Privacy by Default: The practical application of simplified privacy
Privacy by Default is a very simple concept. The default setting should always be the strictest possible setting without requiring any manual input from the user. For example, think about sharing pictures of your child. Privacy by Default would be to not share pictures of your child with anyone you didn’t know. As you get to know someone you may be able to relax and feel comfortable showing them a picture of your child, but from the get-go before you know anything about the person, you probably shouldn’t show them pictures of your child. The person could in some way be dangerous to your child. The person could be offended that by sharing pictures of your child you are being insensitive to their miscarriage. The person could be offended that you appear to be promoting a small nuclear family. You don’t yet know the person nor the potential consequences of sharing with them a picture of your child. Once you get to know the person better, you can decide whether they are someone with whom you can share the likeness of your child. In this analogy, the person is the website, you are the user, and the likeness of your child is your personal data.
You can decide to show off your child, but it should be your choice. It should be a choice without any pressure. It shouldn’t be suggested. Making that choice shouldn’t have any negative consequences either.
Applying Privacy by Default
Utilizing the principle of Privacy by Default doesn’t mean that the user will always use the strictest privacy settings. The user can relax the privacy setting. The privacy setting should be the strictest until an affirmative action is taken by the user to relax the privacy setting. In practice, people do share data even when it is entirely their choice whether or not to. There is a social aspect, sometimes people just want to be helpful, and sometimes people want to help spur product/platform improvement. There are a variety of reasons, but the net result is that Privacy by Default usually represents a starting point and users can make adjustments from that starting point.
Let’s take a look at that starting point. To adhere to the principle of Privacy by Default, you should start with the strictest privacy settings and data minimization. Strictest is one of those absolute words that arouses people’s creativity – ready to poke holes in any “strictest” approach à la ‘infinity +1’. It is actually better understood as a minimization: Zero is easier to conceptualize than infinity. Looking at it from that vantage point, the strictest privacy setting involves collecting the bare minimum amount of user data, keeping it for a limited amount of time, and limiting its processing. This is very similar to data minimization which is the principle of not maintaining or using data unless doing so is for reasons that were clearly stated in advance.
The strictest approach is clearly distinguishable from a merely strict approach. Whether or not an approach is strict is subjective and therefore difficult to find the appropriate sweet spot. This is especially true when looking at competing intra-organizational actors, specific business departments often have competing interests. Marketing and product development departments will generally want more data, while privacy, legal, and security see more data as potential liabilities. An absolute rule is easier to understand, easier to apply, and significantly easier to achieve adherence in intra-organizational disputes. Privacy by Default principles mandate starting from this straightforward, absolute rule of the strictest approach to data privacy.
The strictest approach to privacy will on average do consumers a lot of good. It won’t merely be virtue-signaling from the business. Preliminarily, it is important to note that often businesses do not have the user’s best interests at heart. They are generally driven by motivations such as profit, which don’t perfectly align with user privacy interests.
Even if you, as a consumer, have absolute trust in a particular business that they will not misuse your data, and even if your trust is well-placed, data breaches are a fact of life these days. Malicious actors are aware of the considerable value of getting user data to sell on the dark web, to blackmail the breached business, or to use for various other reasons. In this case, you can be harmed even when sharing your data with well-intentioned businesses.
Data breaches have been growing more and more common, with the likelihood of a business suffering a data breach increasing year after year. Further, the necessary relaxation of security measures caused by an increase in remote workers (due to Covid-19) exacerbates the risk of a data breach.
Privacy by Default will do your business and your users a lot of good.
The Practical Application of Privacy by Default
If you need help adopting the strictest privacy approach, think about what data you absolutely need for a specific online interaction. Mailing address? Credit card info? E-mail address? First and last name? Date of birth? Social security number? Browsing history? It’s likely you won’t need all of these data points for each online interaction. Clarip’s Data Risk Intelligence Scan can determine what data you collect and where that data goes. If your analysis indicates that you don’t need to collect a user’s social security number or browsing history, but our scan results indicate that you do collect those data points, that’s an opportunity for you to change your approach and truly adopt Privacy by Default. Figure out what data you absolutely need, how long you need it for, and use it only for the necessary purposes. That’s putting Privacy by Default into practice.
To successfully adopt Privacy by Default, your organization will need the tools offered by Clarip. From data mapping to fulfilling data subject requests, Clarip takes enterprise privacy governance to the next level and helps organizations reduce risks, engage better, and gain customers’ trust! Contact us at www.clarip.com or call Clarip at 1-888-252-5653 for a demo.