Shouldering Responsibility for Data Privacy
Looking into information privacy -- the trends, technology, regulations, and impact on end users and for enterprise IT
As enterprises work to deliver better experiences for customers and make employees ever more mobile and collaborative, they're at the same time facilitating the creation of mountains of data, much of it personal in nature. Data privacy must be part of all conversations around next-generation enterprise communications and mobility.
The reason privacy has become such a priority is the sheer volume of data being collected. According to eMarketer, the average time adults spent online from 2010 to 2014 increased 75%. Even hour for hour, faster Internet speeds means access to more locations and makes online activity more convenient. On the back end, inexpensive large volume storage makes data collection almost a byproduct of work, recreational, and entertainment activities, unlike the days when IT had to dump server logs constantly to avoid storage issues.
By far the largest increase of online activity is driven by smartphones and tablets, which have outgrown their original mission. They used to be a subset of what could be done with a personal computer, a la the original BlackBerry devices. You would get your enterprise email and calendar, and read (but not efficiently edit) attachments. The BlackBerry's QWERTY keyboard was similar to a desktop keyboard.
The iPhone's capacitive touchscreen changed that model. The most practical benefit originally may have been to make more display room on a small screen, but by adding a touch sensor it created a brand new element. Now, almost every new mobile phone can listen to you; recognize your face and your fingerprint; and know where you are, how fast you're driving, and that it is being shaken or tilted -- and so on. Today's smartphones and tablets consequently add new elements to data collection.
Combining the capabilities of the sensors listed in the table below enables additional sensor capability in software, such as gesture, fingerprint, heart rate, and text recognition. Just as humans perceive activity or conditions in context by using more than one sensor, the same capability exists in mobile technology. Rob Gilmore, vice president of engineering at Qualcomm, gave a great example of this at the Society of Communications Technology Consultants (SCTC) conference last October in his keynote, "The Future of Mobile Technology." A device can use the accelerometer to determine it is moving quickly and a light sensor to determine that it is in pitch darkness. It could then decide that it is probably in a luggage container. The device could power down or turn off airline-restricted radios, for example.
The amount of data generated and analyzed by mobile infrastructure is "staggering," Gilmore said. "If all the sensors could be accessed from a common database, you could derive an enormous amount of information. ... there is a great need for privacy and security."
Mobile devices and this contextual capability are not limited to telephones and tablets. Examples exist in retail, energy, healthcare, personal health monitoring, consumer electronics, entertainment, and automotive. The Internet of Things (IoT) will rely on contextual awareness with other smart devices and even less smart devices equipped with RFID tags. The collection of data has become inevitable, and the tech industry focus has shifted to figuring out how to use the stockpile.
Some great things can be accomplished with big-data analytics and ubiquitous online access. In 2011, for example, Britain's Department of Health estimated that remote patient monitoring could result in a 45% reduction in the mortality rate (I assume not permanently). Facial recognition helps in criminal investigations. Retailers can deliver sales promotions customized to an individual's interests. The television could actually "know" that I am still employed and just home for a day off, and not show me endless workers' compensation and job training commercials!
On the other hand, if growth in data is organic and truly neutral, it is just as likely that not all uses of data will have the interests of the consumer/end user in mind. What if a company analyzes an individual's bill payment data and bombards him with predatory loan offers?
A company also could potentially withhold information, not because you've specified you don't want to see it, but because the company doesn't want to show it to you. For example, what if a health insurance company were to give customers a free fitness bracelet and health app subscription, and then use the data to avoid marketing information on products and renewals if the customer is measured as a high risk?
Finally, sheer carelessness with consumer data could create access into an individual's personal data in an unprecedented way simply due to the detail of data collected.
Continue to the next page to read about privacy law and public policy