Full article copied from [1] ---------------------------------------------------------------------------- The real meaning behind all those corporate privacy expressions October 30, 2011 by simon
We’ve all read them a hundred times before. Broad statements of privacy good will by large organizations. But what do they mean? You can bet that the real intent is coded. Have a quick read of this one and see if you can fathom what the organization is on about: "Here at company XXX your privacy is our paramount concern. We believe we’ve got the customer experience just right and we’ve consulted widely on our new technology. That’s why we’ve reached out to you to help us build strong user controls in an environment of Privacy by Design. However we know how important it is to achieve the right privacy balance and so we actively support Data Protection reform and modernization. We believe in informed consent, that all organizations should be fully compliant and that that processing should be Fair and Lawful." Yes indeed. A masterful exercise in saying nothing. Privacy International believes we all need some clarity, so here’s our handy alternative glossary of all those privacy and data protection expressions you’ve stomached for so long: Modernize = to remove protections; to substantially weaken. Example: “the Data Protection principles must be modernized or they may become relevant to the Internet”. Policy Review = formal justification for modernization. Harmonization = pushing for the Lowest Common Denominator of protection. Data Protection Reform = Minimization of protections “Fair and Lawful processing” = “It’s covered in the legislation, so sod off!” “At XXX company, we care about privacy” = “we have a privacy policy” “At XXX company your privacy is our paramount concern” = “we have an updated privacy policy” “We’re enhancing the customer experience” = “We need to exploit more customer behavioral data.” “We’ve got the customer experience just right” = “We’ve exploited as much customer behavioral data as we possibly can”. Implied Consent = it should have been in our privacy policy Informed Consent = it was in our privacy policy Explicit Consent = it was in our privacy policy along with a check box “Reach out”; an expression used by companies when they need to impress lawmakers. Example: “We’d better reach out to the consumer groups before we see Commissioner Smith on Tuesday”. We consulted = we delayed publication of the final plan while we spoke to our trade association We widely consulted = we published a discussion paper somewhere on our trade association’s site. We extensively consulted = we actually read some of the responses. Compliance = testing the limits of legality Privacy Enhancing Technology = 1990s cryptography Privacy by Design = 1990s cryptography backed up by a Statement of Values Strong user controls = a dashboard Advanced user controls = a dashboard that changes every other week “Privacy is a Western concept” = “Privacy is a Western concept as long as you ignore all cultural and religious history to the contrary.” Achieving the right privacy balance = “We need to modernize”. The Cloud = outsourcing. Big Data = lots of people making dubiously legal profits but you can’t see them because of the cloud cover. Further reader suggestions most welcome. In the meantime, here’s the “real” version of the above company statement: "Here at company XXX we have an updated privacy policy. We’ve exploited as much customer behavioral data as we possibly can and we’ve published a discussion paper somewhere on our trade association’s site that tells you about our new technology. Our lawyers advise us to contact you before our lobbying gets underway to help us build a dashboard in an environment of 1990s cryptography backed up by a Statement of Values. However we know how economically important it is to weaken privacy regulation and so we actively support Data Protection minimization. We believe in putting things in a privacy policy, that all organizations should test the limits of regulation but avoid prosecution and that in the end if we can push hard enough for an exemption then you can all sod off!" -------------------------------------------------------------------------- [1] https://www.privacyinternational.org/blog/real-meaning-behind-all-those-corporate-privacy-expressions -- Parin Sharma https://identi.ca/FRDManiac -- -- Mailing list guidelines and other related articles: http://lug-iitd.org/Footer
