The government had barely reopened its doors last week before an FTC commissioner returned to the issue of privacy. This time it was Maureen Ohlhausen addressing the U.S. Chamber of Commerce about privacy and the “Internet of Things.” She mentioned a case the FTC prosecuted against a social networking company called Path that collected information from consumers’ mobile device address books without consent.
“This has obvious implications for other Internet-connected devices that collect personal information about users, and prudence suggests that such technologies should include some way to notify users and obtain their permission,” Ohlhausen noted.
Web-linked sensors are being applied to everything from refrigerators to cars to medical devices to security cameras. Internet connection will be ubiquitous, and so will intensified concerns about privacy.
This week Gartner analyst Carsten Casper released a report on “Privacy by Design.” It’s a concept that has had more relevance among IT executives and security professionals to date, but it’s one that marketers ought to get familiar with. With privacy regulation a moving target, and donning different camouflage in different parts of the world, the only way to deal with the issue logically is to design products, services, and processes to anticipate it. Soon it may legally be the only way to deal with it. Casper notes that it is an emerging principle behind privacy legislation in many countries.
“Put privacy in from the very beginning. Companies bring products or services to market and then address privacy when they must. An outrage occurs and then they start tweaking. But it’s cheaper to build it in from the beginning,” Casper says. “They’ve used this process in security for many years, but I haven’t seen it yet in consumer privacy.”
The first thing companies unfamiliar with the concept should do, according to Casper, is designate a champion. Some companies have chief privacy officers, but all that’s needed at the outset, he says, is someone with a strong privacy interest and knowledge base—preferably in legal issues—who’s willing to work with disparate functions to weave privacy into a company’s fabric. Aside from business units, departments that must be involved include HR, procurement, legal, and IT.
Casper counsels marketers to pay special attention to one of Privacy by Design’s best practices: Sensitive data is never held in a cache. “First and foremost, step away from collecting everything and turn to a more purpose-driven collection of personal data,” he says. “Don’t collect data and say, ‘We’ll figure out what we’ll do with it later.'”
Casper warns global marketers that there is more interest in this topic abroad, especially in Europe. On the home front, marketers have some time to take stock before imbuing their cultures with privacy.
“The success of the Internet has in large part been driven by the freedom to experiment with different business models, the best of which have survived and thrived, even in the face of initial unfamiliarity and unease about the impact on consumers,” Ohlhausen told the Chamber of Commerce. “It is thus vital that government officials, like myself, approach new technologies with a dose of regulatory humility and… if harms do arise, consider whether existing laws and regulations are sufficient to address them, before assuming that new rules are required.”