Despite the ongoing discussions about data privacy by legislatures, regulators, and data conservationists — self-regulation remains the primary tool to ensure consumer information is handled responsibly.
And rightly so. But you’re probably wondering why data privacy self-regulation is better than involuntary enforcement through regulations.
Too often, privacy debates devolve into false dichotomies, dominated by arguments that advocate for being always anonymous or that privacy is dead.
Both are wrong.
Data privacy is an important conversation because we humans are both social and autonomous creatures.
And we need solutions that balance the values of both disclosure and discretion.
The U.S. founders knew that.
Privacy is a Team Sport
Through products and services, the technology industry is well positioned to address the weighty nuances of deciphering public from private places, understanding who uses what products, and how those products might be abused.
But although the industry might be best positioned to address privacy issues, they have no monopoly on them.
Privacy is a team sport.
As I discussed in my talk at the Stanford Law School’s Privacy Identity Innovation conference, technologists drive innovation.
But responsible innovation is only achieved when tempered with the counsel (and sometimes warnings) of humanitarians — philosophers, journalists, economists, anthropologists, and historians.
And, where appropriate, this counsel must be heeded and enforced, either voluntarily through self-regulation or involuntarily by law.
Data Privacy Self-regulation is the Most Efficient Way to Protect Consumers and Encourage Innovation
Let me break it down:
Self-regulation privacy efforts adapt better than government regulation
The process of creating, passing, implementing, sustaining and auditing government regulation is, as you can imagine, quite long.
Congress has attempted comprehensive privacy legislation for years.
While the FTC has been effective at prosecuting offenders recently, it just can’t give consumers the protections they need and the innovation they want.
Self-regulation is fast.
Privacy companies, like TrustArc, can verify the claims of their clients and operate at the speed of technology.
It offers solutions to actual problems
By allowing industry to self-regulate, innovation is prioritized alongside consumer protection — not innovation at the expense of consumer protection.
We tend to forget how new the Internet is and, to some extent, that we are all making this up as we go.
Self-regulation encourages a race to the top
Industry players vie for users. Winning companies offer the best products and are most responsive to all stakeholders including customers, advocates, and regulators.
Take, for example, Intelius’ work with the National Network to End Domestic Violence (NNEDV).
Working with NNEDV, we developed a suppression feature in TrueRep which offers users the opportunity to block their most recent contact information.
Self-regulation fits with Privacy by Design
By accommodating for privacy early in the design process, users can have just-in-time controls over their data.
Privacy by design was one of the driving forces for our TrueRep product where users have access and control of their own public profile.
Self-regulation addresses data abuses
The fiercest enemy of consumer privacy is data abuse.
Sure, data abuse can’t be accomplished without access to the data. But where data is already public, it shouldn’t be used for harm.
That’s the wisdom of the Fair Credit Reporting Act.
No matter how the data is accessed, businesses must tread carefully when it’s used for sensitive purposes like hiring or housing.
We humans are complex.
As we map our complex society online, getting privacy right will take some time.
Self-regulation is a key ingredient to responsible, fast-paced innovation and data privacy.
Give it a chance.