Home Privacy A War For Digital Privacy Is Raging But Gaps In Knowledge Remain

A War For Digital Privacy Is Raging But Gaps In Knowledge Remain

SHARE:

iappTechnology is advancing so rapidly that industries have little time to update their privacy policies to comply with social norms, regulations and legislation, said Trevor Hughes, president and CEO of the International Association for Privacy Professionals (IAPP).

Rapid technological development leads to what Hughes calls a public policy gap, where the leading edge of technology outpaces the ability to understand what emerging tech means from a privacy perspective.

“Privacy is exploding as a risk management concern,” Hughes said. “There is no technology you can buy to solve privacy. You actually need people to manage the issue and make smart decisions throughout the organization.”

The IAPP’s goal is to help its members navigate the dynamic privacy landscape. The nonprofit, non-advocacy organization has 90 employees who help members understand current legislation, and the organization also offers professional certifications. (It has validated 10,000 professionals globally as Certified Information Privacy Professionals – CIPPs.)

In the past two years, the organization’s membership base, which includes policy chiefs and corporate and individual subscribers, has swelled from 13,000 to 23,000 worldwide.

“As we are a nascent profession, just about anyone can claim to be a privacy professional,” Hughes said. “That can make it difficult for employers to gauge the credibility of candidates for privacy positions.”

The other problem plaguing the tech world is that regulators don’t always understand how technology and coding works, said Nuala O’Connor, a member of IAPP and the president and CEO of the Center for Democracy and Technology, an advocacy organization.

“Our role is to bring our engineers and scientists to Capitol Hill and explain technology to policy makers,” she said. “A few years ago people weren’t even asking the right questions and profoundly did not understand what was happening in the tech industry.”

That’s improved to an extent, though she added that lawmakers’ questions now come “from a place of fear.”

The tech industry needs to be wary too, as privacy issues can undermine the best of intentions. The education technology InBloom amassed $100 million in funding to build a student database that educators nationwide could access. The goal was to streamline student records – but the endeavor ended due to security and data privacy concerns.

Elsewhere, in April, AT&T paid a $25 million settlement to the FCC over a consumer data breach that involved the disclosure of names and account information at call centers in Mexico, Colombia and the Philippines. That’s not going to take down AT&T, but the consequences of getting privacy wrong are escalating quickly, said Hughes, and organizations that fail to address privacy properly do so at their peril.

And the problem companies have complying with the law, Hughes added, is that there’s often no law to comply with.

But as industries beyond ad tech rely on data, privacy is becoming a greater policy concern.

“Today, every sector is dependent on data. It’s not just about banner ads and ad serving, it touches connected cars, wearables, mobile devices, retail and social platforms,” said IAPP member Jules Polonetsky, director and co-chair of the Future of Privacy Forum, a think tank that develops policy. “There’s not an area of the economy that isn’t being transformed by the dependence on data, and along with that comes a wide scope of challenges.”

Polonetsky was also Google DoubleClick’s chief privacy officer from 2000 to 2002, and was chief privacy officer and SVP of consumer advocacy for AOL until 2008.

But today, agencies like the Federal Trade Commission and even the White House are embedding tech scientists and privacy professionals on their senior staff. And O’Connor is “cautiously optimistic” that policy makers and industry execs are thinking more about digital privacy.

“There’s a growing understanding that you need to have experts that aren’t just lawyers,” she said. “On one side you’ve got engineers and computer scientists and on the other side you’ve got policy makers. What’s missing in the middle are the anthropologists.”

To that end, the Future of Privacy Forum recently hired a philosopher, Polonetsky said.

Yet one of the fears of the ad tech industry, besides legislation, is overly broad legislation, and many wonder whether future regulation will be blanket data legislation or if it will focus on a specific industry (ad tech or education tech, for example).

According to Hughes, blanket policy reform may be a ways off – at least in the US – but state legislation could move more quickly than at the federal level.

“We will certainly see a new, broad-based regulation emerge in Europe soon,” said Hughes. “In the US, there does not appear to be any major effort to move forward with broad legislation, despite strong support from many corporations, advocates and the FTC.”

He added, however, that targeted legislation such as the CAN SPAM Act, which focused on email marketing, is much more likely.

“While no broad-based legislation is on the horizon, state legislatures have shown clear willingness to bring new public policy ideas to into privacy legislation,” he said. “The ad tech and education tech industries certainly should be closely monitoring such developments.”

O’Connor agreed that, in the short term, targeted legislation focused on specific practices or specific data is likely, particularly concerning data breach legislation or regulation around student or health data.

But, she added, “I don’t think responsible advertisers necessarily need to be adverse to reasonable, principled legislation that creates good standards and prevents bad actors in any industry, as it could provide better consumer confidence and diminish bad acts.”

And the IAPP is working to professionalize the ethos and responsibilities around data.

“What we need to understand in an [Internet of Things] and big data future,” said Hughes, “is that everyone who touches data and makes decisions about data is going to have to understand privacy.”

Must Read

Kickbacks Takes An Outsider’s View While Bringing Ads To AI Agents

Andrew McCalip is a founding engineer at Varda Space Industries, where he oversees the manufacturing of things like hypersonic reentry vehicles and satellite buses.

CTV Buyers Are Getting The Show-Level Performance Optimization They’ve Always Wanted

A collaboration between InterMedia Advertising, Peer39 and Pontiac Intelligence provided show-level cost-per-acquisition data for 94% of CTV ad impressions.

Advertisers Await Programmatic Pause Ads

The IAB Tech Lab is working on standardizing programmatic signals for new streaming TV ad formats, including pause ads. Meanwhile, many brands are eager to add pause ads to their repertoire.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Why Media Mergers And Spin-Offs Don’t Always Keep Their Promises

With media megamergers, acquisitions and spin-offs left and right, the media landscape is changing at a pace that is difficult to keep up with.

TransUnion is partnering with Blockgraph so that advertisers can use its identity data to target, reach and measure TV households across channels.

How This Disaster Relief Nonprofit Tapped First-Party Data To Reach Donors Year-Round

Staying top of mind for potential donors is an ongoing challenge for Direct Relief. Nexxen’s audience curation helped it spread and sustain awareness.

Why Major UK Publishers Are Finally Joining Forces To Curate Ad Inventory

Atria’s collective approach is a response to growing monetization challenges and the need to protect the value of human journalism in the AI era.