Evelina Georgieva, Pryv: “investing in data privacy is not only about fulfilling a requirement to achieve compliance”

Today, everyone leaves a digital footprint on the Internet. Whether it’s when you visit a daily newspaper website or when you make online banking transactions. Unfortunately, not all companies put their primary focus on data privacy and that leaves enormous amounts of sensitive information at risk.

It’s essential that businesses would start seeing data privacy as an essential part of building trust and brand reputation rather than a tick-box to achieve compliance. 

So Cybernews invited Evelina Georgieva, the Co-Founder and Business Development Officer at Pryv, to discuss about modern personal data management solutions and how they can empower forward-looking companies.

How did the idea of Pryv originate? What has your journey been like?

Pryv is a blend of ideas initiated more than 10 years ago. While overcoming leukemia, Pierre-Mikael got inspired to develop a solution that will empower patients to stay away from the hospital but still receive crucial monitoring and care remotely. At the same time, Frederic was eager to create a B2C digital place, Facebook-like but with privacy at focus to empower users to master their data sharing and protect their data ownership rights. Simon brought his digital ethics and privacy vision. I (Evelina) joined them when we pivoted from the B2C concept to create Pryv B2B as you know it today: a trusted software vendor of privacy and personal data management solutions. 

Can you introduce us to your personal data management software? What are its key features?

We help organizations manage personal data from creation to use, sharing and disposal. Following the privacy engineering approach, we support our client’s IT teams to ensure that their data privacy compliance is done right: from the very early architecture design to the introduction of data-driven business models. We help them not only accelerate time to market but also cut IT development costs and speed up data utility and scalability across legal jurisdictions, such as the GDPR and industry-specific regulations.

Since 2015, we license our Pryv.io software which is used as a solid foundation to boost the development efforts of “integrated teams” of IT engineers, legal and business experts. The Pryv.io middleware acts as a “plumbing system” which ensures their digital platform has its best chances to engage customers and drive business values – covering the entire data lifecycle and the data privacy aspects.

Among the bestseller features are the dynamic consent, extensible data model, decentralized storage for scalability, and data mapping for automatic integration with existing warehouses.

In your opinion, what data privacy issues should more people be concerned about?

It is yet not clear enough that privacy and security are different. Unlike security, which nowadays is well understood by almost anyone, data privacy is still unclear. Privacy can be translated in different ways and have different meanings. While some will correlate it with limiting access to data, others, like us at Pryv, will look at data privacy as a tool to unlock data values. For us, privacy is not secrecy, but the ability of individuals to use their data, act on their rights and give informed consent for the rightful processing of this data. Thus, each stakeholder can win more from the unlimited power that personal and contextualized data can bring.

My message to the users will be first to decide what privacy means to them and then take decisions and measure risks versus opportunities.

How do you think the recent global events affected your field of work?

The effect of the Covid pandemic, the growing power of information war, the upscaling Digital Democracy, and the rapidly changing Data Protection Regulations on a global scale, just to name a few, have been undoubtedly an eye-opening momentum for any forward-looking business. It became apparent that investing in data privacy is not only about fulfilling a requirement to achieve compliance but an imperative to build trust, protect brand reputation, and develop new revenue streams. 

Some experts believe that keeping up to date with data privacy trends and requirements could even be the selling point for customers. Can you share some tips for businesses looking to update their privacy policy? 

We believe that personal data aggregation, sharing, and processing should be as effective, secure, and trustworthy as online banking. This is a must-have to empower the user to understand the value of the data, how to manage and control it, and promote trust and engagement. 

In this new paradigm, privacy is not a compliance tick-box but an opportunity to break data silos, differentiate products, and services and attract end-users with trust, transparency, and empowerment. 

We advise our customers to embed privacy-DNA in any process of their organizations, early in the development phase, ensure cross-functional team and privacy-engineering capabilities and thus guarantee they can deliver competitive user-attracting services and open up new horizons for achieving high ROI in a short period and overtime.

What dangers can customers be exposed to if a company they trust struggles to ensure compliance? 

Besides the obvious non-compliance and loss of brand reputation and trust, for many businesses, a data protection breach will mean a loss of business that could be as strong as pushing the business to bankruptcy.

For users, understanding the trusted brand lacks privacy compliance might result in disappointment and disengagement, as well as pushing the individuals to act on their data rights (where is my data stored, prove me you have my consent and what so for, provide an audit on the data interactions, etc.) Incapacity to deliver will again result in impressively huge fines and serious business consequences.  

What are some of the worst mistakes companies tend to make when it comes to handling large amounts of customer data?

The biggest mistakes in my opinion are the following:

• Undervaluing the importance and impact data privacy has on their business
• Misunderstanding the data privacy principles
• Non-differentiating data privacy and security
• Not being able to identify data categories correctly
• Lacking efficient data governance strategy
• Implementing “bolt-on” patching solutions
• Missing the right team expertise

Talking about individuals, what actions should average Internet users take to protect their personal data online? 

Before taking action, we advise users to be informed about the data privacy rights they have and then to act on them. 

Share with us, what’s next for Pryv?  

We have recently introduced a powerful extension of our services by teaming up with OpenWT. As part of Pryv corporate development and pivotal time of growth, Pryv continues its full operations, focused on delivering licenses of its proprietary Pryv.io software, while data privacy consultancy services will be carried out by the OpenWT Data Privacy Excellence Practice.

About Cybernews.com is a research-based online publication that helps people navigate a safe path through their increasingly complex digital lives. The CyberNews Investigation team uses white-hat hacking techniques to find and safely disclose cybersecurity threats and vulnerabilities across the online world. Leaks of users’ personal information? Security flaws in enterprises? Exchanges of sensitive data on the dark web? They’re on it. The CyberNews Editorial team provides cybersecurity-related news, analysis, and opinions by industry insiders. They are working independently and transparently following our Editorial guidelines.

The post Evelina Georgieva, Pryv: “investing in data privacy is not only about fulfilling a requirement to achieve compliance” appeared first on Pryv.

Technology made it possible to have the world at a fingerprint. As a result, every day, millions of users leave their marks in the digital world, making it possible for companies to frame them into predictive, insightful “little boxes”. The question of whether it is for good or not will depend on how they will use this information. Is our personal information treated and used with ethics? Beyond what the law says, personal data and privacy regulations such as the GDPR or CCPA, we all have an inner sense of what is right and what is wrong. Digital Ethics is something that we all wish to believe in, but few know about it.

The Loud Silence of Digital Ethics  in personal data mobile apps

Futurists foresee a world where everything would be technology-enabled. Some even picture it as the perfect utopia. A world where criminals would be caught before they even act. Where patients would be cured before they get sick. And where everyone would find love. A world governed by justice, health and ideal match. A perfect world… or maybe not?

While striving for this world, the line between right and wrong became blurred. And all of a sudden, what was supposed to turn into a dream ended up reflecting an alternative nightmare: a world that could be governed by “secret” mass surveillance, biased algorithms, and companies leveraging personal and health data to increase their profits; convincing themselves that they are, ultimately, doing it for the “greater good”. Does the end justify the means though?

Much has been said about technology enhancement, the power of personal data in enabling personalized services, offering, care and treatment. Unevenly, opening-up the Digital Ethics Pandora box is a taboo. Without any further delay, now may be the time.

The road to hell is paved with good intentions.

It always starts with a good idea. “Make the world a better place”. “Save the world”. Yet most of the time, without a strong ethic to frame it, even ideas that started with a “don’t be evil” mantra are doomed to perdition. Almost everyone has lost faith in the very notion of privacy. Trust needs restoring. As being “data plumbers” at Pryv, we see it a lot happening with personal data collected via mobile applications. Inspired to make a big change, however, innovators often lose themselves in what is right and what is not. It is not that the technology or the idea behind it is necessarily bad in itself. But like everything, if you don’t know your limits, you will eventually end up beyond them.

Despite often being hidden behind numbers, personal data can reveal a lot about individuals. What people eat, where they go, who they love. In a perfect world, these data would be used to suggest the perfect restaurant, optimize transportation, pay for what you use, not more and save us from a life of loneliness. In today’s world though, this same data can equally be used to escalate insurance pricing, enact citizens’ surveillance, and manipulate thoughts and behaviours on command. And without the enforcement of a strong ethics to surround personal data collection, this might just become our permanent future.

The Yin & Yang in Digital Ethics.

We can envision two mirroring worlds where the border line is Digital Ethics. On one side, being mindful of what is right can open up a world where we will all be doing well, healthier people and happier insurers, empowered citizens and fairer judges. Or, on the mirroring side where the code of digital ethics is not respected, we can end up in a world where we are all prisoners of our own digital twin. A world governed by fear, predictability and surveillance capitalism.

So which one is it going to be? At Pryv, we envision a world where Privacy is the norm. And while it is true that we cannot control the future, we are still empowered to make decisions today that can allow for better privacy tomorrow. In fact, it is that simple: it is a matter of choice to do it; nothing more, nothing less. Let’s build a world where treating users with respect will pay back: so be transparent, consent-centric, restore trust and build meaningful relationships with your users. 

Since 2012, at Pryv, we deliver businesses a solution to empower them building trustful long-lasting relationships with their users, manage personal and sensitive data rightfully, being confident in processing, but not « shy » for asking for more. More data brings more insights and we are all willing to share more when we trust. 

The first step is always the hardest, but we got your hand:

Privacy-first Digital Ethics Handbook.

1. 1. Respect the moral principles: apply the “do no harm” principle to personal data.
   2. Establish norms dedicated to ensure that the autonomy and dignity of users is respected: Provide your development team with the tools to implement it “rightly”.
   3. Allow your users to shape the debate and make informed choices.

The Personal Data Economy is Raising! We are offered a lot, but we have lost the essentials. Be that service provider that is there to last. Respect Digital Ethics, Develop privacy-first. 

Yours,

Stephanie & Evelina

“Personal data aggregation, sharing and processing should be as effective, secure and trustworthy as online banking. In this new paradigm, privacy is not a compliance tick box but an opportunity to break data silos, differentiate products and services, and attract end-users with trust, transparency and empowerment.” Pryv 

Additional Sources:

• https://www.accenture.com/_acnmedia/PDF-24/Accenture-Universal-Principles-Data-Ethics.pdf
• https://www.accenture.com/_acnmedia/PDF-22/Accenture-Data-Ethics-POV-WEB.pdf

The post The Loud Silence of Digital Ethics  in personal data mobile apps appeared first on Pryv.