Itay Levy is the CEO and Co-Founder of Identiq, the world’s first anonymous identity validation network.
Privacy has no place in the tech world. Or, that’s what I thought. As a tech entrepreneur who started out as a software engineer, user privacy was simply the last thing on my mind. I assumed any regulations would add friction, make engineers and tech leaders jump through hoops and generally slow things down. Frankly, I hoped that the privacy and compliance folks would just take care of it all and leave me alone.
Then, when discussions about GDPR, LGPD, CCPA, and the rest started leaking into strategy and planning sessions with every business department, not to mention casual conversation, I saw that a lot of business leaders — in a variety of companies — were getting really worried.
I understood the concern. Both companies I cofounded were in the data business, one way or another, as are almost all businesses today. What would the shift toward privacy regulations mean for us? How would it restrict future innovation across industries?
What I discovered when I dove into it is that the future is a lot brighter than it looked at first glance. Privacy regulations aren’t just better for user privacy; they’re better for businesses, too, because regulations encourage innovation.
Regulations Encourage Technological Innovation
Think about seatbelts. Before seat belts, governments tried to limit the dangers of car accidents with regulations such as speed limits. Then, in 1959, Volvo introduced the three-point seatbelt. Within years it had proven to be so successful that the U.S. government mandated that seat belts be installed in all new cars going forward — and Volvo was forever associated in people’s minds with safety and security.
Or take the Clean Air Act as an example. It was passed to deal with the challenge of air pollution, and today the resulting cleaner engine technologies and cleaner fuels mean that our vehicles are roughly 99% cleaner than the ones from before the Act. Some of the new technologies that resulted from that change are now being incorporated into new legislation, which will likely result in new innovation. It’s a virtuous cycle.
Regulation is a balancing act between what’s in the public interest and what the market can bear. It has to take into account the time and expense of making changes and the cost of the impact of those changes. Where the balance lies depends on technology. If your technology is further ahead than most, you stand to gain.
Privacy fits the same model. On the one hand, the data belongs to the user, but in order for us to gain the convenience and functionality we all desire, companies have to be able to share user data, within parameters. Current legislation aims to find a balance between public interest and pragmatism.
Tech Can Get Online Businesses Ahead Of Privacy Regulations
Just as with the Clean Air Act, the flurry of innovation surrounding data privacy represents a great opportunity for the companies that are ready to leverage it.
Approaching compliance from a checkbox perspective means you’re likely to end up with processes that interfere with your core KPIs. That’s where the fear comes from — business leaders are aware of the restrictions privacy legislation can impose. But it doesn’t have to be that way.
Companies that are ready and able to take advantage of the latest technological innovations have a chance to future-proof against future regulatory change. Companies share confidential and sensitive information with, on average, 583 third parties. With privacy concerns front and center in many countries and jurisdictions, it’s a good time to think about alternatives — before you urgently need them.
Imagine if you’d been a car company poised to introduce the seatbelt straight after it came out, or a company already thinking about how to reduce pollution before the Clean Air Act. You’d have had a significant advantage over your competition, who were scrambling to adapt.
Privacy Tech Empowers Business Goals
Privacy-enhancing computation is a leap forward in terms of technological ability and privacy possibilities. But more than that, many of the applications being developed in fact solve a business pain-point, not a privacy one. They’re just doing it in a way that builds in privacy from the beginning.
In that context, a business can use the shift toward privacy regulations as a nudge to transform their business in diverse ways, from diversity or equality initiatives to customer experience to reducing risk to finding new ways to work with data internally. If your company is trying to work out what to do if Privacy Shield is invalid, privacy-first solutions might be your answer — discovering ways to work with data without sharing it.
Providerless identity validation is another good example — solutions that take the third-party providers, or data brokers, out of the identity validation equation. Instead, companies work directly together in order to validate user identities. Many such solutions are highly privacy-conscious, ranging from pseudonymous data to full anonymization in which no personal user data is shared at all.
From the business perspective, though, what it really means is being able to trust even brand new users, and give them a frictionless experience right away, because you know which users are already trusted by other companies. The privacy aspect (ensuring that no PII is shared) isn’t the point of the innovation — it’s an enabler of this improved experience.
If you’re a business leader, privacy is an opportunity. It’s time to take it — or get left behind.