Data Ethics

How LiveRamp Operationalizes Data Privacy by Design

April 20, 2020  |   Lisa Rapp

Protecting privacy isn’t just important for the success of LiveRamp’s business—it’s vital to ensure the survival of our entire industry. Few issues arouse as much suspicion and apprehension among the general public and privacy activists as personal data and what businesses do with it. 

LiveRamp believes that trust is the foundation of all relationships. To build trust with those we serve, LiveRamp is committed to ensuring personal data use is ethical and appropriate, not only within the confines of the law, but with foresight that goes beyond compliance with legal or regulatory guidelines. Data ethics isn’t something we do. It’s part of who we are. 

 The practice of privacy by design is the necessary process of embedding good privacy practices into the design specifications of technologies, business practices, and infrastructures—and taking human values into account at all times. Privacy by design means developing, embedding, and practicing data ethics across the company. It means building and maintaining a privacy culture that processes and takes the appropriate technical and organizational measures to protect personal data every step of the way. It means always keeping the interest of the data subjects in mind through strong privacy defaults, disclosures, and protections, and empowering them with user-friendly options. 

Privacy by design was popularized by the General Data Protection Regulation (GDPR). At LiveRamp, we work hard to enable marketers to harness the power of data while maintaining consumer privacy. LiveRamp enacts privacy and security protection of the highest standard and we advise our clients to do the same. Privacy by design is the thoughtful, constant, and strategic application of privacy principles into everything that we do at LiveRamp, including each business objective and function, phase of development and design, and partnerships. It takes into account the direct impact our privacy decisions have on individuals. 

Embedding privacy protocols and making use of privacy-enhancing technologies (PET) should be the default setting for every player in this industry, but operationalizing privacy is exceptionally challenging, especially at the speed of tech and the rapid growth of machine learning and artificial intelligence.   

The National Institute of Standards and Technology (NIST) privacy framework assists organizations in their efforts to optimize beneficial uses of data and the development of innovative systems, products, and services while minimizing adverse consequences for individuals. Guided by this framework we’ve developed the following stages, listing out the five functions of data privacy applied throughout the entire data management lifecycle. 

Stage 1: Identify

Develop the organizational understanding to manage privacy risk for individuals arising from data processing and confirm that what we want to do is fair by managing privacy risk for individuals arising from data processing or their interactions with systems, products, or services.

Stage 2: Govern

Develop and implement the organizational governance structure to enable an ongoing understanding of the organization’s risk management priorities that are informed by privacy risk and assess that what we do from a technology standpoint is ethical by identifying gaps, developing action plans for improvement, and determining which resources are necessary to achieve ethical privacy outcomes.

Stage 3: Control

Develop and implement appropriate activities to enable organizations or individuals to manage data with sufficient granularity to manage privacy risks. Control what can and can’t be done in the name of fairness by developing and implementing appropriate activities to enable granular data oversight to manage privacy risks.

Stage 4: Communicate

Develop and implement appropriate activities to enable organizations and individuals to have a reliable understanding and engage in a dialogue about how data is processed and the associated privacy risks. Inform consumers and customers that what we do is fair by developing and implementing appropriate activities, ensuring that they understand how their data is processed.

Stage 5: Protect

Develop and implement appropriate data processing safeguards and protect our constituents.

 The processing of personal data should be designed to serve mankind. By carefully following each of the above steps, ensuring that every use of data is evaluated and ethical, and by always striving to earn and retain our customers’ trust, LiveRamp will continue to design and build products and solutions without sacrificing personal privacy. It’s by design.