Amitech Solutions Blog

Let’s Move Forward on Privacy in the Era of Big Data

By Christina Peters, Chief Privacy Officer, IBM

There’s a fascinating new wrinkle in the world of social networking. Pediatricians are using technologies including texting, social media and blogs to reach out to their young patients and give them medical guidance.

Sounds helpful. But wait a minute. What’s a mother to think if she sees a Web page link sent by a doctor on her daughter’s smartphone and it’s about depression or eating disorders?

A column about the trend in the New York Times caught my attention both as a mom and as IBM’s new chief privacy officer. It shines a light on the conundrums we face when dealing with privacy in this era of mobile communications, social networking and Big Data. Thorny issues confront policymakers, businesses and society at a time when advances in technology and media have the potential to solve complex problems yet at the same time could expose so much sensitive information about individuals.

Good data stewardship by businesses and governments can help address some of these concerns, but it’s not enough. We need to see voluntary guidelines, established by business groups and government agencies, which clearly lay out the privacy practices under which they operate. Transparency must be at the heart of any privacy practice. At the same time, standard-setting bodies must accelerate their efforts to provide technology standards to enable organizations to employ the best privacy practices.

For decades, IBM has been a leader on issues of personal privacy. We anticipate our own information needs and the impact of new technology as it ripples out into society. That’s why we announced in 1999 that we would withhold advertising dollars from North American Web sites that do not post their privacy policies. A year later we were the first major corporation to appoint a chief privacy officer. IBM was out in front again in 2005 when we established a genetics privacy policy. It prohibits employees’ genetic information from being used in employment decisions.

As the Internet has grown and developed over the years, there have been fierce debates about how to protect privacy while at the same time enabling businesses to gather information that improves their ability to identify potential customers and serve customers better. The same goes for governments and their ability to serve their constituents.

There’s a paradox here. The gathering and sharing and analysis of personal information has the potential to enrich people’s lives. It can boost our ability to cure illnesses, to fight crime, to educate our children and to optimize everything from mass transit systems to electricity grids. New analytics technologies make it possible for companies to better understand customers and their needs, and to personalize offers and services. Yet, at the same time, risks to privacy are real. It’s important for sensitive personal information to be protected and for people to be aware of how information they share will be used, so they can make decisions about what’s okay with them and what isn’t.

At IBM, we continuously evaluate the need for new policies and practices governing our own activities. But it’s not enough for individual companies to set their own privacy policies. Industry groups should lead by collaborating with stakeholders to establish voluntary guidelines that establish goals rather than enshrine specific technologies. Governments should recognize these best practices. This open, global, technology-neutral approach will ensure that businesses and consumers can benefit from responsible information sharing. And where regulation is truly necessary or when existing regulations have become outmoded, these approaches can provide policymakers with tested, effective and flexible models.

Another consideration: In business, every marketplace runs on trust. When trust falls apart, people are less willing to engage. That punishes not just the organizations that disregard privacy concerns, but also others that play by the rules and adopt progressive policies.

A number of broad-based privacy initiatives are underway. Among them, in the United States, are the Privacy Multistakeholder Process undertaken by the US Department of Commerce and a project on privacy and analytics initiated by the Center for Information Policy and Leadership. We applaud such efforts. We urge those involved to proceed in a spirit of compromise, but also with a keen sense of urgency. It’s vitally important that we move quickly to get this right.