As this is my first entry on what will be a regular “Think Privacy” blog, it is only appropriate that with the changing of seasons and the holidays forthcoming that it is a good time to remember one of the foundational principles of responsible information management—the importance of baking data privacy into every aspect of your business plan. As you plan for pumpkin pies, cupcakes, and possibly even a fruitcake, do not forget the importance of considering data privacy and security at every stage of your business planning cycle.
This is hardly a new concept, as making sure protecting personally identifiable information is included in company policies, procedures, contracts and employee training is pretty much “Privacy 101”. However, the landscape is ever-changing as evidenced in this year’s Federal Trade Commission enforcement action against Google and its social network application, Buzz. This settlement not only was the first to enforce for U.S.-European Union Safe Harbor Framework violations, but more substantially it was the first to mandate a company implement a comprehensive information privacy program (previously the focus was on security programs) and the first application of the FTC’s “privacy by design” philosophy described in its 2010 Privacy Report.
The FTC’s “privacy by design” approach calls on companies to build privacy protections into all aspects of their business, including research and development efforts with new products and services. Such protections include, but are not limited to:
- Privacy reviews for new products and services
- Implementation of procedures to enforce policy-based privacy practices
- Reasonable safeguards for consumer personally identifiable information
- Ensuring consumer choice as to how their information is used
- Accountability for privacy within the organization (someone has to “own it”)
So, as your thoughts turn to costumes, raking leaves, and getting that holiday shopping and guest list together, take a moment to consider how your company and products are using your customers’ personally identifiable information. Are you baking privacy in? Leaving it out of your recipe could spoil more than your holiday cheer.
- Scot Ganow