Privacy pros and guest authors Rita Heimes and J. Trevor Hughes truly understand how information privacy practices can promote trust, and the fiduciary duty that enterprises collecting and using data have to their customers to use their data ethically and to the customers’ benefit. With Heimes as GC and DPO, and Hughes as CEO and President of the International Association of Privacy Professionals (IAPP), Heimes and Hughes tirelessly work to understand, support, and enhance the privacy profession. We’re thrilled to offer their invaluable insight into just how valuable privacy as a job skill is becoming.
For more than three decades, information privacy has been driven by core principles such as data minimization, informed consent, user control, information security, accountability, and the like. These principles form the foundation of the EU’s General Data Protection Regulation and many of the proposed new privacy laws in the U.S., including California’s recently-enacted California Consumer Privacy Act.
But the uses of personal data can be as valuable to consumers as they are to enterprises, and many beneficial uses are not discovered until after data collection. Data sharing among multiple enterprises is commonplace for such socially valuable services as connected homes, automated transportation, cybersecurity, and fraud detection. As such, classic privacy paradigms of transparency and consumer consent are increasingly ineffective. So, too, are the notions that personal data can be meaningfully regulated (or not) according to the business sector that collects it.
The next generation of thought leadership around information privacy practices, therefore, is promoting trust as the foundational principle. Enterprises collecting and using data have a fiduciary duty to their customers to use their data ethically and to the customers’ benefit. With brand and reputation on the line, many businesses are finding that data management is no longer merely breach avoidance; it’s about having every aspect of the organization understand, think deeply about, and operationalize trustworthy data handling practices from acquisition to deletion.
Businesses today must approach privacy at every level of the organization. They must have information privacy leadership; enterprise-wide training; and a ready workforce bringing privacy knowledge and awareness to the job. To meet this challenge, academic institutions must build privacy education into the undergraduate and graduate programs of engineering, information security, and computer science, as well as the humanities.
In sum, today’s businesses need every employee to understand not only the value of data but how to be trustworthy in its use.
About Rita Heimes
Rita Heimes is Research Director at the International Association of Privacy Professionals, where she also serves as the in-house Data Protection Officer. Rita is an attorney and academic with many years of experience in the fields of privacy, information security and intellectual property law. In her role as Research Director at the IAPP, Rita helps to promote the privacy profession through empirical and qualitative research on privacy functions globally as well as through outreach to academic institutions developing the next generation of privacy and security professionals. As the DPO, Rita facilitates and oversees the IAPP’s data protection policies and practices.
Prior to joining the IAPP as General Counsel, Research Director and Data Protection Officer, Rita was a law professor and academic dean at the University of Maine School of Law, where she directed the Center for Law + Innovation and developed the nation’s first Privacy Pathways program and one of the first intellectual property clinics. She also spent many years in private practice with law firms in Seattle, Boulder and Portland (Maine). Rita remains an active scholar, and still coordinates and teaches in the Information Privacy Summer Institute at Maine Law.
To learn more about Rita visit: https://bit.ly/2GTxqgV
About and J. Trevor Hughes
As President and CEO of the International Association of Privacy Professionals (IAPP), J. Trevor Hughes leads the world’s largest association of privacy professionals, which promotes, defines and supports the privacy profession globally.
Trevor is widely recognized as a leading privacy expert, appearing at SXSW, RSA and other privacy and technology events. He has contributed to media outlets such as the New York Times, TechCrunch and WIRED and has provided testimony on issues of privacy, surveillance and privacy-sensitive technologies before the U.S. Congress, the U.S. Federal Trade Commission, British Parliament and more.
A native of Canada, Trevor previously served as the executive director of the Network Advertising Initiative and the Email Sender and Provider Coalition. He received his undergraduate degree from the University of Massachusetts, Amherst and his Juris Doctor from the University Of Maine School Of Law, where he is also an adjunct professor and member of the Law Foundation Board.
To learn more about Trevor visit: https://bit.ly/2tzgq7U