The Future Of Privacy, An

Optimist’s View And What You

Must Do To Win Customer’s
Trust
Shaun Dakin
Privacy and Transparency Strategist
@ShaunDakin

11/19/10 Dakin & Associates - @ShaunDakin 1

 Today
①Who I Am, Briefly
②Privacy, defined?
③Where We Are Today Regarding Privacy Issues
(where to start?)
④An Optimist’s View Of Data and Privacy (Ignite
DC)
⑤Privacy By Design
⑥Practical Privacy Best Practices
⑦Discussion
11/19/10 Dakin & Associates - @ShaunDakin 2
 @ShaunDakin
• Privacy and Transparency Are A Competitive
Advantage – It’s good for your business
• Privacy As More Than A Compliance Issue
– Can we ask the lawyers to leave?
• Bio:
• Ran FedEx.com in the 90’s
• Learned I did not love mortgage finance at Fannie Mae
• Stood up a non-profit fighting for voter privacy rights at
StopPoliticalCalls.org in 2007, Testified at US Senate in 08
• Consult on business strategy, privacy, transparency
communications and product development
11/19/10 Dakin & Associates - @ShaunDakin 3
 Privacy Defined – By A Lawyer
Privacy is defined in the Generally Accepted
Privacy Principles (GAPP) as:
• “The rights and obligations of individuals and
organizations with respect to the collection,
use, retention, disclosure, and disposal of
personal information.”

11/19/10 Dakin & Associates - @ShaunDakin 4

 We Are Our Data

11/19/10 Dakin & Associates - @ShaunDakin 5

 The Cloud

11/19/10 Dakin & Associates - @ShaunDakin 6

 Privacy Is About Control and Trust

11/19/10 Dakin & Associates - @ShaunDakin 7

 It Takes A Village

11/19/10 Dakin & Associates - @ShaunDakin 8

 Today’s Screaming Headlines Involve
Privacy Issues
• Your Great Granddaddy Had Syphilis And Now
Everyone Knows It (Healthcare privacy)
• Police: Thieves Robbed Homes Based On
Facebook, Social Media Sites (Social Media
privacy)
• “Don’t Touch My Junk” – TSA Body Scanning
and Full Body Search
• “Obama Administration To Create a Privacy
Czar” – Elevation of Privacy to Executive Level
11/19/10 Dakin & Associates - @ShaunDakin 9
 Today’s Screaming Headlines Involve
Privacy Issues
“Don’t touch my junk”

11/19/10 Dakin & Associates - @ShaunDakin 10

 #Privacy Not Explicitly Defined In The
US Constitution – Is Privacy Dead?

Opt In Vs. Opt Out

Control
11/19/10 Dakin & Associates - @ShaunDakin 11
 Data – Day In The Life Of Shaun –
With Full Opt-In, On Election Day

11/19/10 Dakin & Associates - @ShaunDakin 12

 What Is My Health, Now

Morning Shaun, It’s 9:42

AM!!! You are late !

Dr. Fox checked your

blood work overnight.
You are cleared for a 5.5
mile run this afternoon.

9:42
11/19/10 Dakin & Associates - @ShaunDakin 13
 9:55
11/19/10 Dakin & Associates - @ShaunDakin 14
 Can I Make My Meeting?

10:15
11/19/10 Dakin & Associates - @ShaunDakin 15
 How’s My Mom Doing?

10:22
11/19/10 Dakin & Associates - @ShaunDakin 16
 Message On Way To Work

Mr. Dakin, slow

down please.
Or, your good
driver discount
may be
revoked!

10:29
11/19/10 Dakin & Associates - @ShaunDakin 17
 Crap, Boss Videoing In

10:43
11/19/10 Dakin & Associates - @ShaunDakin 18
 It’s Election Day

11:15
11/19/10 Dakin & Associates - @ShaunDakin 19
 I Get a Call, From My Son’s School

11:45
11/19/10 Dakin & Associates - @ShaunDakin 20
 Son?

12:17
11/19/10 Dakin & Associates - @ShaunDakin 21
 My Phone Alerts
Me

1:23
11/19/10 Dakin & Associates - @ShaunDakin 22
 Honey?

1:34
11/19/10 Dakin & Associates - @ShaunDakin 23
 Time to Vote

4:46
11/19/10 Dakin & Associates - @ShaunDakin 24
 Night Night

10:34
11/19/10 Dakin & Associates - @ShaunDakin 25
 Privacy And Trust: A Competitive
Advantage
• Trust Is Critical For Any Organization:
– How Do You Build It In To Your Processes,
Procedures, Services and Products?
• How Can You Design Products / Websites /
Programs By Asking:
– Does This Build Trust With Our Member?
• Privacy and Trust By Design

11/19/10 Dakin & Associates - @ShaunDakin 26

 PbD

11/19/10 Dakin & Associates - @ShaunDakin 27

 Best Practices For Organizations
Around Privacy and Trust
• Realize:
– No One Reads Your Privacy Policy
• Lawyers:
– Following the Letter of the Law is Not Enough
• Think “Does This Earn The Trust Of The
Customer?” vs. “How Do We Comply With
The Letter Of The Law?”
• Transparency is key

11/19/10 Dakin & Associates - @ShaunDakin 28

 Be Clear And Use Real Language
• Ask: Do We Really Need To Collect This Data?
• Use Clear Communications Around Use Of Data
– No lawyers in the room, use writers, copy editors,
communications people
• Explain
– This is Why We Use Your Data
– This Is How We Use Your Data
– This is Where We Use Your Data
– This is Who We Share Data With
– This is How to Opt-Out

11/19/10 Dakin & Associates - @ShaunDakin 29

 What If Steve Jobs Designed
Privacy Notices?

11/19/10 Dakin & Associates - @ShaunDakin 30

 Use Visuals

11/19/10 Dakin & Associates - @ShaunDakin 31

 Not

11/19/10 Dakin & Associates - @ShaunDakin 32

 Practical Privacy Communications
Suggestions
①Collect Less Data. Do you need to collect that
data?
②Communicate Often and Before Any Legal Privacy
Policy
③Communicate Privacy and Data Issues in Multiple
locations on and offline
④Place Disclosures In All Relevant
Communications, on and offline
⑤Always On Disclosure

11/19/10 Dakin & Associates - @ShaunDakin 33

 Don’t Fear The Opt Out - TRUSTe

Source > http://www.truste.com/blog/?p=987

11/19/10 Dakin & Associates - @ShaunDakin 34
 Don’t Fear The Opt Out - TRUSTe
①Goal – Provide enhanced notice outside
privacy policies
②Learning
① 2x consumers clicked on icon vs privacy policy
② Few consumers changed their preferences
③ Consumers valued the education and information
and were not as alarmed as expected
③Build Trust With Consumers

11/19/10 Dakin & Associates - @ShaunDakin 35

 Privacy Crisis – “Run To The Crisis”
①Apologize, quickly
②Thank (Community) For Bringing Issue(s) To Your
Attention
③Separate the Organization From Any Wrongdoers
④Concrete Next Steps To Make Sure It Does Not
Occur Again
① Communicate To All Internal Stakeholders
② Consider A Special “hot-line” and website to deal with
questions

11/19/10 Dakin & Associates - @ShaunDakin 36

 Trends and Issues
• Legislation and Executive Privacy Czar
• Location Based Services (Mobile)
• Health Records (EHR)
• Life Of Data – Storage
– Forgettable Data
– Right to be forgotten (EU)
• Identity Theft
• Inference Data – Behavioral Advertising

11/19/10 Dakin & Associates - @ShaunDakin 37

 Discussion

11/19/10 Dakin & Associates - @ShaunDakin 38

 Thanks
• Shaun Dakin
– Twitter:
• Business @ShaunDakin
• Advocacy
– @PrivacyCamp
– @EndTheRoboCalls
– Email: Open this link
• http://scr.im/shaundakin
– Google Voice: 703-829-0854

11/19/10 Dakin & Associates - @ShaunDakin 39

 Resources
• FTC
– http://www.ftc.gov/bcp/edu/microsites/idtheft/business/data-
breach.html
• Privacy Data Laws
– http://www.privacybydesign.ca/publications/privacy-maps/
• Privacy By Design
– http://www.privacybydesign.ca/
– http://knowledge.wpcarey.asu.edu/article.cfm?articleid=1927
• Crisis Communications
– http://www.levick.com/resources/topics/articles/running_to_crisis.php
• Tools
– Google > http://www.google.com/intl/en/privacy.html
– Ad Blocking: Ghostery > https://addons.mozilla.org/en-
US/firefox/addon/9609/

11/19/10 Dakin & Associates - @ShaunDakin 40