Privacy with Impact

Oli Bage
Distinguished Engineer and Head of Architecture for the Data and Analytics division at London Stock Exchange Group (LSEG)
A world-class panel; an exclusive sneak peek of a privacy start-up not yet out of stealth mode; three flash talks and a brilliant discussion with experts in the field. All the hallmarks of a great LNETM.
It’s always an honour to moderate LNETM’s panel events, and this month was no exception. We were joined by Vivienne Artz (recently OBE), the Chief Privacy Officer of London Stock Exchange Group; Keily Blair, Head of Cyber, Privacy, and Data Innovation at Orrick; William Malcom, International Privacy Lead at Google; Dimitri Sirota, CEO and Co-Founder of BigID; Jason Du Preez, CEO and Co-Founder of Privitar; and Amit Shaked, CEO and Co-Founder of Laminar Security. Dimitri, Jason and Amit kicked off the evening with a run-down of their industry-leading solutions for data and privacy.
Overview
Laminar have been developing their solution for about a year now, focused on data protection for cloud-native applications (a big driver for changes in this space). Privitar and BigID have been around much longer, with the former helping to protect sensitive data for use in data science and analysis, and the latter working to help organisations discover and organise their data in a way that preserves privacy and security.
The flash talks were a great introduction to the types of challenges we face in modern privacy and set a brilliant foundation for the panel conversation to come.
Our panel opened by giving a short brief on what they see as being at the forefront of the privacy industry at the moment:
– Vivienne mentioned not only the impact that mass cloud migration is having on data security and privacy regulations, but the way that laws and EU data strategy are affecting regulated industries.
– Keily, is heavily focused on practical advice for damage limitation and helping her clients to be more risk-focused.
– William, similarly to Vivienne, mentioned the pace of change in relation to privacy regulation currently, and is thinking about how compliance can be scaled for both large enterprises like Google and the technology industry as a whole.
Whilst these three panelists are focused on the impact of legal and regulatory trends, our startup leaders brought a welcome different perspective to the table, focusing largely on data governance and how data can be kept useful whilst maintaining compliance to a growing number of regulations.
Privacy and Public
A major trend in the world of privacy, which was evident from our discussion, is that it’s not so ‘private’ after all… Privacy is becoming a huge public concern and point of discussion. Jason had made a great point made in his flash talk: public concern with privacy is not new! For example, the time when instantaneous photography first became possible; new technology worries people, and the rate of change now is higher than ever.
A number of current trends are driving this new level of interest and concern: AI requires personal data to make predictions about useful and relevant predictions; the pandemic has also altered the way that we work, causing much more of our life to take place in the digital realm and increasing the importance of correctly handling that data. The implementation of the GDPR in Europe has spurred a new wave of global data privacy regulations.
But one of the key messages from our conversation is that regulation isn’t everything. Privacy must be maintained as a point of trust between company and consumer, and trust cannot be gained without it. William argued that not only does the public want transparency regarding what companies are doing, but that that transparency is now vital to the company’s success – customers must be on their side when the latest innovation is rolled out, and chances are they won’t be if they don’t understand it.
There was an element of doubt in the consumer ringing through our talk too. Yes, privacy is a right to which we are all entitled. But what if compromising an individual’s privacy can give value to a far larger group, for example in the case of medical studies? There’s no easy answer here, and it’s best to take advice as we balance the use of data vs the respect of data for privacy.
Companies like BigID and Privitar, and industry groups including the Cloud Data Management Capabilities initiative, are able to help with some of the key technical challenges: knowing what data you have, how sensitive it is and appropriately protecting that data.
So where does this leave us?
Privacy and progress are often at loggerheads. So how do we innovate and continue to respect and follow data privacy regulations?
– Keily advocates for considered cooperation – getting help when you need it from people with legal understanding, who know the regulations well.
– Vivienne says to ‘embrace it, it’s here to stay’. Just ask yourself: how would you feel if that was your data? And consider the impact of your actions.
– William’s advice was simple: compliance is important, but you must also know where you as a company or individual stand. What are your moral and ethical beliefs about privacy? How can you act on those?
– Dimitri suggests that seeing privacy as an obligation to fulfil is where we’re going wrong. Working with privacy to build a better relationship with customers, one of transparency and trust, can only be positive.
– Jason ended with a simple note – if you’re struggling with privacy regulations, there are people around to help, especially Privitar, BigID and Laminar!
Privacy requirements can often seem complex, but it was great to hear and learn from the sage advice from our fantastic panel this month.
Thank you to Ian and the LNETM for a fantastic event. It was a joy to host and I hope to see you all in May.