בלוג לכבוד יום פרטיות המידע הבינ"ל

Our Love-Hate Relationship with Privacy

We say we don’t care, but we do. We expect things for ourselves, but don’t give the same to others. Who we are at work is hurting us at home. January 28th is Data Privacy Day. It’s a good day to admit our conflicted relationship with privacy.

Truth be told, we don’t think about privacy much on our day-to-day. It’s a vague concept, not tangible enough to post on Instagram. Who has time nowadays for concepts? So what if privacy is a requirement for self-development, for freedom of thought, for democratic societies. Give me a break, #privacy is not even a cool hashtag! 

Privacy is actually a burden. It’s something we need to respect about others. We shouldn’t tell our friends’ secrets. We shouldn’t enter the opposite sex’s showers at the gym. We can’t grab our colleagues’ phones to read their private messages. Although we’re curious. But it’s not right. We know better. It’s also against the law. God Damn Privacy Rules! (aka GDPR)

Ever since GDPR came about last year, most business people treat it as a burden. First, it’s a law. Something to discuss with lawyers. Ergh! Second, we need to deal with it, which goes against our laziness and inertia. Pfff. Third, it’s going to cost us money to adapt. Damn. Our intelligent brains immediately devise the preferred course of action - let’s stick our heads in the sand and just ignore it. Maybe it would pass. It’s still here? Well, let the IT guys deal with it. What do we know?

It’s kind of surprising that we treat GDPR this way. When hearing about this global revolution, we should have reacted differently. Something like “Yeah! Finally! We’ve got some new rights. Let’s get a grip on our freaking personal data.” 

Who is privacy and GDPR a burden for? Businesses.

Why? Because businesses must be fair and transparent now when processing people’s information.

What people? We the people. It’s about every single one of us!

The GDPR is essentially constituting our rights to our privacy and data, effectively all around the world, at a time when it’s absolutely needed, and yet we treat it as a burden.

The core of the issue is the conflicted, blind-spotting relationship we have with privacy. It’s a relationship where a data-hungry professional in us fights a reserved individual. Where a curious online spectator reckons with his embarrassed, imperfect self offline. Where an exhibitionist mother socializing on Facebook wants to throw something on her daughter as she’s performing stories on Instagram.

As professionals, we grew to believe that data is the new oil. Product managers were taught to collect as much data as possible: ask for all mobile permissions, suck all the friends, photos and interests from social networks, and mark a zillion fields as required on onboarding forms. “What shall we do with all this data? We’ll think of something, a roadmap feature maybe. Think Big Data! AI can find mysterious correlations that would make us millions.” Marketing managers also delight themselves in pools of data. “We address our users by their first name, it makes us friendly. We personalize every interaction. And you know, people who liked this, also loved that. And so did their friends and lookalikes!” The truth is however that most data collected is never used. Most companies never find a correlation or even make the effort to find one. Most businesses just accumulate lots of data, hardly use it, and never delete it. Sometimes they get hacked, and then they apologize. Most data is not oil, it’s an oil stain.

As individuals, we act differently. We don’t like to volunteer personal info to new services we don't yet trust. We want apps to save our work and remember our password, but that’s about it. We would rather have everything else about us deleted the moment we browse away. We like it when we’re greeted by our name, but find it creepy to encounter our recent voice conversations as ads and search results that are too-relevant. We appreciate a notification that we must leave to make our next appointment in time, but find it daunting to witness our life’s itinerary unfold on Google Maps’ timeline. We love to share pictures of happy moments on Fakebook, but don’t appreciate our tagging on non-flattering photos. We spend most of our time on social networks scrolling pointlessly through other people’s lives, but share very little about ours.

This is the essence of the conflict - as people, we want to enjoy some privacy, while as business professionals we want to revoke others’ privacy.

GDPR troubles businesses in legitimizing their data processing to avoid fines. But businesses are built by people, and as people, we need to take a different look at GDPR. Forget about your business for a second, and think about YOU - the person, the employee, the consumer, the parent, the lover, the thinker. This new law allows us, as individuals, to slow down the digital roller-coaster that leaves traces of our identity everywhere. It allows us, for the first time, to disconnect from services and companies, and to be forgotten. It should allow us to stop being targeted all the time - for our attention, for our money, for our values and opinions. It might allow us to become anonymous again, one app at a time, one session at a time. To just be, and then, be gone. 

There’s true beauty at this place, and businesses can enjoy it too. It’s User Experience at its simplest form. Businesses should consider again, for real, what people want, and match that expectation. What does this client wants us to know about her? Would she benefit from our sharing of such this information with our partners? Can she easily update her info and communication preferences? When is it no longer useful for her that we remember it all? In that very spot, where customer interests are considered and met, GDPR, businesses, and people coincide. Think about your favorite hairdresser, restaurant, or resort. They might know your name and what you like, but they don’t need to know anything further to provide a great service. And if they provide a great service, we come back for more. 

Fair data practices build trust and customer satisfaction, which in turn create revenues and customer loyalty. Online and offline businesses should strive to make their products and services useful and relevant, not too personalized or intrusive. As a business, you don’t need to know everything about your customer, but rather to focus on data that matters. 

In the post-GDPR era, less is more. Love your neighbor as yourself. Treat others the way you want to be treated. Ask your customers for information that you’d be willing to provide about yourself. Communicate clearly your intentions. Secure people’s data like you would guard your own privacy. That’s the basis for GDPR compliance - human decency, managing expectations, and common sense. It’s that simple.

Happy Data Privacy Day!