How the Push to Make Data Privacy a Human Right Will Impact Businesses

This article series is underwritten by Symantec and went through our normal editorial review process. 

The international nonprofit Access Now calls privacy a “cornerstone of human rights in the digital age.” In fact, more and more technologists, advocacy groups, and consumers are calling for stronger laws and regulations on data privacy as a fundamental human or civil right. As companies collect and use an increasingly staggering amount of personal information, there is greater attention on what their responsibility is—both ethically and legally—in handling all of this data.

It’s not just the usual suspects who are making these calls. Earlier this year, the CEOs of two of the world’s largest technology companies also joined the movement. In March, Apple CEO Tim Cook referred to data privacy as a civil liberty akin to freedom of speech. Two months later, Microsoft CEO Satya Nadella explicitly called data privacy a human right and said industry should do more to ensure that technology is responsible and ethical.

While the renewed push for data privacy as a human right may seem like a reaction to recent news of corporate mishandling of data, such as last year’s massive Equifax data breach that affected 143 million consumers, in fact advocates have been working on this for some time. The United Nations Human Rights Chief, Navi Pillay, spoke on the importance of internet privacy back in 2013. The following year, the U.N. General Assembly unanimously passed a resolution on privacy protection in the digital age and specifically mentioned the private sector, stating that “business enterprises have a responsibility to respect human rights.”

“In the digital age, personal data is intrinsically linked to our private life and other human rights,” Cynthia Wong, senior researcher of the business and human rights division at Human Rights Watch, told TriplePundit. “Everything we do leaves digital traces that can reveal intimate details of our thoughts, political or religious beliefs, movements, friends and contacts, and activities.”

The private sector’s role in establishing the right to privacy

Several companies are beginning to explore how they can better protect users and play a role in the ongoing conversation about privacy as a human right. Microsoft followed up Nadella’s statements by hiring a chief privacy officer, and its privacy page is one of the most extensive and detailed of any company. In the Ranking Digital Rights 2018 Corporate Accountability Index, Google was rated the top company in the internet/mobile space, while Vodafone was ranked the top telecommunications company among large global players.

Other companies are leading on how to utilize their data for social good. SAS, the software and analytics company whose products underpin a host of global supply chains, shares its data with nonprofits via the Data for Good program—allowing those organizations to better protect endangered species, respond to natural disasters, and more.

This type of responsible and ethical data use carries measurable benefits for companies, Wong argued, and privacy can become a distinction point among increasingly privacy-aware consumers. “Smart companies will compete on privacy,” she told us. “If they can show users that they will protect their data, users will be more likely to trust and use their services.”

Momentum is growing, but we have a long road ahead

Although more and more consumers are concerned about the way companies handle their data, choice is often lacking when it comes to secure services. The very same report that praised Google and Vodafone found fault with nearly all other leading technology companies. Moreover, “people do not have enough information to make informed choices as consumers or as citizens, exposing them to undisclosed risks,” said Rebecca MacKinnon, director of Ranking Digital Rights, a nonprofit research initiative focused on the IT and communications sector, in a statement.

This is a big problem. Companies, particularly in the technology space, have been more reactive than proactive on data privacy. For consumer privacy to really come to the forefront, it is likely that government will also have to play a role—especially in instances where consumers don’t have a choice to switch to a privacy-protecting alternative.

“If one company breaches our trust and misuses our data, we don’t have other competitors to switch to,” Wong explained. “Governments should regulate corporate collection and use of our data to ensure the right to privacy has meaning in the digital age.”

The posterboy for this scenario? Facebook, which has been hit by waves of allegations of misuse of user data since the 2016 election, most notably the Cambridge Analytica scandal. Despite this, Facebook has seen little—if any—drop-off in users or profit, mostly due to the fact that there is no real alternative to the social networking giant in most of the world.

Fortunately for users, the momentum for stronger regulations is heating up. The European Union’s General Data Protection Regulation, which aims to protect the data privacy of EU citizens and applies to any company doing business in Europe, is just the start. California passed a strong data privacy law earlier this year, partly in response to the Facebook scandal. It is likely that the momentum for making data privacy legally binding will grow, and with it the push to encode it as a global human right. Smart companies will be the ones that join the movement rather than waiting for regulations to respond.

Image: Adobe Stock/mavoimages