In 1999 Scott McNealy, then CEO at SUN Microsystems, called privacy a non-issue and said: ”You have zero privacy anyway. Get over it.” Fortunately he was wrong – at least partially.
In the meantime, privacy has become a strongly debated issue in many company boards, regulatory bodies and politics. There is hardly any day without data privacy being mentioned as a major issue in the newspapers and the privacy awareness of individuals is increasing. At the same time, developments in the context of correlating and analyzing consumer behavior (“Big Data”), and measures taken to fight against terror and – more recently – tax evasion may erode the privacy of millions.
The freedom of individuals is at stake
It is clear, privacy is not about protecting tax evaders and criminals. It is a human right and in many countries a constitutional right as well. In fact the freedom of individuals is at stake:
- At present the world public is discussing the impact of intelligence agencies collecting our phone calls and Internet activities – in many cases without court approval – supported and driven by the goal of fighting terror. Does this justify such massive surveillance?
- Today any bank client listed on the infamous discs sold to foreign governments is by default suspected to be a tax evader. Certain media even refer to those discs as “tax evader CD”. The burden of proofing the accusation false remains with the individual.
- Some companies providing “free” services make good profits by successfully analyzing (“big data”) and monetizing the consumer’s data. There is nothing wrong with it as long as there is a fair deal between consumer and company.
Privacy regulations have failed to keep up with the globalization of data processing and the advances in data mining. There are lengthy and often theoretical debates on whether explicit consent to cookies is needed, or whether personal data shall be processed cross-border. This misses the point because the impact on privacy depends a lot on the context and purpose of the data processing.
Regulations and organizations processing personal data should make sure consumers are given the fair deal: choice, transparency and control over the use of their personal data.
How does this affect the financial institutions?
In a recent BCG survey of 3’000 individuals from European countries, the respondents considered financial and credit card data to be their most private data, i.e. more private than medical data. Hence financial institutions are well advised to be leaders in protecting the privacy of their clients. It responds to client expectations and is a matter of trust between the client and the institution.
KPMG’s Data Loss Barometer shows that the data of financial institutions is among the most attractive targets for attackers. Given the growing value of personal data and the increasing attractiveness to criminal organizations, proper privacy protection will rapidly be strategically important to maintain client trust in the future.
Finally, financial institutions may generate benefits from further analysis of the personal data they have gathered. To do so organizations must learn how to provide consumers with the fair deal of choice, transparency and control.
Legislators, regulators and the private sector have to work together more closely on the challenging task to the protect us as individuals, consumers and citizens and to ensure Scott McNealy’s statement on privacy remains wrong in the foreseeable future.
- Check your organization’s Data Protection status: Data Privacy Health Check
- FINMA konkretisiert Anforderungen an den Kundendatenschutz bei Banken und Effektenhändlern