Personal data: the stakes of Privacy by Design

In this contest with technological, economic and societal stakes, the Privacy by Design principal plays the role of referee by compelling companies (and governments) to take account of personal data protection issues from the time projects involving data processing are conceived.

The response to potential Big Data excesses

Big Data - large-scale data collection and analysis - is a source of wealth for companies. The Californian giant Google provides the best illustration of this: the company’s immense financial success is based entirely on collecting, analysing and monetising personal data for advertisers who want to get to “know” their consumers better.

However, there is a risk of massive personal data leaks, notably due to their automated collection, to which the Privacy by Design principal provides a response.

Privacy by Design is at the heart of the General Data Protection Regulation (GDPR) which came into effect in 2018 to harmonise national legislation on the protection of privacy. The goal is to guarantee to every citizen that the information they disclose on the Internet will be used within a strict legal framework which respects their privacy.

What is personal data? Personal data is understood as the collection, storage and processing of the data of European citizens when it is possible to directly or indirectly identify the person via these data.

Company accountability

The purpose of Privacy by Design is to restore confidence between consumers and companies who are all players in the digital economy. The appointment by every organisation of a Data Protection Officer (DPO) who is responsible for ensuring the proper use of data is highly recommended.

Their function is to ensure that the data collected from customers, prospects and suppliers, as well as from company employees, are processed in accordance with the legislation in effect in the country they are located in.

The end-use of the data, the duration of their use and the way in which they are collected (a click, a box to be checked, etc.) must be taken into account starting with the initial project phase (sometimes called PoC, i.e., Proof of Concept).

In the event of an audit requested by a legal body or a consumer association, the DPO must commit the liability of the company by demonstrating the measures taken to comply with the law.

An example of the application of the Privacy by Design principle: customers no longer have to uncheck a box in a form to decline emails from a company (e.g., a weekly newsletter). Companies can no longer use the data as they wish by default.

The benefits of Privacy by Design

While the Privacy by Design approach implies legal and technical constraints and extends the time required to implement a project, there are nevertheless several benefits.

The main motivation for implementing Privacy by Design principles is to decrease any legal risks resulting from a failure to comply with regulations.

In addition, taking data protection into account too late can result in additional expense to ensure compliance at the end of the project, or potentially, in project cancellation. Companies can use this as a competitive benefit compared to competitors who have not taken the respect for personal data into account.

Lastly, the benefit of implementing a Privacy by Design approach resides in obtaining greater consent from consumers. Declared and real transparency contribute to building a climate of trust which can incite them to consent to sharing more personal information.

How to apply Privacy by Design

Implementing a Privacy by Design approach is a real challenge for companies. Technically, they must have the right system in place to collect and analyse the data and they must also be able to demonstrate that the data are being used properly.

As few data as possible

The best way to minimise the risk of incorrect data use is to limit their collection. A minimalist approach to data is an excellent way to plan the start of each new product. In addition, thanks to Privacy Enhancing Technologies, users can now decide which data they will provide to a business and even anonymise them if they want.

Data pseudonymisation

This technique consists in processing personal data in such a way that they can no longer be associated with a natural person without additional information. For example, in a customer file, the“Last name, First name” fields will be replaced with a unique ten-digit identifier.

Contrary to anonymisation (which consists in permanently erasing identity information), pseudonymisation is a reversible process.

Accountability at all levels

Each step of the data processing process must comply with the Privacy by Design principle. In addition to the DPO (see above), it’s crucial that the IT teams as well as the business line teams be made aware of the issues involved in everyday data processing to avoid any negligence which could damage the company.