The takeaway from the ICDPPC: Ethics is the way forward
Updated: Feb 22, 2019
By Emily Leach
The International Conference of Data Protection and Privacy Commissioners has released its report offering an overview of its October 2018 conference. The theme of this 40th annual conference was “Debating Ethics: Dignity and Respect in a Data Driven Life”; it’s the latest chapter in the European Data Protection Supervisor’s initiative to promote an ethical approach to developing new technologies.
Just looking at the session titles “Wrong versus Right” and “Move slower and fix things” (a play on Facebook's former mantra “move fast and break things”), it’s pretty clear the executive committee was setting the stage for regulators to call corporations to the carpet on their data handling practices. Perhaps this is due to the results of the EDPS’s 2018 digital ethics survey, in which the most common answer to the question “Who is responsible for and involved in ethical assessment in your organization?” was no answer at all.
Digging deeper into the conference report we see academics, tech leaders, philosophers, and journalists, in addition to regulators, calling for a tide change from corporations. Ventislav Karadjov, Chairman of the Bulgarian Commission for Personal Data Protection, said in his address, “My vision is privacy and digital ethics becoming not just an element of the organizational structure of data controllers, but being part of their corporate DNA.”
With the continued development of technologies using facial recognition, artificial intelligence, and genetic data, getting these ethics decisions right is going to be even more essential. As Maria Farrell noted in her session, Is technology designed to serve humankind? “We don’t get to sit this one out, we don’t get to say it’s too hard, we don’t get to say it’s someone else’s job. We have to preserve our individual privacy, autonomy and agency to get the futures we want.”
To that end, a contingency of 236 delegates from 76 countries, during closed sessions, adopted a declaration on ethics and data protection in artificial intelligence comprising six principles: fairness, accountability, transparency, privacy by design, empowerment and non-discrimination. None of these should principles be a surprise to privacy pros, they closely model the FIPPs and other data protection frameworks on the scene.
Alongside regular panel presentations, the conference included a “creative café,” where attendees workshopped the question “Imagine digital ethics was being applied in the data protection community, what does it look like, how is it operating and what is needed to get there?” Some of the core messages that came out of this café include:
This is not just about new rules, rather a new way of thinking that ensures ethics are included in our behavior, design and practice. Greater self-determination should be supported by institutions, infrastructures and new business models. New methodologies are needed to build ethics into the fabric of organizations and technology. We need empowered employees who use their ethical agency.
Additionally, survey conducted via Twitter and the conference app saw 59 percent of respondents indicating they believe digital ethics will become a larger organizational concern than data protection, and 79 percent in favor of a treaty or agreement on digital ethics at an international level.
Data protection laws are passing in countries and regions all around the world with varied requirements, but largely based on the shared system of ethical principles. To wit, Anita Allen in her ICDPPC talk noted, “In a civilized society, law floats on a sea of ethics.” It would follow then, that data protection based on a solid ethical framework will set corporations up for continued success, where programs focused on legal compliance will have corporations playing a game of whack-a-mole for years to come.
At Sentinel, our consulting services and technology solution are predicated on building privacy culture, not merely privacy compliance. We firmly believe that rather than a goal, compliance should be a result of a corporate culture that values an individual’s right to privacy. We know that ethical data handling practices build consumer trust; they can also create business opportunities. Let us show you how.