Privacy takes center stage in security discussions after years of being kept in the background
With the International Association of Privacy Professionals gathering this week to discuss evolving regulatory requirements and rising customer expectations, there’s no better time to talk about privacy.
Privacy is an integral part of the digital transformation wave. As more countries, companies and organizations take advantage of cloud, mobile and data analytics, privacy plays an increasingly important role in critical decision-making, product design and service offerings. Innovators who are emphasizing privacy as an integral part of the product life cycle are on the right track.
As a Chief Privacy Officer (CPO) myself, I’m very excited about the momentum regarding data privacy with international governments and regulatory agencies. They are now poised to build on important work that has been done by private sector companies. A great example of this trend comes from the U.S. federal government’s recent move to greater data privacy management with the presidential Executive Order signing that is shaking up the federal government in the best way possible. The U.S. Executive Order comes on the heels of the EU-U.S. Privacy Shield agreement negotiated by EU and U.S. officials earlier this year that recognizes the importance of cross-Atlantic data flows to ongoing economic development.
I was heartened to see that in speaking about the Executive Order’s directive regarding “identifying and sharing lessons learned and best practices,” the Office of Management and Budget’s new privacy lead, Marc Groman, highlighted the importance of dialogue between public and private sectors. With that in mind, I look forward to working with the agency CPO and their new Council. We at Cisco have also made this transition and have always been committed to delivering high-grade engineering and holding ourselves to extremely high requirements for quality around security around the world.
Here’s an excerpt of what the U.S. President had to say:
Protecting privacy in the collection and handling of this information is fundamental to the successful accomplishment of the government’s mission. The proper functioning of government requires the public’s trust, and to maintain that trust the government must strive to uphold the highest standards for collecting, maintaining and using personal data. Privacy has been at the heart of our democracy from its inception, and we need it now more than ever.
The focus on privacy is gaining momentum across the globe with government and regulatory agencies in Europe for example taking bold steps to ensure that citizen data is protected and safeguarded wherever it is stored. The EU is currently in the process of a comprehensive update of its data protection rules, known as the General Data Protection Regulations (GDPR). As CPOs work for us at various governmental levels it’s critical, now more so than ever, that they understand the technology, that this isn’t just a bureaucratic form-filling exercise but that they truly understand the elements of privacy engineering.
The EU-U.S. Privacy Shield agreement acknowledges that privacy and information about consumers and employees are elements worthy of protection and that citizens are entitled to fully and securely benefit from the digital economy. In this context, the notion of privacy is the right to control your information’s destiny. The feeling of security empowers personal and professional growth.
Personally, I want these people to be creative, transparent and collaborative. I want them to help set the requirements for the cybersecurity refresh that is now underway. I want them to be privacy engineers who deeply understand the context of how the government designs, builds, contracts for and maintains the systems that process and store all the information we need to share with the government in the course of our interactions with it.
If you’re interested in reading further, I wrote recently about data privacy’s critical partner: data security. You can read that blog post here.