Every January 28th is Data Privacy Day, an international effort to raise awareness about individuals’ rights to personal data protection and privacy. In 2021, more and more countries around the world will introduce or develop privacy laws as awareness of, and sensitivity to, the complexities of data collection and use multiplies. In the United States, many look forward to the 117th Congress working with the new administration to pass a comprehensive federal privacy law.
Today, officers in C-suites around the world are joining privacy professionals in understanding a fundamental truth: brands that are working hard to build trust with consumers around data privacy today will generate more value in the future than those that aren’t. To that end, while many privacy teams are leading the effort, 2021 should be the year that business leaders make it the responsibility of everyone in their organizations to understand what personal data is (any information that relates to an identified or identifiable individual) and that it must be protected and secured in accordance with applicable regulation in any jurisdiction.
Across every industry, from appliances to automotives, from health care to education, data has become more important to every aspect of business than ever before. If product and engineering teams haven’t yet embedded privacy-by-design (PbD) principles into their workflows, they should begin. If HR hasn’t trained its people on how to handle employee data and other sensitive information, they need to. If marketing organizations haven’t begun incorporating genuine transparency and choice into their customer experience, they should.
2021 will be a year of massive experimentation, especially as companies look to create market advantages post-pandemic. To develop and maintain consumer trust, as well as minimize risk while moving quickly, it will be critical to inculcate the expectation that every employee’s job description includes the responsibility to protect data privacy. Consumers, too, must be brought along in this effort. As brands and publishers show consumers how data is used to provide the products and services they want, consumers must be able to understand and acknowledge the value exchange in order to effectively fulfill their role in deciding with their dollars who is worthy of their trust.
2021 will also be the year that companies recognize the value of developing and rigorously following strong data governance policies that encompass security and legal requirements, as well as the ethical use of data. To build a foundation that can rapidly support the developing requirements of new privacy laws, it’s crucial to understand and document what personal data a company holds and why, how and from where it was collected, the method through which consumers were given notice prior to collection, how the data is secured, where and for how long it is stored, by whom it can be accessed, how it is used, and where and to whom it can and has been transferred. As a general rule, companies should only collect the minimum data necessary for the purpose for which the consumer was told it would be collected, and retain it for the minimum time necessary to accomplish that purpose.
On this year’s International Data Privacy Day, business leaders find themselves on either a precipice or a pivot. They have the opportunity—indeed, the urgency—to ensure that every employee knows—and every facet of their business shows their customers—that rather than fighting the needs of data privacy, it honors and embraces that data privacy. How better to build a culture that puts privacy first than to commit to it from its leaders down?