Ann Cavoukian is executive director of the Global Privacy and Security by Design Centre and the former three-term information and privacy commissioner of Ontario. Darren Entwistle is president and CEO of Telus Corp.
In our digital world, privacy has become a significant concern for Canadian consumers, businesses and governments. New and emerging technologies are shaping the way we create, store and share electronic information, which in turn is presenting challenges regarding the manner in which our personal data are being used and managed. It is critical to address both the privacy rights of citizens, along with data utility for businesses – namely the ability of businesses to leverage the data collected – when determining the best way forward.
As news of data breaches and questionable information-handling practices appear in the media all too frequently, consumers are increasingly skeptical about relying on corporations to act in their best interests when it comes to safeguarding their privacy. By way of example, 2019 saw several large breaches affecting millions of Canadians.
Consequently, those organizations that prioritize the privacy of their customers gain a corresponding competitive advantage; by actively protecting the integrity of customer data and supporting consumer privacy, companies not only realize meaningful economic benefits, but also build greater trust and create deeper customer connections.
Perhaps the most effective way to earn a reputation as a trustworthy steward of customer data is to embed the seven foundational principles of Privacy by Design (PbD) into a business. PbD states that relying on an after-the-fact regulatory framework that simply enforces privacy protection after a data breach or privacy infraction has taken place is too little, too late. It establishes a pro-active model of prevention, tasking businesses with enshrining pro-active privacy measures as their default organizational protocol by building them into their policies, procedures, design processes and products. This is achieved by adhering to the foundational principles that make up PbD, all of which are intended to promote a “cradle-to-grave” life-cycle management of information.
One key principle…