Sunday

22nd Jan 2017

Stakeholder

Privacy by design: the fewer data the better

  • We will move to a new generation of privacy-aware consumers. (Photo: European Commission)

The deal over the new General Data Protection Regulation (GDPR), agreed on 15 December, promises to raise the bar for personal data protection across the world.

The new regulation, which should become effective in 2018, replaces the old EU Data Protection Directive of 1995 and will be directly applicable in 28 EU states.

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

The GDPR will bring EU law up-to-date with today’s trailblazers, such as globalisation, social networks and cloud computing, and aims to rebuild consumer trust in the face of data thefts, while growing the digital economy and levelling the playing field for industry through harmonisation.

As the four-year drafting and approval process through the European Commission, European Parliament and Member States has proven to be a complex affair, eliciting a huge number views and opinions, and lots of discussion, the GDPR is a positive step.

Huawei takes the position of strict adherence as far as personal data protection is concerned – and worldwide, not just across the EU28. Our products and services protect data by default.

To ensure this, Huawei uses the Privacy By Design approach. What does this mean? We define PBD as: protecting the user, by handling the minimum amount of private data, to deliver the best possible experience, for information-based services.

We can only build consumer confidence and trust through transparency. An attitude of “collect everything so that we can figure out business models in the future” is unacceptable. We must use the minimum amount of data, and for explicit purposes, and the consumer must know that we are doing this – and only this.

Huawei uses a 5-step implementation process for PBD, involving:

- Leadership: this starts at the top, and executive support is critical. In Huawei, the tone is set by our Rotating CEO, Ken Hu, who chairs our global privacy committee and takes an active interest in the topic

- Business Conduct Guidelines (BCG): privacy is incorporated into our BCG, which all members of staff sign. It is also included in our disciplinary code, to ensure that PBD is not a one-off initiative, but a standard way of conducting business

- Awareness and training: this is key to ensuring ongoing attention to the subject at all levels of the organisation, as every employee must play their part

- Development: Huawei adopted the Privacy Impact Assessment Framework (PIAF), published by the EU in December 2012. This is now embedded into our product and software development lifecycle and extends into operations

- 9 Underpinning Principles include transparency at all levels, along with informed consent, minimal data, integrity, and ownership retention.

Privacy will continue to evolve and change shape, and many challenges lie ahead. Consumers, for example, do not always act as legislators or regulators think they will or should act. User buying patterns suggest that, while they are concerned about privacy, this is not always reflected in their decisions.

They don’t always want vendors to have tight controls over data management. If their phone is broken, for instance, they simply want it fixed as soon as possible, and are willing to cede data to see that happen. So education for our customer-facing employees will be very important for the future and will need to be constantly reinforced.

In addition, culture, circumstance and history all have an impact at a local level and can mean important differences in understanding, which requires constant attention to detail.

Cross-industry collaboration is key in this respect, and this is why Huawei works with the International Association of Privacy Professionals, precisely to share and learn about such matters.

However, as the GDPR is published, adopted and becomes law over the months to come, industry and consumers are still only part way down the path to ensuring maximum data privacy.

As the debate evolves, and consumers start to execute their buying power with privacy as a purchasing criteria, we will move from compliance and “operationalising” the principles, to a new generation of privacy-aware consumers. And we need to service that societal transformation to the full.

David Francis has recently been appointed as Huawei’s Cyber Security Officer for the UK market

Stakeholder

Stakeholders' Views

This EUobserver section provides a platform for EU stakeholders to communicate positions, views and activities.

Stakeholders' Highlights

  1. Caritas EuropaEU States to Join Pope Francis’s Appeal to Care for Migrant Children
  2. UNICEFNumber of Unaccompanied Children Arriving by sea to Italy Doubles in 2016
  3. Nordic Council of Ministers"Nordic Matters" Help Forge Closer Bonds Between the UK and the Nordic Region
  4. Computers, Privacy & Data ProtectionThe age of Intelligent Machines: join the Conference on 25-27 January 2017
  5. Martens CentreNo Better way to Lift Your Monday Blues Than to Gloss Over our Political Cartoons
  6. Dialogue PlatformThe Gulen Movement: An Islamic Response to Terror as a Global Challenge
  7. European Free AllianceMinority Rights and Autonomy are a European Normality
  8. Swedish EnterprisesHow to Create EU Competitiveness Post-Brexit? Seminar on January 24th
  9. European Jewish CongressSchulz to be Awarded the European Medal for Tolerance for his Stand Against Populism
  10. Nordic Council of Ministers"Adventures in Moominland" Kick Off Nordic Matters Festival in London
  11. PLATO15 Fully-Funded PhDs Across Europe on the Post-Crisis Legitimacy of the EU - Apply Now!
  12. Dialogue PlatformInterview: Fethullah Gulen Condemns Assassination of Russian Ambassador to Turkey