07 April 2018

Privacy by Design: Trust-Based Business Integrity...

The truth is, your enterprise is under assault.  The asymmetric warfare tactics that are targeting the firewall and the e-mail Inbox, will continue to be a digital challenge.  Intellectual Property (IP) Lawyers and government regulators are gearing up, for another salvo of mandates to enable "Privacy by Design" and increase consumer protection.

Operational Risk Management (ORM), is the discipline to focus the organization, with proven tools, methods and strategies to assist in the risk mitigation associated with nation states, rogue criminal syndicates and even your own employees.

Achieving digital trust with your company and your customers is a continuous process.  It requires substantial resources and specialized subject matter expertise to remain effective.

Without a purposeful "Privacy by Design" approach within your enterprise and a renewed focus on the pervasive problem-set now clearly before us, our digital infrastructure integrity is destined for failure.
Privacy by Design states that any action a company undertakes that involves processing personal data must be done with data protection and privacy in mind at every step. This includes internal projects, product development, software development, IT systems, and much more. In practice, this means that the IT department, or any department that processes personal data, must ensure that privacy is built in to a system during the whole life cycle of the system or process. Up to now, tagging security or privacy features on at the end of a long production process would be fairly standard. 
By reading this definition of "Privacy by Design", you may assume this problem is the responsibility of the Information Technology department to fix or manage.  Until you ascertain it is not just an Information Technology challenge.

It is an Organizational Culture issue, that persists at the Board of Directors level, either before an incident, or certainly soon thereafter.  The Board of Director's may question the market value of a Fortune Magazine web page, dedicated to updating the public on the developing company crisis:

"Facebook in recent weeks has been plagued by yet another scandal, as the social networking giant struggles to deal with the fallout from the Cambridge Analytica controversy.

On Wednesday, it was revealed that initial figures estimating Facebook exposed the data of 50 million users without direct consent were actually much higher than reported, closer to 87 million instead. And Facebook CEO Mark Zuckerberg is now set to testify in front of Congress next week.

But this isn’t the first time Facebook has been embroiled in controversy. The social media company has been involved in a number of scandals just over the past week alone."

So how do you mitigate and start to remedy an "Organizational Culture" issue like this one?  Before the government decides to try and fix it for you.

You have to start with building proactive data privacy awareness with every employee.  Especially if your revenue model is based upon selling advertising.  What is your organizations revenue model?  Are you aggregating members or users data and offering a free service platform?  Buyer beware.

What is ahead of us, as we approach a digital "dead mans curve"?  Jeffrey Ritter best explains this:
"To shift toward building digital trust, nation-states must acknowledge that sanctions become increasingly difficult to enforce and must, instead, move toward a regulatory scheme that favors, and provides incentives for, stakeholders that commit to trust-based business methods. Already, both in the United States and other nations, companies that can certify their compliance with third party standards are receiving direct benefits from government agencies."
How are you improving the trustworthiness of your organization? With employees, partners and customers. Think about it long and hard during purposeful learning sessions with your Board of Directors.

So what?

What are you doing today to increase the integrity of your TrustDecisions, to enable and perpetuate your foundation for digital business integrity?

As you analyze your current state, pages of words written by lawyers in "Terms of Service" policies are not enough to satisfy your customer.

Have you strategically implemented all that is possible so far, to address your organizational culture with the pursuit of achieving digital trust?

Leadership of any organization, must perpetuate and transfer the morals and ethics of our society, into the trusted digital products and solutions that our enterprises design, distribute and sell to the public.

No comments:

Post a Comment