So Glad You Didn’t Say That! A Response to Viktor Mayer-Schönberger

In response to my comments on an IAPP story, “Forget Notice and Choice, Let’s Regulate Use,” Viktor Mayer-Schönberger distances himself from views attributed to him by the IAPP and positions taken in an earlier whitepaper.

My first thought when reading Mayer-Schönberger’s response was, “I’m so glad he didn’t mean that!” In sum, Mayer-Schönberger assures me that our views are aligned as follows: The belief that individuals have an interest in privacy protection; privacy should be anchored in the OECD Fair Information Practice Principles; the public should have control over their personal information, and privacy does not impede innovation. Allow me to assure all of you that in addition to the IAPP story, I have indeed viewed the video of Mayer-Schönberger’s Brussels keynote and have read the two papers he referenced.

Mayer-Schönberger reaffirms the importance of privacy as a value, while suggesting that to be effective, the mechanisms to ensure privacy must be changed. The answer he offers is shifting the focus away from “consent,” to “use” because, according to Mayer-Schönberger as stated in his keynote, “data protection should not rely on an individual’s ability to comprehend what is going on exactly with his or her data and take actions.”

I too am in favour of systems which take the burden away from individuals to protect their own privacy. In today’s mobile world, individuals should not be expected to negotiate overly long and complex user agreements. However, my approach has been to develop the concept of Privacy by Design (PbD), in which organizations are urged to build in privacy measures, right from the outset, so that the individual’s privacy is protected by default. But Privacy by Design was not referenced in the various papers Mayer-Schönberger simultaneously references and distances himself from. I found this somewhat surprising given PbD’s prominence on the global stage, having been unanimously passed as an international framework for privacy in 2010, now translated into 35 languages, included in the draft EU Data Protection Regulation and referenced by the U.S. FTC as forming an essential component of its privacy program.

The changes to privacy protection proposed in the papers cited by Mayer-Schönberger, which are consistent with his keynote, include removing purpose specification and leaving the decision to obtain consent to the discretion of the organization. The acceptable determination of secondary uses of the data would be left up to the company involved. With due respect, since the OECD principles are interrelated—and were re-affirmed in July, 2013—removing such fundamental concepts as purpose specification and use limitation would unhinge the rest of the principles—at that point, one could no longer say the approach was anchored in the current privacy framework. If there is no purpose specification, you cannot ensure openness and accountability to the data subject.

How could such changes not weaken Fair Information Practices?

Mayer-Schönberger suggests in his keynote that in place of consent and purpose specification, an accountability model in which legal restrictions and regulatory oversight, rather than individual consent, regulate the use of personally identifiable information. This is the antithesis of PbD, in terms of allowing privacy harms to develop and then, after-the-fact, offering systems of redress. In this day and age, this is too little, too late. I am of course in favour of responsible data use and accountability but not eliminating the data subject from the picture, in terms of making the necessary determinations relating to the uses of their personally identifiable information. Also, speaking on behalf of regulators who endeavor to pursue the cases that come before them vigorously, our offices and resources are already stretched to the limit, with no additional resources being allocated for such enforcement. And with the massive growth in online connectivity and ubiquitous computing, we would barely see the tip of the iceberg of the privacy infractions that would arise.

The Seven Foundational Principles of Privacy by Design build upon and raise the bar of Fair Information Practices. We did this by adding elements of proactive privacy protections—embedding privacy into information technologies, business practices and networked infrastructure. An ancillary benefit of employing PbD is that companies can experience a “Privacy Payoff”—gaining a sustainable, competitive advantage. By strongly de-identifying one’s personal data holdings, companies will face far less liability should they experience a breach due to a rogue employee or hacking incident, not to mention the harm involved in cases of identity theft (think Target).

The suggestion to downplay consent and purpose specification are in stark contrast to a growing movement among the private sector (see the Personal Data Ecosystem Consortium) that believe providing individuals with ultimate control over their personal information is the most commercially advantageous scenario for the future. The World Economic Forum has encouraged consensus regarding the rules for obtaining individuals’ permissioned flow of data in different contexts, specifically citing PbD (See “Unlocking the Value of Personal Data: From Collection to Usage”). There is also nothing in this approach that would prevent a Personal Data Ecosystem company from enabling Big Data analytics. Privacy by Design is inherently positive-sum, not zero-sum. For more, see our paper “Big Privacy: Bridging Big Data and the Personal Data Ecosystem Through Privacy by Design.” Big Data will require Big Privacy, enabling both to flourish.

I also take issue with Mayer-Schönberger’s statement in his keynote that purpose specification is “crippling Big Data innovation” and suggest that he explore some of the material to de-identify large data sets for Big Data purposes (see the excellent work of Khaled El Emam, for example, in designing strong de-identification tools). Just as Big Data algorithms have grown in sophistication, so too has our ability to de-identify, encrypt, obfuscate, aggregate, introduce noise, etc., so that the data may be reused in a positive-sum manner for many of the altruistic purposes in healthcare and education that Mayer-Schönberger references. This too is consistent with applying a PbD framework—what is needed is Big Data and Big Privacy.

While I am sure that Mayer-Schönberger and I share similar views on the value of privacy, it is nonetheless important to voice other perspectives, such as Privacy by Design, that are not currently reflected in his view of how the OECD principles should be revised. I look forward to doing so in an upcoming paper with Berlin Data Protection and Freedom of Information Commissioner Alexander Dix, and University of Ottawa Professor Khaled El Emam. Stay tuned, and definitely join in!

PS: This matter is of such great importance that we decided to hold a live webinar on Friday, January 24 at 9:00 a.m. EST with Commissioner Alexander Dix, Professor Khaled El Emam, CDT President Nuala O’Connor, CIPP/US, and myself. I hope you will join us! Please click on the above link for additional details.

Written By

Ann Cavoukian

1 Comment

If you want to comment on this post, you need to login.

  • Christopher Vera Jan 17, 2014

    (my comments are my own and do not necessarily reflect that of my employer)
    The Dr. makes great points here. The government and special interests could potentially improve my lifestyle with all kinds of great recommendations if they could kick down my door and inspect my home once per month. That doesn't make it right or good. While "big data" removes the need to kick down my door, the data is collects about me is much the same and so therefore, is the risk. Do warrants stifle police efficieny (i.e., law enforcement innovation)? Yes. And there's a reason for that: Because intrusion simply for the sake of innovation may lead to unintended consequences that could limit or destroy future innovation. Purpose specification and data minimization are mainstays of privacy because they protect the individual's privacy with as little impact to the individual as possible. If you don't collect it, I don't have to worry about protecting it. If I WANT the product or service being offered, I will give you my consent to collect the necessary data about me to make it happen.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Get more News »

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find a KnowledgeNet Chapter Near You

Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

The Privacy Core™ Library Has Evolved

Privacy Core™ e-learning essentials just expanded to include seven new units for marketers. Keep your data safe and your staff in the know!

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

Upcoming Web Conferences

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Team

Get your team up to speed on privacy by bringing IAPP training to your organization.

Let’s Get You DPO Ready

There’s no better time to train than right now! We have all the resources you need to meet the challenges of the GDPR.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

FIP Designation

Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.


The IAPP’S CIPP/E and CIPM are the ANSI/ISO-accredited, industry-recognized combination for DPO readiness. Learn more today.

Learn more about IAPP certification »

Are You Ready for the GDPR?

Check out the IAPP's EU Data Protection Reform page for all the tools and resources you need.

IAPP-OneTrust PIA Platform

New U.S. Government Agency privacy impact assessments - free to IAPP members!

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

Privacy Vendor List

Find a privacy vendor to meet your needs with our filterable list of global service providers.

More Resources »

Europe Data Protection Intensive 2017

The Intensive is sold out! But cancellations do happen—so hurry and get on the wait list in case more seats become available.

Global Privacy Summit 2017

The world’s premier privacy conference returns with the sharpest minds, unparalleled programs and preeminent networking opportunities.

Canada Privacy Symposium 2017

The Symposium returns to Toronto this spring and registration has opened! Take advantage of Early Bird rates and join your fellow privacy pros for another stellar program.

The Privacy Bar Section Forum 2017

The Privacy Bar Section Forum is sold out! But you can still add your name to the wait list, and we'll keep in touch about your status. Good luck!

Asia Privacy Forum 2017

Call for Speakers open! Join the Forum in Singapore for exclusive networking and intensive education on data protection trends and challenges in the Asia Pacific region.

Privacy. Security. Risk. 2017

Call for Speakers open! This year, we're bringing P.S.R. to San Diego. Submit today and be a part of something big! Submission deadline: February 26.

Europe Data Protection Congress 2017

Call for Speakers open! The Congress is your source for European policy debate, multi-level strategic thinking and thought-provoking discussion. Submit a proposal by March 19.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»