A growing number of entities such as online retailers, platforms, Internet Service Providers (ISPs), financial service providers (banks, credit card companies, etc.) and governments are increasingly collecting vast amounts of personal data. Additional information can be derived by “mining” available data for patterns and correlations, many of which do not need to be personal data. Advances in data analytics now make it possible to infer sensitive information from data which may appear trivial at first, such as past individual purchase behaviour or electricity consumption. The misuse of these insights can implicate the core values and principles which privacy protection seeks to promote, such as individual autonomy, equality and free speech, and this may have a broader impact on society as a whole.
While protection by the law is essential, privacy in an increasingly data-driven economy would benefit from a multifaceted strategy, reflecting a whole-of-society vision, and supported at the highest levels of government, as called for in the OECD Privacy Guidelines and the 2016 Cancun Ministerial Declaration on the Digital Economy. Such strategies need to strike the right balance between the social and economic benefits of enhanced reuse and sharing of data and analytics, and individuals’ and organisations’ legitimate concerns about such openness, including the protection of privacy and intellectual property rights. Coordinated privacy strategies at the national level would enhance privacy protection in an increasingly data-driven environment.
>> More on information security and privacy