Why does Data Privacy Matter?

January 28, 2022

History is filled with events where individuals were mistreated or unfairly targeted due to an identifying characteristic. As a result, individuals are naturally hesitant to share their personal or sensitive information that may include some of these characteristics. Who would be comfortable sharing their internet browsing history with a stranger? Strong privacy practices can help individuals overcome this hesitancy. However, this approach needs to be focused on building trust.

 

When organizations seek to maintain the privacy of personal or sensitive information collected, processed, shared, etc., organizations often focus on regulatory requirements instituted across their operational footprint. However, data privacy best grows organically when the focus is on the building of trust with individuals. Optiv views trust as a byproduct of investing in respectful relationships (e.g., consumers, employees, third parties) and offering a positive experience (e.g., maintaining appropriate practices). In order to develop trust, Optiv helps its clients develop a strategy and approach to ultimately offer individuals transparency, choice, and control regarding data practices.

 

 

Transparency

Individuals are constantly sharing their personal information with other entities (e.g., organizations, employers, governments) and the rate of sharing is only increasing. With this sharing, individuals naturally wonder, how is my data being used and who is it being shared with? In addition, organizations often undergo a digital transformation where they are pressured to further extract value from data retained or processed and potentially engage in practices that may violate individuals’ privacy. Given these two competing factors, it is more imperative than ever to maintain transparency regarding data collection, processing, and sharing activities. Without transparency, organizations run the risk of alienating individuals once they become more aware (e.g., negative press, regulatory investigation, data breach) of some activities relating to their personal information. To help mitigate these risks, organizations may offer individuals choices as it relates to how their data is processed.

 

 

Choice

While organizations often provide individuals with some options related to the processing of their personal information for marketing purposes, new regulations and raised expectations require additional granularity as it relates to offering individuals some autonomy over the processing of their data. These additional choices, such as opting out of sharing data with third parties or opting out of advanced advertising practices (e.g., use of geolocation of behavioral indicators), not only address regulatory requirements, but also allow individuals to feel valued and respected while they maintain control of their data.

 

 

Control

In addition to offering choices, organizations offer consumers control by providing a tailored experience where individuals can adjust their data preferences. As individuals’ attitudes and viewpoints change, they should maintain the ability to decide which types of activity are tied to an account, purge personal information when possible, and enable or disable settings that align with their personal preferences or level of comfort. As privacy is no longer a static status, individuals should have the ongoing ability to offer feedback regarding data practices, experiences, or decisions made through the processing of their data. While some targeted advertisements may appeal initially, individuals should have some control over the delivery and profiling of these advertisements. When individuals have control of their data, they feel empowered and safe when sharing information that may be personal or sensitive.

 

 

Summary

Ultimately, data privacy is foundational in defining relationships of trust between organizations and their consumers, employees, and third parties. When that trust is rooted through transparency, choice and control, individuals ultimately feel free of judgement, autonomous, and safe.

 

As a result of helping individuals feel valued, organizations capitalize when focusing on privacy. A study performed by Cisco in 2020 found that on average, for each dollar an organization invested in privacy, it found a 2.7X return on investment. At Optiv, we are not surprised by this fact as we have observed when organizations build trust with individuals and respect their right to privacy, individuals ultimately feel more empowered to continue a business relationship. Optiv’s Data Governance, Privacy, and Protection practice seeks to accomplish these objectives when advising organizations as they build or enhance their data privacy program and align data practices with business opportunities.

Jordan McClintick
Practice Director, Privacy & Data Governance | Optiv
Jordan leads Optiv's Data Governance, Privacy and Protection Advisory practice. He leverages his experience in building sustainable, enterprise-wide, data governance and privacy programs. Experience also includes strategy, regulatory readiness, assessments, and program monitoring services. Jordan specializes in assisting organizations as they align their compliance obligations with strategic business objectives to position compliance as a business enabler. Qualifications include: Juris Doctorate and OneTrust Certified Privacy Professional.

Optiv Security: Secure greatness.®

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.