Edition #1 | The Privacist's Playbook
Welcome to The Privacist's Playbook!
This is Edition #1 of The Privacist's Playbook.
A Thank You
Thank you for your support after the release of Edition #0; Thank you to those of you who also gave feedback, and also shared it with your friends and colleagues. Spreading the word is much appreciated!
Thank you again, and...
Let's Dive In
Privacy Without Anything to Hide?
The classic misnomer in the privacy sector is saying "if I have nothing to hide, why should I care about my privacy?". NBC Think dives into this in their recent piece Online privacy so much more about having "nothing to hide". Here's why. In the piece, Andrew Stern considers the details of digital privacy in light of having 'agency' over your online presence.For a deeper look at this, Daniel J. Solove, Professor at George Washington University Law School, published a paper in 2007 (Revised in 2014) which looks at this at a granular level. The paper looks at not only the overarching idea of privacy itself, but the implications of not caring about privacy; how your data is collected, collated, and utilised to derive value by another party — and the potential consequential harm.
On Digital Identity - A Blog Post from the European DPS
Massimo Attoresi, Deputy Head of the Technology and Privacy Unit at the European Data Protection Supervisor, wrote a blog post for EDPS diving into the current state of digital identity, and predicted future developments in the management and protection of identity data going forward.
Legal & Policy Updates
The Multi-Faceted Nature of Interests Underpinning Internet Infrastructure
The European Parliamentary Research Service published a manuscript on the 'Splinterests' of the internet — the fragmentation of the power dynamics and interests behind-the-scenes. The manuscript considers the dynamics and management of the inter and cross-jurisdictional nature of digital privacy, and the parties tasked with executing and enforcing privacy law on the internet.
Dual Directorship of Ireland's Data Protection Commission
Ireland applies and succeeds to appoint two privacy directors to the Data Protection Commission, Ireland's governmental body responsible for privacy. Check out the press release from An Roinn Dlí and Cirt, The Department of Justice, to see the finer details of the process of appointments.
PETs Prize Challenges Open for Entries
The Privacy Enhancing Technologies (PETs) Prize Challenges are open for entries for applicants from the UK and USA. The challenge is backed by the UK CDEI, Innovate UK, NIST, NSF, and the White House Office of Science and Technology Policy.
There are two application tracks, based on technologies driven to (1) transform financial crime prevention; or (2) enable forecasting to bolster pandemic response capabilities.
Get a team together and enter the challenge. There is still a good bit of time to get your entry in; Applications are open now, and scheduled to close in September (Final closing date TBD).
Privacy Implications of At-home DNA Testing
Proton released a deep dive into the privacy implications of at-home DNA genetic testing. Looking into the implications of the collection, retention, and monetisation of genetic data, Lisa Whelan provides a set of astute observations, risks, and recommendations to consider when thinking about or taking a genetic testing kit.
The Interconnected City - Privacy in the Smart Cities of the Future
From utilities, transportation, telecommunications, and urban development, the proliferation of connected technologies is entering all facets of infrastructure in the cities of the future. The Future of Privacy Forum writes on what we should expect in the coming years as cities become more connected than ever. FPF considers the implications of IoT, internet-connected infrastructure, and the privacy implications of smart cities of the day, and for citizens of the future.
Preventative vs Reactionary Approaches to Privacy
The ambulance at the bottom of the hill vs a fence dilemma in the context of digital privacy is often a constant tension in the digital privacy space. IAPP Staff contributor Jennifer Bryant talks with Harvey Jang, VP at Cisco, about being proactive towards the implementation of best practices and processes and approaching digital privacy risks in a preventative manner. The key to this, as posited by Jang, is that privacy should be ingrained into the culture of the company, to spread the responsibility of upholding and maintaining best practices to everyone in a given organisation.
Digital Privacy Tips
Want a Hand Implementing your Privacy Program?
Keen to learn the fundamentals of how to build and flesh out a privacy program? IAPP has released a new page on their site that collates all of their handcrafted resources on how to piece together a privacy program. From expert-written articles, books, guides, and curated in-house whitepapers — IAPP will guide you through creating a bespoke privacy program based on your industry-specific needs and requirements.
DPA Strategies for the African Continent
Data Protection Authorities in Africa. Mercy King’ori and Hunter Dorwart at the FPF have compiled a report covering the structures, requirements, and challenges of setting up and operating DPAs in seven countries within the African Continent. The analysis of each country provides a thorough background on the data protection infrastructures present or planned within the given jurisdiction, and then covers the key takeaways of their respective data protection regimes' implementation, strategies, and performance.
Managing Risk in the Development of Machine Learning Models
Are you a Machine Learning Engineer, or working at a company that deals with Machine Learning algorithms? Digital privacy considerations are imputed across every stage of the ML lifecycle — from considering the privacy ethics of your models at the ideation phase, all the way through to handling the privacy of the outputs from your models. As an emerging technology, deciding how to quantify your digital privacy risk tolerance can be complex and daunting. Once again, the Future of Privacy Forum pulls through with another amazing guide on managing Machine Learning privacy risk management in their Practical Guide to Managing Risk in Machine Learning Models.
That's a Wrap!
This concludes Edition #1 of The Privacist's Playbook. I hope you enjoyed it. As a quick note, The Privacist's Playbook will be transitioning into a monthly publication.