A little over a week ago, Cisco and the Centre for Information Policy Leadership (CIPL) had the privilege of hosting EU Commissioner for Justice Didier Reynders and data protection leaders from government and business across Europe for a discussion on how privacy is a winning proposition for businesses and consumers. The event, held in Brussels, Belgium, focused on Cisco’s recently-published Data Privacy Benchmark Study and its findings around the business value of privacy, including:

  • Privacy is showing to be a good investment for businesses, with a ROI of every dollar spent on privacy generating $2.70 in associated benefits such as agility and innovation, operational efficiency, mitigation of breach losses and investor appeal.
  • As privacy programs mature across industry, the percentage of companies gaining significant benefits is increasing. And the better companies score on accountability the more gains they receive.

The benefits are at least in part driven by consumer behavior and regulatory ‘guardrails’. From our companion Consumer Privacy Study we heard that one in four EU citizens are Privacy Actives – they don’t just say that they care about data protection, they have switched providers when they don’t live up to their privacy expectations. And privacy regulation is popular – 44% of European citizens had a positive take on GDPR versus just 7% with a negative opinion.

As the EU works towards Shaping Europe’s Digital Future, respect for fundamental rights such as privacy will remain at the core of the digital transformation.

Commissioner Reynders made this clear during his keynote, remarking that “data protection is an essential component of the human-centric approach to the digital era.” He highlighted privacy as a unifying global trend in an era increasingly marked by unilateralism. “From Chile to South Korea, from Brazil to Japan, from Kenya to India, from Tunisia to Indonesia…this trend towards global convergence is a positive development that brings new opportunities to increase the protection of Europeans, while their data moves around.”

Chairman of the Belgian Data Protection Authority David Stevens, expanded on privacy’s importance in digital transformation during his talk at the event. He noted that there is no “…big confrontation between privacy and innovation – they can go hand in hand.” Chairman Stevens’ comments validate a finding from our own Privacy Benchmark Study: 71 percent of businesses find privacy investments enable agility and innovation.

This result resonates very well with what Commissioner Reynders is hearing from the businesses: “GDPR has been an opportunity for companies to put their data house in order, by taking a closer look at what data they are collecting, how they use and share it. […] Many companies consider privacy as a competitive differentiator or even event advantage in their markets.”

He also reminded us that “…without consumer trust in the way that data is held, there cannot be a sustainable growth of our increasingly data-driven economy”.

It’s clear therefore that we cannot rest on our laurels.  Especially when we see that despite the progress made 45% of individuals still do not feel that they can effectively protect their data today.  CIPL President Bojana Bellamy made a simple and powerful point: “We will not have a fourth industrial revolution [if] people [don’t] have the necessary trust.” She called on companies to drive accountability measures into their businesses as “the time has come when everyone is expecting organizations to do more”. Ultimately, getting data protection right is a shared responsibility – Stevens referred to what he calls the “golden triangle…of governments, companies, and individuals” to lead the way.

Reflecting on the event and the strategy that the European Commission recently laid out, it is clear that privacy will play a huge part in a goal Commissioner Reynders stated he shares with Chancellor Merkel: “Europe can become a rule-maker instead of a rule-taker, when it comes to the digital economy”.


Lorena Marciano

Director for Data Privacy, EMEAR

Security & Trust Office