Making Digital Transformation Privacy by Design
Technology is at the heart of the most important social and economic advances of the last 20 years. It is an enabler of the digital transformation that is set to enrich how we live and work.?It is also often at the centre of controversy over how and for what purpose it collects, generates or uses data. ?
This session explored the inextricable link between digital transformation and privacy, and the European measures that hope to level the data playing field and prevent abuses of dominant positions in the market.
The discussion chaired by Tanya Suarez Ph.D. revolved around (i) identifying some of the biggest challenges we face in realising the full economic and social value of data in a fair and sustainable way (ii) the expected impact of the EU’s new Data Act, and (iii) the tools and measures that must help balance the need to protect people and business with the risk of stifling innovation, particularly in AI and machine learning.
Speakers:
Context
By 2025 the volume of global data is set to increase by 530% from 33 zettabytes in 2018 to 175 zettabytes. The demand for data professionals in the EU27 will rise to 10.9 million from 5.7 million in 2018, and the percentage of the EU population with basic digital skills to 65% from 57% in 2018.
In this context, the European Commission has recently stated that unlocking the economic value of data could generate €270 billion of additional GDP for EU Member States by 2028[1]. Across Europe, policymakers, academia and businesses are striving to understand how new technologies can be harnessed to deliver value while respecting data ownership.?Initiatives like Horizon Europe funded Unlock CEI, take a multisided approach to look at demand side drivers and challenges and the technology-driven innovations and business opportunities driving demand value chains and data transfers in the Cloud-Edge-IoT continuum.
Part 1. Digital transformation of society must include privacy to comply with individual rights
Digital transformation is a process, a major change, and requires a redesign of the enterprise at all levels. Digital transformation influences how everyone in the business works, the management, the values, the existing mindsets, the processes, the view of employees and the environment around us.
To meet the demand for an efficient, user-friendly, and open administration, it is not sufficient to digitalise current services and processes. We must think anew and solve tasks in new ways.
Veronica Jarnskjold Buer, Head of Department Technology of the Norwegian Data Protection Authority, set out some of the considerations for DPOs as established ways of solving public tasks are being challenged.
Digital transformation of society must include privacy to respect the rights of the individual. Supporting compliance is ensuring organisations understand obligations and the tools and means to support engineers in building compliant applications from the outset. There are steps that organisations themselves can take to ensure that their digital transformation journey is compliant with democracy and privacy requirements:
Part 2. Taking back control? Digital transformation, data and the Data Act
Whereas most assets appreciate in direct proportion to their scarcity, the value of data can increase with volume. For this value to be realised optimally from a societal and economic perspective, the data must be of good quality (outside the scope of the Act), shareable, and interoperable.
领英推荐
The Data Act proposal, just confirmed by the European Parliament, will govern data collected, generated and/or processed by connected devices, giving full data rights to the user of the devices. It is expected to open up the data economy by eliminating some of the barriers that currently prevent access to data. It will also govern the new data space.
Thomas Hahn, Chief Expert Software Siemens AG, illustrated the potential benefits that can arise from the exploitation of these new mechanisms for compliant data sharing in carbon footprint and battery production.
A significant part of global CO2 emissions come directly from industry but only 10% (depends on produced product) are generated in their own factories (scope 1 and 2).?Up to 90% (depends on produced product) of the CO2 emissions are attributable to the upstream/downstream supply chain (scope 3).
Battery production is enormously energy- and water-intensive, and partly dependent on other countries. 96% of battery materials are recyclable but only with a transparent view of the entire CO2 footprint of the product, can emissions be reduced along the entire value chain. In this context, digital twins can be used to design and produce more sustainable products.
The data transparency along the entire value chain can be technically implemented through Data Ecosystems such ESTAINIUM (https://www.estainium.eco/en/) for PCF and planned further with Manufacturing-X, an open, global and cross-sectoral, decentralised and collaborative Data Ecosystem for Industries 4.0.
Part 3. Market forces-v-regulation
Whether we love or hate ChatGPT, there have been many concerns regarding the permissions it has to access the data on which it is being trained. Most notably, Italy has banned its use- Garante, accused Microsoft Corp-backed (MSFT.O) OpenAI of failing to check the age of ChatGPT users and the "absence of any legal basis that justifies the massive collection and storage of personal data" to "train" the chatbot.
The Federal Commissioner for Data Protection and Freedom of Information BfDI, Ulrich Kelber, shared his views on the balance between protecting consumers and businesses from the more perfidious use of technology and the need to incentivise experimentation with data as a necessary precursor to innovation, both incremental and disruptive.
Firstly, BfDI understands that there is a need to support technological compliance by working with firms in contrast to taking an approach based on an understanding that the interests of regulators and industry are opposed.
Data protection is an enabler of technology and can be a source of competitive advantage for firms. Products and services can and should be developed with privacy-enhancing technologies embedded to ensure compliance at the outset.
From a regulatory perspective, there are tools that can be used to support this development, such as regulatory sandboxes and other tools that support businesses to develop privacy-enhancing technologies and for firms across industries to understand how they can comply with regulations.
Norways’ DPA, has launched a regulatory sandbox for data protection and the innovation of responsible artificial intelligence. Dialogue-based counselling. Sandbox for responsible artificial intelligence | Datatilsynet. It also has deployed other novel tools, including an annual competition focused on the practical implementation of Data Protection by Design and by Default.
Final words
A few final words to DPO’s and policymakers:?firstly, regulations are there to enforce societal values. These values are not static in time but evolve as society evolves. New approaches to regulation could move more towards certification of compliant use of data in digital transformation but also wider use of Codes of Conduct. It makes business sense for Trust to be built into a product at the outset. Respecting personal data and proprietary data is a part of business resilience.
Finally, regulators must look at technologies (and how they use data) from a 360o perspective, considering not just their immediate purpose but the impact on the business and world around them.
[1] https://commission.europa.eu/strategy-and-policy/priorities-2019-2024/europe-fit-digital-age/european-data-strategy_en