Privacy & Information Security Law Blog

On November 20, 2015, Markus Heyder, Vice President of the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP, discussed how “transparency is increasingly understood as a core component of addressing the challenges of the modern information economy” and a key catalyst for a productive and innovative information economy in an article entitled Transparency and the Future of Driverless Privacy published by the International Association of Privacy Professionals.

According to Heyder, the complexities of information practices in the digital economy can lead to a sense of suspicion and lack of trust in society towards the organizations that collect and use personal data, potentially causing overreactions to otherwise perfectly legitimate and beneficial uses of personal data. Reducing this lack of trust begins with transparency, which essentially has three distinct goals, depending on context:

• Provide the appropriate amount of information to enable informed user engagement, choice or consent with respect to specific uses of personal data.
• Create general awareness of information practices in a way that explains the “value exchange” between individuals and businesses and creates consumer trust and “buy-in,” even in the absence of choice and consent.
• Educate policymakers, legislators and privacy enforcement authorities about the value propositions and benefits associated with information uses as well as the associated risks (or lack thereof) to enable informed and effective policies, laws and enforcement.

According to Heyder, while many people consider providing the appropriate amount of information as the principal goal, seeing “transparency as a new and improved way to devise actionable privacy notices,” creating general awareness and education must increasingly become more important.

In the age of big data, the Internet of Things, ubiquitous information collection and the inferring and sharing of data, there will be an increasing number of situations where individual engagement, choice or consent are no longer practicable, possible, or even wanted by individuals, as CIPL discussed in a previous article. In these situations, the primary role of transparency is to create general awareness of the “value exchange” and how organizations are using data for beneficial purposes and how they protect data, as well as to explain and demonstrate responsible and beneficial information uses to policymakers, legislators and regulators in a way that enables sensible privacy laws, regulations and enforcement. Instead of relying on individual choice and consent, organizations will have to employ alternative mechanisms to protect individuals in this environment that are based on organizational accountability, and enabled and supported by the prevailing privacy frameworks.

To illustrate the importance of the ongoing debate about transparency, Heyder points to initiatives such as the Data Transparency Lab, a community effort founded by MIT, Mozilla Foundation, the Open Data Institute and Telefónica to advance online personal data transparency through scientific research and design, and follow-up work by CIPL and others on the recent Privacy Bridges Report.

Read the full article.