Data is to our age as steam was to the industrial revolution, just rather more intimate as, in extremis, your data reveals you and your life. It needs to be kept secure and it needs to be kept private – few of us would be happy with a world where all our records were available.
But what is privacy? Philosophically, politically, practically and – with the huge EU legislation GDPR on the horizon, regulatory (breaches of which can cost a firm 2-4% of the global revenue of the ultimate parent company). How can “tech” play a part in this? Can it make squaring all these circles feasible? Can one design data privacy into systems rather than just “ice the cake”?
On this show Jason du Preez CEO of Data Privacy firm Privitar whose focus is “Privacy Engineering” across multiple verticals (FS, Pharma, Telecoms et al) joins us to pull together all the threads that make up the tapestry.
If you are anything like me then occasionally you can get impassioned by data privacy and the rest of the time not worry about it.
What is a more nuanced position other than this digital (ha!) choice? What is privacy? Is it absolute, is it relative? How do all these topics relate to the practical day to day roles of firms and how does this relate to the must-do regulation?
We dive into this, topics discussed include:
- doing all the things in life at the same time
- Jason’s journey from the University of Cape Town to founding a software company in the UK, selling it seven years later to Thomson-Reuters and now managing a further startup and managing its growth
- “London is a fantastic place for innovation”
- “data represents an enormous amount of power”
- an enormous imbalance has been created between the tech companies holding that data and the folks whose data it is
- how Jason got into the realm of data
- what is data?
- what is privacy?
- hard to narrow down but one can take “the state of being unobserved”
- the explosion of data about you – Big Data is really data about people
- data, information, knowledge, wisdom
- there has been plenty of academic theory about data and privacy but its only with the real explosion (think all the geolocated trails collected by apps on your phone for example) that this has been tested and applied in the real world
- the privacy of dialogue offline or online; the inhibitory effect of surveillance of online activity
- how this relates to trust and fundamental parts of how human beings interact
- relating the field of security and field of privacy
- the theory of holding information and differentiating between private and available data
- “anonymisation” not just as a binary thing (“no identifying data”) but the ability to impute identity from simply-anonymised data
- profiling individuals from data
- differential layers of privacy – you share more with online connections (“friends”) than non-connections eg
- controlled releases of information – “we are not talking about absolute privacy here”
- the GDPR – General Data Protection Regulation
- huge fines, extra-territoriality (eg ~9,000 US firms affected, affects any firm doing business in Europe) – “regulatory imperialism”
- away from the headlines the spirit of the GDPR is to protect the citizen but also trying to create a space for data innovation
- the whole point is to create trust (which fulfills both the main aims above)
- whose data is it
- human’s implicit hyperbolic discount functions (we aren’t that motivated by the far future) and data privacy
- the internet as heavily customised to you already
- how well a firm needs to share data (eg under PSD2); gaming the system
- Privitar’s business is at the intersection of data, cyber-security and regulation
- their Privacy Engineering products are useful across all verticals
- comparison with the growth of AI and in particular use of academic techniques in the commercial world
- “take a risk-based approach”
And much much more 🙂
Share and enjoy!