Identity Review | Global Tech Think Tank
Keep up with the digital identity landscape.
Each year on January 28, privacy aficionados and data experts enjoy a day dedicated to promoting the widespread importance of data protection and privacy, titled Data Privacy Day. Currently observed in the United States, Canada, Israel and 47 other European countries, this international celebration encourages practices and policies to respect one of humanity’s most fundamental rights.
But how should we think about the so-called concept of privacy? What are the driving forces behind data as we know it? Identity Review set out to chat with key thought leaders to uncover the importance of privacy from some of the movers and shakers behind rapid digital transformation.
For some business brands, the concept of privacy is a promise that needs to be enforced. Cloudentity CEO Jasen Meece notes that it’s a commitment that intersects consumer rights, policy enforcement and company compliance.
“When it comes to managing consumer identity, policy enforcement at the API level is a key leg of the identity management stool, dictating how the app handles user data, managing identity governance and authorizing who has access to private data,” said Meece. “Companies need to ensure that they request customer consent to access or use their private information required to deliver the services. Every user consent action and the contextual information needed to establish some form of identity needs to be captured to prove compliance with legislation and to respect the data privacy of their customers.”
Moreover, as the tech sector continues to evolve, the need for transparency should be embedded into all actions and consumers should be notified of the changes. Onfido’s General Counsel Amy Wallace notes it’s not just enough to do just the bare minimum and follow the law, but to go above and beyond to uphold truth.
“They need to be fully informed, and in control, and this will go a long way in building trust,” states Wallace. “This can include robust privacy notices, building in privacy reminders throughout their client integration documentation, and introducing technical methods for their clients to control data usage on an individual basis.”
Government figures across the world are also working to institute policies that serve to protect and hold enterprises accountable. In recent developments, California passed the Privacy Rights and Enforcement Act of 2020, and on the federal level, the latest Improving Digital Identity Act has been introduced. Abroad, digital transformation and protection has been virtually ingrained into society, especially in countries like Estonia, where government services and identification are all online.
“Privacy means being able to sleep peacefully at night and having full awareness of how my data has been stored, who has access to it on which conditions,” says e-Estonia Digital Transformation Adviser Annett Numa. “Data privacy has become a more actual topic for each human being. People care more about their own personal data and are becoming more concerned about manipulation with it.”
But with these laws in place, companies are forced to adapt, not just for legal purposes, but for transparency and social responsibility.
“As consumer privacy laws emerge, enterprises would be wise to adopt digital identity verification solutions that offer data security, transparency and retention policies to prepare for these new regulations,” notes Robert Prigge, CEO of Jumio. “With expanded consumer data rights come expanded enterprise responsibilities, and organizations must retain consumer trust to protect both their business and their consumers.”
This is not without mentioning the digital transformation efforts that have arised due to the COVID-19 pandemic. With contact tracing and biometric technologies being utilized to help track exposures and infections, privacy experts have debated on how to navigate public health while preserving privacy for all.
“COVID-19 and the subsequent vaccination initiatives raise new questions about the intersection of societal health and individual privacy,” said Mike Kiser, Senior Identity Strategist at Sailpoint. “COVID-19 contact-tracing applications present challenges for privacy; a trade-off is being made that exchanges some individual data to protect the population at large. A similar choice exists as vaccination becomes more widespread: How do you prove that you’ve been vaccinated without revealing more identity data than necessary?”
But with both business and governmental figures understanding the increasing importance of privacy and data ownership, how are consumers responding? According to Richard Bird, Chief Customer Information Officer at Ping Identity, these digital citizens are becoming much more aware of the ramifications and are using these concerns to hold notable tech brands accountable: “The biggest trend I’m seeing is that consumers and citizens are finally realizing the extent to which their trust and their data have been abused. We’ve reached the inevitable collision point in privacy; big tech versus human beings. What is interesting is that several big name companies are now realizing that trust, security and privacy are competitive differentiators.”
However, consumer convenience and curation has created a balancing act for choosing to uphold privacy standards, especially among Gen-Z consumers. But Mitek CTO Stephen Ritter believes that there is still hope in making privacy a priority.
“There is a constant push and pull between consumer convenience and data privacy; and convenience will continue to be the dominant force,” states Ritter. “However, I believe consumers will become more sophisticated in their evaluation of the convenience provided by a given solution versus the risk of providing personal information to obtain and use that solution.”
At the end of the day, data privacy falls on the individuals, the consumers who invest their time and well-being into the products and systems that rely on their data. In fact, Credential Master CEO Timothy Ruff believes that data privacy is patriotic and a sign of American values: “I think liberty and freedom are directly proportional to privacy, so privacy is profoundly important to a free society. My late father, Howard Ruff, made a very public career out of touting the principles of liberty and freedom and how they affect our economy and politics. He taught these principles to millions through his books, newsletter, and even TV show, and he taught them to his family too, so my love of privacy runs deep.”
Even for identity executives who have dedicated their lives toward promoting data privacy and protection, the notion of privacy has continuously evolved over many technological generations, so much so that it’s exposure in the media has changed public opinion. For over 20 years, Drummond Reed, Chief Trust Officer at Evernym, has focused his work on digital privacy and has since seen a drastic shift in what the industry is moving toward.
“We are finally developing deep, infrastructure-layer solutions for building Privacy by Design into the trust fabric of the internet itself. It’s a movement to decentralized digital trust infrastructure based on verifiable digital credentials stored in our own digital wallets, and it has enormous potential to not just restore privacy but to unleash new ways for digital technologies to help us solve very real and pressing problems, including reopening our economies after this devastating pandemic.”
ABOUT THE WRITER
Kevin Lu is a press and content strategist at Identity Review, where he writes about the intersection between media, tech ethics and social innovation. His work focuses on the data economy and its potential for creating social change in our world.
Contact Kevin Lu at kevin@identityreview.com.
Do you have information to share with Identity Review? Email us at press@identityreview.com.