So Glad You Didn’t Say That! A Response to Viktor Mayer-Schönberger

In response to my comments on an IAPP story, “Forget Notice and Choice, Let’s Regulate Use,” Viktor Mayer-Schönberger distances himself from views attributed to him by the IAPP and positions taken in an earlier whitepaper.

My first thought when reading Mayer-Schönberger’s response was, “I’m so glad he didn’t mean that!” In sum, Mayer-Schönberger assures me that our views are aligned as follows: The belief that individuals have an interest in privacy protection; privacy should be anchored in the OECD Fair Information Practice Principles; the public should have control over their personal information, and privacy does not impede innovation. Allow me to assure all of you that in addition to the IAPP story, I have indeed viewed the video of Mayer-Schönberger’s Brussels keynote and have read the two papers he referenced.

Mayer-Schönberger reaffirms the importance of privacy as a value, while suggesting that to be effective, the mechanisms to ensure privacy must be changed. The answer he offers is shifting the focus away from “consent,” to “use” because, according to Mayer-Schönberger as stated in his keynote, “data protection should not rely on an individual’s ability to comprehend what is going on exactly with his or her data and take actions.”

I too am in favour of systems which take the burden away from individuals to protect their own privacy. In today’s mobile world, individuals should not be expected to negotiate overly long and complex user agreements. However, my approach has been to develop the concept of Privacy by Design (PbD), in which organizations are urged to build in privacy measures, right from the outset, so that the individual’s privacy is protected by default. But Privacy by Design was not referenced in the various papers Mayer-Schönberger simultaneously references and distances himself from. I found this somewhat surprising given PbD’s prominence on the global stage, having been unanimously passed as an international framework for privacy in 2010, now translated into 35 languages, included in the draft EU Data Protection Regulation and referenced by the U.S. FTC as forming an essential component of its privacy program.

The changes to privacy protection proposed in the papers cited by Mayer-Schönberger, which are consistent with his keynote, include removing purpose specification and leaving the decision to obtain consent to the discretion of the organization. The acceptable determination of secondary uses of the data would be left up to the company involved. With due respect, since the OECD principles are interrelated—and were re-affirmed in July, 2013—removing such fundamental concepts as purpose specification and use limitation would unhinge the rest of the principles—at that point, one could no longer say the approach was anchored in the current privacy framework. If there is no purpose specification, you cannot ensure openness and accountability to the data subject.

How could such changes not weaken Fair Information Practices?

Mayer-Schönberger suggests in his keynote that in place of consent and purpose specification, an accountability model in which legal restrictions and regulatory oversight, rather than individual consent, regulate the use of personally identifiable information. This is the antithesis of PbD, in terms of allowing privacy harms to develop and then, after-the-fact, offering systems of redress. In this day and age, this is too little, too late. I am of course in favour of responsible data use and accountability but not eliminating the data subject from the picture, in terms of making the necessary determinations relating to the uses of their personally identifiable information. Also, speaking on behalf of regulators who endeavor to pursue the cases that come before them vigorously, our offices and resources are already stretched to the limit, with no additional resources being allocated for such enforcement. And with the massive growth in online connectivity and ubiquitous computing, we would barely see the tip of the iceberg of the privacy infractions that would arise.

The Seven Foundational Principles of Privacy by Design build upon and raise the bar of Fair Information Practices. We did this by adding elements of proactive privacy protections—embedding privacy into information technologies, business practices and networked infrastructure. An ancillary benefit of employing PbD is that companies can experience a “Privacy Payoff”—gaining a sustainable, competitive advantage. By strongly de-identifying one’s personal data holdings, companies will face far less liability should they experience a breach due to a rogue employee or hacking incident, not to mention the harm involved in cases of identity theft (think Target).

The suggestion to downplay consent and purpose specification are in stark contrast to a growing movement among the private sector (see the Personal Data Ecosystem Consortium) that believe providing individuals with ultimate control over their personal information is the most commercially advantageous scenario for the future. The World Economic Forum has encouraged consensus regarding the rules for obtaining individuals’ permissioned flow of data in different contexts, specifically citing PbD (See “Unlocking the Value of Personal Data: From Collection to Usage”). There is also nothing in this approach that would prevent a Personal Data Ecosystem company from enabling Big Data analytics. Privacy by Design is inherently positive-sum, not zero-sum. For more, see our paper “Big Privacy: Bridging Big Data and the Personal Data Ecosystem Through Privacy by Design.” Big Data will require Big Privacy, enabling both to flourish.

I also take issue with Mayer-Schönberger’s statement in his keynote that purpose specification is “crippling Big Data innovation” and suggest that he explore some of the material to de-identify large data sets for Big Data purposes (see the excellent work of Khaled El Emam, for example, in designing strong de-identification tools). Just as Big Data algorithms have grown in sophistication, so too has our ability to de-identify, encrypt, obfuscate, aggregate, introduce noise, etc., so that the data may be reused in a positive-sum manner for many of the altruistic purposes in healthcare and education that Mayer-Schönberger references. This too is consistent with applying a PbD framework—what is needed is Big Data and Big Privacy.

While I am sure that Mayer-Schönberger and I share similar views on the value of privacy, it is nonetheless important to voice other perspectives, such as Privacy by Design, that are not currently reflected in his view of how the OECD principles should be revised. I look forward to doing so in an upcoming paper with Berlin Data Protection and Freedom of Information Commissioner Alexander Dix, and University of Ottawa Professor Khaled El Emam. Stay tuned, and definitely join in!

PS: This matter is of such great importance that we decided to hold a live webinar on Friday, January 24 at 9:00 a.m. EST with Commissioner Alexander Dix, Professor Khaled El Emam, CDT President Nuala O’Connor, CIPP/US, and myself. I hope you will join us! Please click on the above link for additional details.

Written By

Ann Cavoukian


If you want to comment on this post, you need to login.
  • Christopher Vera Jan 17, 2014

    (my comments are my own and do not necessarily reflect that of my employer) The Dr. makes great points here. The government and special interests could potentially improve my lifestyle with all kinds of great recommendations if they could kick down my door and inspect my home once per month. That doesn't make it right or good. While "big data" removes the need to kick down my door, the data is collects about me is much the same and so therefore, is the risk. Do warrants stifle police efficieny (i.e., law enforcement innovation)? Yes. And there's a reason for that: Because intrusion simply for the sake of innovation may lead to unintended consequences that could limit or destroy future innovation. Purpose specification and data minimization are mainstays of privacy because they protect the individual's privacy with as little impact to the individual as possible. If you don't collect it, I don't have to worry about protecting it. If I WANT the product or service being offered, I will give you my consent to collect the necessary data about me to make it happen.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Advertise in IAPP Publications

Find out how to get your message in front the people you want to reach. Download a media kit now.

Get more News »

Find a KnowledgeNet Chapter Near You

Network and talk privacy at IAPP KnowledgeNet meetings, taking place worldwide.

Women Leading Privacy

Events, volunteer opportunities and more designed to help you give and get career support and expand your network.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

The Training Post—Can’t-Miss Training Updates

Subscribe now to get the latest alerts on training opportunities around the world.

New Web Conferences Added!

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Staff

Get your team up to speed on privacy by bringing IAPP training to your organization.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.

Learn more about IAPP certification »

Get Close-up

Looking for tools and info on a hot topic? Our close-up pages organize it for you in one easy-to-find place.

Where's Your DPA?

Our interactive DPA locator helps you find data protection authorities and summary of law by country.

IAPP Westin Research Center

See the latest original research from the IAPP Westin fellows.

Looking for Certification Study Resources?

Find out what you need to prepare for your exams

More Resources »

GDPR Comprehensive: Registration Open

New! Intensive two-day GDPR training led by the sharpest minds in the field. It's a can't-miss event.

The Congress Is Cancelled

The IAPP Europe Data Protection Congress 2015 is cancelled. Click through to learn more.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

Exhibit at an Event

Put your brand in front of the largest gatherings of privacy pros in the world. Learn more.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»