It’s been more than 260 years since Benjamin Franklin, addressing the Pennsylvania Assembly said: “Those who would give up essential liberty, to purchase a little temporary safety, deserve neither liberty nor safety.” Today, in the context of rising online threats, we find ourselves at the intersection of the right to privacy and the obligations of law enforcement bodies to protect us.
When these two perspectives are argued, they are often portrayed as opposites. We don’t want to be surveilled unless there is a reasonable suspicion that we are engaged in criminal activity.
However, there needs to be a balance between looking for signs of malevolent activity and ensuring we are allowed to live our lives free from constant monitoring. It is no longer just governments and law enforcement that might monitor us, technical advancements have made the waters even more murky and undefined.
Public outcry
There has been considerable public outcry over the use of security cameras and the use of biometrics to identify specific people. The recent investigation by Choice, revealed that several large Australian retailers had been using facial recognition to identify specific people entering their stores.
In the past, someone standing at the door of a store might have a photograph or rely on their memory to identify a past shoplifter. In the case of these retailers, they were applying modern technology and automation to achieve a similar end. The problem was that shoppers were not informed.
Public perception of how such proactive surveillance can be used has been informed by George Orwell’s 1949 novel 1984, through to modern movies such as Minority Report.
While there is a public benefit to identifying potential shoplifters to minimise store losses, which lead to higher prices for all of us, this needs to be backed by appropriate information so people understand what information about them is being used, why it’s being collected and how it will be handled.
It’s often said that it only takes one ‘whoops moment’ to wipe out a thousand hoorays.
Knowing your customer is critical to the success of your business.
But if the data you hold is stolen or misused, the consequences can be severe.
Think clearly about customer data you collect
When you collect customer data, think clearly about why your business wants the data. The Australian Privacy Principles make it very clear that you should only collect data for a specific purpose and that your customers are informed of that purpose. If you plan to use the data for a new purpose, you need to let them know.
Don’t store data you don’t need. For example, you may need to verify a customer’s age. But that doesn’t mean you need to hold their full date of birth. While you may see data theft as having a relatively low likelihood of occurring, think of the impact should sensitive customer data be accessed by an unauthorised party.
If you do need to hold sensitive customer information, ensure that you put adequate safeguards in place. That means knowing who can access the data, whether they can only read the data or also edit it, having systems in place to monitor when the data is sent outside your business, and ensuring it is encrypted so, if it is stolen, it’s not of any use to the thief.
Winning trust through transparency
For organisations planning to introduce new security measures, such as the use of biometrics, it’s important to clearly articulate in terms and language appropriate for the audience, what problem is being addressed, how the solution fixes it, and how their data is being used and protected. Listen to questions and concerns of users and respond to them.
It is important to delineate between the applications of technology. For example law enforcement using biometrics to identify people who’ve been confirmed as a threat to public safety versus biometrics for general mass identification without consent. Businesses need to adopt and work with partners who are transparent and ensure any biometrics program is initiated on a consent basis when the scope and context is clearly communicated to the user for them to opt in.
Security and privacy are not polar opposites. They are both important social requirements that must be addressed and balanced. We are in a new frontier of rapidly increasing technological advancements and what is in the public good is a discussion that needs to occur.
ABOUT THE AUTHOR
Handpicked for you
Consumer Data Right review calls for ‘screen scraper’ ban, potentially making some fintechs unviable
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.