What does privacy mean?
Well, it depends on who you ask. Broadly speaking, privacy is the right to be let alone, or freedom from interference or intrusion. Information privacy is the right to have some control over how your personal information is collected and used.
Ask most people these days what they think of when it comes to privacy and you’re likely to have a conversation about massive data breaches, wearable tech, social networking, targeted advertising miscues—not to mention the Snowden revelations.
Add to that, various cultures have widely differing views on what a person’s rights are when it comes to privacy and how it should be regulated.
More importantly, why does it matter?
With speed-of-light technological innovation, information privacy is becoming more complex by the minute as more data is being collected and exchanged. As the technology gets more sophisticated (indeed, invasive), so do the uses of data. And that leaves organizations facing an incredibly complex risk matrix for ensuring that personal information is protected.
As a result, privacy has fast-emerged as perhaps the most significant consumer protection issue—if not citizen protection issue—in the global information economy.
Privacy v. security…isn’t it the same thing?
Not really. But they are kissing cousins. Data privacy is focused on the use and governance of personal data—things like putting policies in place to ensure that consumers’ personal information is being collected, shared and used in appropriate ways. Security focuses more on protecting data from malicious attacks and the exploitation of stolen data for profit. While security is necessary for protecting data, it’s not sufficient for addressing privacy.
Where the IAPP fits in
Organizations that don’t “do privacy” right are at risk—of government enforcement, class action lawsuits, financial ruin, damaged reputation and loss of customer loyalty. Privacy is now a necessity of doing business.
The IAPP is where professionals, whether from multinationals or start-ups, can get the education, training and resources to make sure privacy is done right in their organizations. We don’t advocate, we don’t lobby, we don’t determine best practices. What we do is provide a forum for discussion and education about privacy. And while our name includes “privacy professionals”, we’re here as a resource for everyone—from HR to IT, from auditing to accountability, from compliance to the cloud—who wants to understand privacy and get the skills and information they need to get ahead.