Hogan Lovells partner and head of European privacy and informaiton practice on data protection, regulation and privacy impact assessments
Do you think there is a case to be made for companies to view data privacy as an asset/competitive advantage rather than a compliance problem?
Absolutely. I have been making this point for years but now it is more obvious than ever. Data is an extremely valuable asset that can be exploited for the benefit of businesses and public authorities. However, in order to obtain the maximum value, this asset must be protected and people’s privacy must be respected. This approach will generate trust, which will translate into even greater value. It is a simple equation: get data privacy and security right and realise its value as fully as possible. Privacy safeguards = more willing customers = better data = greater profits. The link between compliance and tangible benefits could not be more direct.
Are we witnessing a “new industrial revolution” with the growth of digital data?
Without a doubt. Digital data keeps the information society alive and makes it grow. Like oil, people’s data is not always easy to capture and, in its raw format, not that useful. But when properly and systematically gathered and studied, it can make a difference between failure and success for governments and businesses. It is no coincidence that public authorities and commercial organisations are constantly hunting for data about their citizens and customers. The biggest success stories of the Internet age are directly linked to the collection and exploitation of data about users, and the level of success is only growing in direct proportion to the amount of data produced by users. Harvesting and handling data is the new alchemy
Do you think data will be a driver for growth in the EU?
This is a global process that, of course, includes the EU. However, the regulatory answer should not be to retreat to national trenches and build even more restrictive legal frameworks. Future law and practice must adapt to data globalisation and work with it. The EU must accept the constant evolution of technology, recognise that personal information is an asset, and see data globalisation as an unavoidable fact.
What are the main current data protection issues in the EU and how do you see the future of data protection shaping up?
Privacy and data protection have become critical issues whose significance is set only to grow. The implications of devising an effective framework to regulate the use of personal information are crucial for the future of humanity, our freedoms and our economic wellbeing. As mentioned in my book The Future of Privacy, to get the balance right, policy makers, regulators and organisations must address the specific challenges presented by rapidly evolving technology, the increasing value of personal information and the globalisation of data-reliant activities.
What is your top tip for information professionals?
Think about risk-based as a ‘must-have’ tool. More and more data uses will qualify for this type of exercise, which is meant to embed privacy and data security considerations as part of the development process of most technology-driven products and services. Using risk as a metric will only grow in importance and information professionals as well as policy makers and regulators will need to make realistic assessments of what is risky and what is not.
Eduardo Ustaran is a partner and head of Hogan Lovells European privacy and information management practice