Wednesday

28th Jun 2017

Stakeholder

Privacy by design: the fewer data the better

  • We will move to a new generation of privacy-aware consumers. (Photo: European Commission)

The deal over the new General Data Protection Regulation (GDPR), agreed on 15 December, promises to raise the bar for personal data protection across the world.

The new regulation, which should become effective in 2018, replaces the old EU Data Protection Directive of 1995 and will be directly applicable in 28 EU states.

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

The GDPR will bring EU law up-to-date with today’s trailblazers, such as globalisation, social networks and cloud computing, and aims to rebuild consumer trust in the face of data thefts, while growing the digital economy and levelling the playing field for industry through harmonisation.

As the four-year drafting and approval process through the European Commission, European Parliament and Member States has proven to be a complex affair, eliciting a huge number views and opinions, and lots of discussion, the GDPR is a positive step.

Huawei takes the position of strict adherence as far as personal data protection is concerned – and worldwide, not just across the EU28. Our products and services protect data by default.

To ensure this, Huawei uses the Privacy By Design approach. What does this mean? We define PBD as: protecting the user, by handling the minimum amount of private data, to deliver the best possible experience, for information-based services.

We can only build consumer confidence and trust through transparency. An attitude of “collect everything so that we can figure out business models in the future” is unacceptable. We must use the minimum amount of data, and for explicit purposes, and the consumer must know that we are doing this – and only this.

Huawei uses a 5-step implementation process for PBD, involving:

- Leadership: this starts at the top, and executive support is critical. In Huawei, the tone is set by our Rotating CEO, Ken Hu, who chairs our global privacy committee and takes an active interest in the topic

- Business Conduct Guidelines (BCG): privacy is incorporated into our BCG, which all members of staff sign. It is also included in our disciplinary code, to ensure that PBD is not a one-off initiative, but a standard way of conducting business

- Awareness and training: this is key to ensuring ongoing attention to the subject at all levels of the organisation, as every employee must play their part

- Development: Huawei adopted the Privacy Impact Assessment Framework (PIAF), published by the EU in December 2012. This is now embedded into our product and software development lifecycle and extends into operations

- 9 Underpinning Principles include transparency at all levels, along with informed consent, minimal data, integrity, and ownership retention.

Privacy will continue to evolve and change shape, and many challenges lie ahead. Consumers, for example, do not always act as legislators or regulators think they will or should act. User buying patterns suggest that, while they are concerned about privacy, this is not always reflected in their decisions.

They don’t always want vendors to have tight controls over data management. If their phone is broken, for instance, they simply want it fixed as soon as possible, and are willing to cede data to see that happen. So education for our customer-facing employees will be very important for the future and will need to be constantly reinforced.

In addition, culture, circumstance and history all have an impact at a local level and can mean important differences in understanding, which requires constant attention to detail.

Cross-industry collaboration is key in this respect, and this is why Huawei works with the International Association of Privacy Professionals, precisely to share and learn about such matters.

However, as the GDPR is published, adopted and becomes law over the months to come, industry and consumers are still only part way down the path to ensuring maximum data privacy.

As the debate evolves, and consumers start to execute their buying power with privacy as a purchasing criteria, we will move from compliance and “operationalising” the principles, to a new generation of privacy-aware consumers. And we need to service that societal transformation to the full.

David Francis has recently been appointed as Huawei’s Cyber Security Officer for the UK market

Focus

EU agrees data protection regime, details to follow

Europeans will have the right to object to being targeted by online advertisers, to carry their data from one service to another, and to have personal data deleted if they want to.

EU and Chinese SMEs matchmake in Brussels

While EU and Chinese political leaders discussed climate change and trade at the European Council in Brussels, hundreds of small and medium-sized enterprises from China and all across Europe participated in the EU-China SMEs Matchmaking Event at the Bozar.

Letter

An open letter to ministers on the audiovisual directive

The ongoing revision of the Audiovisual Media Services Directive is a key opportunity to reduce exposure of Europe's children to advertisements of health-harmful products – an opportunity that should not be missed.

We must renew Europe for all Europeans

A call for socialist values and rights at a time when Europe is facing a number of existential threats, says a group of progressive European affairs ministers.

Stakeholders' Views

This EUobserver section provides a platform for EU stakeholders to communicate positions, views and activities.

Stakeholders' Highlights

  1. International Partnership for Human RightsEU-Kyrgyzstan Human Rights Talks Should Insist on Ending Reprisals Against Critical Voices
  2. European Free AllianceEFA Is Looking for a New Intern
  3. Malta EU 2017Conservation of Atlantic Tunas: International Measures Become EU Law
  4. European Healthy Lifestyle AllianceCan Statin Therapy Interfere With a Physically Active Lifestyle?
  5. EPSUOn Public Services Day, Stop Austerity! Workers Need a Pay Rise!
  6. EGBAOnline Gambling: The EU Court Rejects Closed Licensing Regimes In Member States
  7. World VisionFaces of Today, Leaders of Tomorrow: Join the Debate on Violence Against Girls - 29 June
  8. ECR GroupThe EU Must Better Protect Industry from Unfair Competition
  9. Malta EU 2017Better Protection for Workers From Cancer-Causing Substances
  10. EPSUAfter 9 Years of Austerity Europe's Public Sector Workers Deserve a Pay Rise!
  11. Dialogue PlatformGlobalised Religions and the Dialogue Imperative. Join the Debate!
  12. UNICEFEU Trust Fund Contribution to UNICEF's Syria Crisis Response Reaches Nearly €200 Million

Latest News

  1. 'USB condoms' and migration on Estonia's EU agenda
  2. EU parliament should befriend transparency
  3. EU fines Google €2.4 bn over online shopping
  4. EU Commission could get say on Russia gas pipeline
  5. G20 is 'test run' for Trump-era climate governance
  6. Political conditions for EU funds prompt debate
  7. May defends proposal on EU citizens' rights
  8. UK visitors to pay into EU budget after Brexit