The new European privacy rules becoming effective in May 2018 will have far-reaching consequences for businesses, organizations and authorities who collect and process privacy sensitive client data. According to TNO, however, having to comply with new rules also offers great opportunities for innovation and for developing new services on that basis. TNO’s privacy principles, RESPECT4U, are a practical tool to do just that.
RESPECT4U is aimed at companies and organizations who store and process their customers’ data on which to base their services. These include both public sector bodies and private businesses, such as telecom and power companies, banks, web shops and hospitals. RESPECT4U’s privacy principles deal with all aspects of using interconnected personal data responsibly and includes privacy by design, security, the role and rights of those involved, the implementation in the organization, the costs and benefits and the necessity of transparency. Read more about RESPECT4U.
The General Data Protection Regulation (GDPR) will come into effect in all EU member states on 25 May 2018 with non-compliance resulting in hefty fines. The GDPR has thus forced all organizations who process personal data to make thorough preparations. It requires more than simply ensuring that the legalities of data processing are in order. Technical, organizational, legal and customer-oriented aspects must be tackled in together. As a consequence, the GDPR provides organizations with the unique opportunity to think about how they want privacy to work for them, according to TNO’s privacy expert, Marc van Lieshout. “RESPECT4U shows that the Regulation is not a burden, but that it is actually an opportunity to innovate. It helps businesses to think about new data services and to obtain a competitive advantage.”
At the cutting-edge
New encryption technology facilitates innovation in handling client data, while respecting privacy legislation. These forms of encryption are based on complex mathematical formulas and encrypt data in a revolutionary way. It requires far fewer data to be exchanged in the check for accuracy. TNO is at the cutting-edge in developing this technology and has expressed the wish to try it out in new applications in collaboration with various stakeholders.
“New encryption technologies offer organizations the opportunity to organize their data processes differently, or rather, innovatively, and in doing so to better guarantee the privacy of the client or patient. It’s actually a matter of re-examining the trust relationship with the client. An enhanced technical and organizational structure of data will make a convincing argument both to the client and to the market.”
The trust of consumers and the public in the way in which organisations handle their personal information has come under pressure by the large number of hacks and data breaches. “Consumers and the public in general are wondering whether their personal information in safe hands and whether it is not being misused. Those are legitimate concerns. Organizations have something to gain if they inform their customers properly and are transparent about what they do with the information.”
Marc van Lieshout therefore emphasises the importance of looking at the issue of privacy from the perspective of both the system and the customer’s interests. TNO is currently examining whether a privacy dashboard can provide consumers and the general public with sufficient understanding of the way their data is processed. With respect to organizations, TNO is developing models that clearly set out which benefits can be realized, besides the costs of privacy investments.
For example, benefits might be obtained by better-organized data processes which reduce the chance of a data breach. “Innovation while respecting privacy can indeed be profitable. If organized well, it can mean achieving a head start on the competition.”
Does this approach appeal to you and would you like to learn more about innovating with privacy?
Please contact Jean-Louis Roso.