Default Rules – research shows that whatever the default condition is, that is the one that will prevail; • Microsoft was criticized by advertising companies, who said Do Not Track must be a choice made by users and should not be automatically enabled – this despite the fact that they have been making the choice for users all along; • Companies have always made the choice for their users – the existing default is one of tracking/advertising; • Microsoft responded that users would prefer a browser that automatically respected their privacy – I totally agree – see my YouTube video here: http://www.youtube.com/watch?v=1OtV-sGu17U
  • 17. Berkeley Center for Law and Technology Survey on Online Privacy • At the Amsterdam Privacy Conference in October, 2012, the Berkeley Center for Law and Technology released its survey findings: • 87% of those surveyed had not heard about proposals to create a Do Not Track option for the Internet; • 30% understood that advertisers can track users on medical information sites; • 40% believed they had fewer privacy rights when visiting a free website supported by advertising. www.law.berkeley.edu/13260.htm
  • 18. “Most consumers want Do Not Track to mean exactly that: do not collect information that allows companies to track them across the Internet. This may seem obvious, but even the definition articulated by the FTC may fall short of these consumer expectations.” — Chris Jay Hoofnagle, Director, Information Privacy Programs, Berkeley Center for Law & Technology, October, 2012.
  • 19. Would you allow a social networking app to collect your contact list in order to suggest more friends? 51% 30% www.law.berkeley.edu/13260.htm
  • 20. Would you allow a coupons app to collect your contact list in order to offer coupons to your contacts? 75% 18% www.law.berkeley.edu/13260.htm
  • 21. Would you allow your cell phone provider to use your location to tailor ads to you? 70% 22% www.law.berkeley.edu/13260.htm
  • 22. There is another way … Applying Fair Information Practices to CRM: • Accountability • Identifying Purposes • Consent • Limiting Collection • Limiting Use, Disclosure, and Retention • Accuracy • Safeguards • Openness • Individual Access • Challenging Compliance www.ipc.on.ca/English/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=234
  • 23. Permission-Based Marketing: The Personal Touch • Essential premise: persuade consumers to volunteer their attention; • Predicated on Consent: make consumers active recipients of marketing information; • Puts control in the hands of consumers; “Just because you somehow get my email address doesn’t mean you have permission.” . — Seth Godin, Permission-Based Marketing, 2001.
  • 24. Why Privacy is Good for Business
  • 25. The Privacy Dividend 1. The Business Case 2. Personal Information in the Business Context 3. Creating the Business Case “In the words of Commissioner Cavoukian, “The ‘payoff’ to privacy- respecting organisations is ... ultimately, enduring competitive advantage. In a world of increasingly savvy and inter- connected customers, an organisation’s approach to privacy may offer precisely the competitive advantage needed to succeed.” www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/privacy_dividend.pdf
  • 26. • Bering Media has built Privacy into IP Geolocation: • Using a unique double-blind privacy architecture; • Minimum-match thresholds/ Anti-inference algorithms; • Dynamic IP address management; • Persistent, permanent opt-out, globally. www.ipc.on.ca/images/Resources/pbd-ip-geo.pdf
  • 27. The Bottom Line Privacy should be viewed as a business issue, not a compliance issue Think strategically and transform privacy into a competitive business advantage
  • 28. Cost of Taking the Reactive Approach to Privacy Breaches Damaged Lawsuits Brand Name Proactive Reactive Loss of Consumer Trust
  • 29. Consumer Choice and Privacy • There is a strong competitive advantage for businesses to invest in good data privacy and security practices; • “A significant portion of the population is becoming concerned about identity theft, and it is influencing their purchasing decisions.” — Rena Mears, Deloitte & Touche LLP, Survey Reports An Increase in ID Theft and Decrease in Consumer Confidence, 2005.
  • 30. Online Consumers Willing to Pay for Privacy • A study conducted at Carnegie-Mellon University found that when privacy information is made more salient and accessible, some consumers are willing to pay a premium to purchase goods from privacy-protective websites; • When shopping online, participants made significantly more purchases from sites rated “High Privacy” (47.4%) compared to participants buying from sites rated “No Privacy” (5.6%). — Online Consumers Willing to Pay Premium for Net Privacy, Study Finds, ScienceDaily, July 11, 2011. Study conducted by Janice Y. Tsai, Serge Egelman, Lorrie Cranor, and Alessandro Acquisti of Carnegie Mellon University http://www.informs.org/Pubs/ISR
  • 31. Bottom Line: It’s All About Trust “Trust is more important than ever online … Price does not rule the Web … Trust does.” — Frederick F. Reichheld, Loyalty Rules: How Today’s Leaders Build Lasting Relationships
  • 32. Reasons for Building Consumer Trust • Continuation of valuable business relationships; • Loyal, repeat customers; • Sustainable competitive edge; • Consumer confidence and trust. — Ann Cavoukian, Ph.D., Tyler Hamilton, The Privacy Payoff: How Successful Businesses Build Consumer Trust, McGraw-Hill Ryerson, 2002, pp. 13-14.
  • 33. Operationalizing Privacy by Design 9 PbD Application Areas •CCTV/Surveillance cameras in mass transit systems; •Biometrics used in casinos and gaming facilities; •Smart Meters and the Smart Grid; •Mobile Communications; •Near Field Communications; •RFIDs and sensor technologies; •Redesigning IP Geolocation; •Remote Home Health Care; •Big Data and Data Analytics. www.privacybydesign.ca
  • 34. Conclusions • Make privacy a priority – ensure that privacy is embedded into your systems and operational processes – into your business practices; • It is easier and far more cost-effective to build in privacy up-front, rather than after-the-fact; • Privacy risks are best managed by proactively embedding the principles of Privacy by Design; • Get smart – lead with Privacy – by Design, not privacy by chance or, worse, Privacy by Disaster!
  • 35. How to Contact Us Ann Cavoukian, Ph.D. Information & Privacy Commissioner of Ontario 2 Bloor Street East, Suite 1400 Toronto, Ontario, Canada M4W 1A8 Phone: (416) 326-3948 / 1-800-387-0073 Web: www.ipc.on.ca E-mail: info@ipc.on.ca For more information on Privacy by Design, please visit: www.privacybydesign.ca

Notas del editor

  1. Presentation Outline
  2. Paradigm Shift
  3. Why We Need PbD
  4. Positive-Sum, Not Zero-Sum Compliance alone, is unsustainable as the sole model for ensuring the future of privacy; for that, we must turn to proactive measures such as Privacy by Design: embedding privacy proactively into the core of all that we do. Lessig Book – Code: Version 2.0 Further, the average individual’s “information footprint” (digitization of entertainment, healthcare, security, and retail preferences) will grow from 1 terabyte per year to more than 16 terabytes by 2020. — IBM Press Release, September 8, 2008. The collection of personal information is not going to stop or decline. In fact, it will only continue to grow exponentially. Legislation can be proactive by requiring certain practices and standards; arranging for audits; providing incented activities; and by ensuring that certain large organizations, such as government departments themselves, will become models for the required change and activity - so maybe the contrast is not between legislation and PbD, but between proactive and reactive approaches with Privacy by Design being the best model for the proactive approach.
  5. Positive-Sum Model
  6. PbD – Build It In A Positive-Sum (or “win-win” or “non zero-sum”) paradigm, by contrast, describes a concept or situation in which participants can all gain or suffer together. That is, the sum of gains and losses by the participants are always more or less than what they began with, depending on their choices and behaviour. If privacy and security are not a ‘zero sum game’, and if we need to ensure strong security and strong privacy what are we left with? We can’t leave privacy to policies and procedures alone, as that ignores the reality of the systems in which so much personal information resides. We can’t focus on security alone, as I talked about earlier. There isn’t a balance to be sought. What is required is a WIN-WIN situation, in which strong privacy policies mutually reinforce a strong security focus. “ We need better options for securing the Internet. Instead of looking primarily for top-down government intervention, we can enlist the operators and users themselves.” — Jonathan Zittrain, Freedom and Anonymity: Keeping the Internet Open, Scientific American, February 24, 2011
  7. Privacy by Design
  8. Jerusalem Resolution I first developed the concept of Privacy by Design in the ’ 90s, as a response to the growing threats to online privacy that were beginning to emerge; Privacy by Design seeks to build in privacy – up front, right into the design specifications; into the architecture; embedding privacy into the very technology used – bake it in ; Data minimization is key : minimize the routine collection and use of personally identifiable information – use encrypted or coded information, whenever possible; Use privacy-enhancing technologies (PETs) where possible, but make it PETs Plus , invoking a positive-sum paradigm, and giving people maximum control over their own data.
  9. PbD – 7 Foundational Principles
  10. PbD in 29 Langauges Proactive not Reactive; Preventative not Remedial Privacy as the Default Privacy Embedded into Design Full Functionality: Positive-Sum, not Zero-Sum End-to-End Lifecycle Protection Visibility and Transparency Respect for User Privacy
  11. Privacy in Advertising and Marketing
  12. PIPEDA
  13. Report of Advertising Standards Canada Online behavioural advertising may be considered a reasonable purpose under PIPEDA, provided it is carried out under certain parameters, and is not made a condition of service for accessing and using the Internet, generally. PIPEDA defines personal information as “information about an identifiable individual”. Information will be about an identifiable individual where there is a serious possibility that an individual could be identified through the use of that information, alone or in combination with other available information. PIPEDA requires an individual’s knowledge and consent for the collection, use, or disclosure of personal information. PIPEDA also requires that the purposes for which an individual’s information is to be collected, used or disclosed be explained in a clear and transparent manner. In addition, PIPEDA does recognize that the form of consent can vary: for example, express consent (opt-in) when dealing with sensitive information, and implied consent (opt-out) when the information is less sensitive. It is important to note that the sensitivity of information depends on the nature of the information and the context in which it is being collected, used or disclosed. Opt-out consent for online behavioural advertising could be considered reasonable providing that: Individuals are made aware of the purposes for the practice in a manner that is clear and understandable – the purposes must be made obvious and cannot be buried in a privacy policy. Organizations should be transparent about their practices and consider how to effectively inform individuals of their online behavioural advertising practices, by using a variety of communication methods, such as online banners, layered approaches, and interactive tools; Individuals are informed of these purposes at or before the time of collection and provided with information about the various parties involved in online behavioural advertising; Individuals are able to easily opt-out of the practice - ideally at or before the time the information is collected; The opt-out takes effect immediately and is persistent; The information collected and used is limited, to the extent practicable, to non-sensitive information (avoiding sensitive information such as medical or health information); and Information collected and used is destroyed as soon as possible or effectively de-identified. Any collection or use of an individual’s web browsing activity must be done with that person’s knowledge and consent. Therefore, if an individual is not able to decline the tracking and targeting using an opt-out mechanism because there is no viable possibility for them to exert control over the technology used, or if doing so renders a service unusable, then organizations should not be employing that type of technology for online behavioural advertising purposes. At present, this could include, for example, so-called zombie cookies, super cookies and device fingerprinting.
  14. Consumers Favour DNT As part of the report, the group is recommending a four-step process for building trust with consumers. These four elements are: control (ensuring people know what will happen to their information); choice (allowing people to choose what information to hold back from marketers); commitment (making people aware of privacy and security policies); and compensation (helping people understand "what's in it for me" if they share information
  15. Microsoft DNT
  16. Berkeley Survey on Online Privacy
  17. Quote from Chris Hoofnagle – Director of Berkley Center
  18. Would you allow a social networking app to collect your contact list in order to suggest more friends? The FTC has called for consumers to be given a simple “Do Not Track” mechanism that would allow them to choose whether they want to allow websites to collect information about their Internet activity and use it to deliver targeted advertisements and for other purposes.  The FTC specifically recommends a mechanism that would be practical, and would probably involve the placement of a persistent setting, similar to a cookie, on the consumer’s browser signaling the consumer’s choices (see the FTC’s 2010 preliminary staff report and 2012 Privacy Report: Balancing Privacy and Innovation). FTC’s DNT would consist of the following five elements: First, a Do Not Track system should be implemented universally to cover all parties that would track consumers. Second, the choice mechanism should be easy to find, easy to understand, and easy to use. Third, any choices offered should be persistent and should not be overridden if, for example, consumers clear their cookies or update their browsers. Fourth, a Do Not Track system should be comprehensive, effective, and enforceable. It should opt consumers out of behavioral tracking through any means and not permit technical loopholes. Finally, an effective Do Not Track system should go beyond simply opting consumers out of receiving targeted advertisements; it should opt them out of collection of behavioral data for all purposes other than those that would be consistent with the context of the interaction (e.g., preventing click-fraud or collecting deidentified data for analytics purposes).
  19. Would you allow a coupons app to collect your contact list in order to offer coupons to your contacts ?
  20. Would you allow your cell phone provider to use your location to tailor ads to you?
  21. IPC Paper – Applying Privacy into Marketing
  22. Permission-Based Marketing
  23. Why Privacy is Good for Business
  24. The Privacy Dividend
  25. Bering Media – IP Geolocation Taking a more resolute approach to protecting privacy could increase the magnitude of the benefits well beyond any increase in costs. This approach is sometimes referred to as “privacy by design.” How the organisation handles people’s personal information is central to the degree of trust on which the relationships the organisation has with the people it serves are based. Protecting privacy builds trust and strengthens those relationships, making them more long-lasting and productive. It also strengthens the organisation’s reputation and that helps to attract new customers. In the words of Ann Cavoukian, the Information and Privacy Commissioner of Ontario, Canada, (show book – “Privacy Payoff”) “The ‘payoff’ to privacy-respecting organisations is ... ultimately, enduring competitive advantage. In a world of increasingly savvy and inter-connected customers, an organisation’s approach to privacy may offer precisely the competitive advantage needed to succeed.”
  26. The Bottom Line The Internet and its associated marketing practices have rapidly evolved, to a point where much of the online advertising is provided by companies with whom the individual does not have a direct business relationship. And yet, such companies collect and manage a great deal of data about individuals. This has opened up a broad and ongoing debate in the area of privacy and online targeted advertising. The purpose of this paper is to explore new, original contributions to this discussion, highlighting the solutions made possible through a combination of innovative thought and “baked-in” privacy – which I call Privacy by Design. The subject of targeted advertising brings with it a host of privacy issues, from those directly connected with the practice (the tracking of online behaviours, the use of location data as reported by mobile devices, etc.) to broader, Internet-wide topics (IP address as personal information, etc.). Privacy choices and consumer trust have remained at the forefront of these concerns. In this paper, we focus on a single facet of targeted advertising – the developing area of precise IP geolocation, and the potential role of ISPs in the ad serving model. In particular, we describe the work of Ontario company Bering Media, Inc. Bering Media set out to develop an innovative technology to allow ISPs that have made the decision to partner with an ad server to provide IP geolocation services, to do so with zero disclosure of potentially personally identifiable information about subscribers. This would further allow the ISP to partner with an ad server without the need for reading or modifying any packets travelling through the ISP’s network.
  27. Costs of Privacy Breach
  28. Consumer Choice and Privacy A U.S. study found that the cost of a data breach was $202 per record; the average cost per operating company was more than $6.6 million per breach. 2008 Annual Study: Cost of a Data Breach, Ponemon Institute, February 2009. Legal liabilities, class action suits; Loss of client confidentiality and trust; Diminution of brand and reputation; Loss of customers, competitive edge; Penalties and fines levied; Costs of crisis management, damage control, review and retrofit of information systems, policies and procedures.
  29. Consumers Willing to Pay for Privacy
  30. It’s All About Trust The study -- by Janice Y. Tsai, Serge Egelman, Lorrie Cranor, and Alessandro Acquisti of Carnegie Mellon University -- appears in the current issue of the INFORMS journal Information Systems Research.   The authors note that most online privacy policies are difficult for consumers to use and are often overlooked. Challenging a predominant belief that consumers would not sacrifice for greater Internet privacy, they designed their research to determine if consumers would pay extra to make a purchase at an online store whose privacy policy was medium to high and could easily be determined.    The authors invited a different set of participants to test a new search engine in an experimental setting. These participants were asked to search for and purchase products online using the search engine shopping interface. Participants were randomly assigned to three groups: one group did not see any privacy meter icons associated with the search engine results; one group saw the icons, but was told that they were indicators for the degree of "handicap accessibility" of the website (a characteristic chosen as a "control" condition precisely for its irrelevancy to most consumers' online decision processes); the last group saw the icons and were indeed told that they were indicators for the degree of privacy protection offered by the website. Because participants used their own credit cards to pay for the products, their personal information was exposed to real merchants during the study. The websites were real merchant sites. Purchasing either item forced individuals to reveal personal information (their credit card number) to unknown merchants.
  31. Privacy Payoff
  32. Operationalizing PbD
  33. Conclusions
  34. How to Contact Us