How important is privacy really for Google?

Each action we take on online platforms is commodified; actions are translated into data of monetary value for tech giants such as Facebook, Google and Apple. Privacy concerns not just the the data we keep online, but every action we take as well. This puts privacy, which is valued by the individual in direct opposition to profit, especially for Google which I have argued for decades is an advertising platform first and foremost, and a search engine second. So last week when the headline “Google to give people more power over their personal data” appeared in the Guardian, I read on with hesitancy. How much do Google developers really care about Privacy by Design?

Last month Apple introduced greater controls to app tracking, which at face value seems like a strong commitment to Privacy by Design. However, on learning that allowing users to turn off app tracking has a significant impact on competitor Facebook, I can’t help but be skeptical that corporate competition is the underlying motivation for this. Facebook is predictably vehemently opposed to turning off app tracking and is now presenting itself as an unlikely champion of small business.

In the context of all of this, what is Google proposing to offer consumers in terms of privacy? To be honest, on reading a summary of the developments proposed at last week’s conference I was slightly underwhelmed, as Google is limited to how much privacy tracking they lose without impacting their advertising business. The one area of interest for me was the discussion of subscription services where, like with YouTube, users pay for ad-free content. This may be inevitable should Google make a serious commitment to Privacy by Design.

It seems the old adage “If the service is free, the product is you” could never be more true.

Metataxis on G-Cloud 11

Metataxis are pleased to announce that public sector organisations can again access our services through the latest G-Cloud 11 framework.

Cloud services, such as O365/SharePoint Online, require careful planning, design and governance to be successful; however all too often this is just seen from a technical perspective rather than one based on the information and the user.

Metataxis can help organisations meet these information management and information architecture challenges that make the difference in being able to support long term adoption and deliver real value.

Metataxis offer a number of services on the G-Cloud:

Information Architecture
Information Management
Information Discovery
GDPR Compliance
Content Migration
Training

If you would like any further information then please contact us.

Lessons from West Wing for GDPR compliance

What now seems an age ago, there was a TV series called West Wing telling the story of President Bartlett and his White House staff who were capable of wisdom, bravery, some pretty good one-liners and glam frocks, who were on a quest for human aspiration, despite frequently revealing themselves as flawed human beings.

In the episode ‘A Proportional Response’ President Bartlett is battling the desire to order retribution on a vast and violent scale following a Syrian attack on a US helicopter which killed several Americans, including a young, new, father Bartlett had befriended. But, instead, the President is talked down by his Chief of Staff, Leo McGarry, to taking a response that is proportional to the situation, rather than smiting the earth in fury.

A response in Leo’s words, ‘It’s proportional, it’s reasonable, it’s responsible, it’s merciful.’

And so what is the relevance of a ‘proportional response’ to GDPR compliance? To align with GDPR an organisation needs to strike the right balance between over-reacting and, yet, still addressing what needs to change.

After all the pre-25 May GDPR hype and headlines, and the deluge of consent emails flooding our inboxes, followed by…well…not a lot, really. It almost feels like we are still waiting for ‘it’ to happen. Or that ‘it’ will never happen. That it was all just hype; yet another Y2K fizzer.

The very tempting ‘proportional response’ to this is to do exactly nothing. To pat ourselves on the back that we weren’t taken in by all the dark threats and headlines, and to go on our merry way, scattering personal data about like confetti at a wedding.

But don’t be fooled.

The ICO has been busy. The penalties to date are mostly still under the previous legislation. The investigative process takes time – and it’s only been five months.

Whatever ICO decisions are downstream, what matters for organisations about data protection is what has always mattered. It’s an opportunity to do business better by aligning with the new regulations. That’s what a ‘proportional response’ is; one that makes sound business sense in the long term. It’s not just about fearing the goblins that live in dark data, or of the avenging angels.

Taking a ‘proportional response’ to your data protection is about gaining positive outcomes along the way to compliance. Organisations will eventually save money they didn’t even realise they were wasting. They will gain insight from joining up data that they never knew they had. And should the worst case happen, they will be in the most resilient position possible to be able to handle such an event.

A proportional response requires you to understand what your risk profile is in terms of the personal data you control and process. You need to know what personal data you have, where it is and what could possibly go wrong? What data and systems should you be focusing your effort on?

Once you have that knowledge, you can make it difficult for your employees to do the wrong thing and easy for them to do the right thing, because the systems in place support that outcome. You can take every reasonable measure to protect what needs to be protected, from deliberate attack and from somebody just doing something dumb.

‘It’s proportional, it’s reasonable, it’s responsible, it’s merciful.’ To your organisation, to your bottom line, and to the data subjects who are your customers and your employees.

AIIM GDPR Virtual Event

Metataxis are presenting a session at the AIIM GDPR Virtual Event.

The webinar will be jointly run by Marc Stephenson (Metataxis) and Patrick Cardiello (Active Navigation). The session has the acrostic title (we couldn’t help ourselves!) “Get Doing Privacy Right now!”, and details a case study in implementing GDPR for a global services organisation Metataxis is currently working with.

The aim of the webinar is to describe some real-world practical steps, especially around tools, for achieving GDPR compliance. The main tool we’ve been using for this client is the analysis and discovery tool from Active Navigation. This tool has been very effective at understanding the client’s information estate, which has made possible many GDPR tasks that couldn’t have been achieved without it.

See the Metataxis GDPR offering for more detail.