Privacy-friendly analysis, how do you approach it?

1. Provide control over personal data

Approval is required to collect personal data. This approval must be free and unambiguous and must be clear and conclusive. For example, click a Button Tick ​​”I agree” or the checkbox. But even after approval, people still have control over their personal data. This means:

• Access their personal information.
• Ability to convert data.
• Ability to delete some or all data.
• Option to indicate that data is not being used for specific purposes.

It is also important that only the information that people indicate they want to share is collected and that this data is used only for the purposes for which they agree. For example, personal data collected for first party use may not be shared with shareholders or third parties thereafter.

Data collection companies should clearly state what that data is going to do. And of course stick to it. It may seem simple, but you will be amazed at how many times companies reuse personal data without the knowledge of the people who provided it. People should be notified if there are any changes in the way their data is used. They should also be given the option to opt out of the new use of their data.

Meeting all of these requirements requires a way to effectively manage people’s approvals and data requests. Companies therefore need a solution to automatically adjust data collection based on approval status and monitor that approval status. People can easily change their approval status, and that change will directly affect how data about them is collected.

2. Transparent data collection and processing

Privacy-friendly analysis methods are also transparent. It should be clear whether the data is shared with third parties, and with whom, and why.

Companies that want to improve transparency in this area can use so-called First party Use dates. This data is obtained directly from the public during interactions with a company. In this case, getting permission for this is easy because a company asks people if they want to share their personal information and clearly states what this data will be used for.

Transparency requires control. There should be an organization that encourages companies to follow the rules and properly inform people about data collection. It builds trust, which is essential for people and companies trying to collect data. If consumers do not have confidence, it is bad for companies and consumers. Consumers will not build relationships with companies and then get poor service. For example, they install ad blockers and do everything they can to prevent their data from being shared. This affects businesses in the long run as they receive less consumer data.

For such transparency it should be clear where the data is stored. Privacy protection is not exactly “in the cloud” because it depends on the jurisdiction to store that data. People should be informed about all possible storage locations when permission is sought. This is required by law anyway.

Companies that process personal data and operate in many countries should be familiar with local privacy and data law. For the collection and processing of information about EU citizens, it is strongly recommended to keep it somewhere within the EU. Companies that fail to comply with such rules will face higher fines.

3. Data protection ‘by design’

Privacy-friendly analysis methods are based on the principles of “privacy by design”. The idea is that privacy must be guaranteed by legal framework, but privacy protection must also be standardized within an organization.

One of the pillars of this approach is the principle: “Active, not reactive; preventive, not restructuring.” It is always better to prevent privacy infringement than to solve problems when things go wrong. There are two options for an active approach: data reduction and target mitigation. Data reduction is the processing of information that is only necessary for a specific purpose. The scope of scope is that before the data collection and processing begins, the audience is made very clear about the purposes for which the data will be used. After collecting and processing the data, the data may not be stored for longer than required to achieve the specific purpose.

Appropriate technical and organizational measures “by design” for data protection should already be taken at the design stage. In this way, privacy and security mechanisms have been in place since the beginning. Precise algorithms depend on the end-use scenario, for example anonymous data, data processing monitoring or privacy protection functions in analytics software.

4. Data protection

Data security is sometimes confused with privacy. However, data security is about methods and tools that protect data from unauthorized access, theft and corruption. In addition, it covers the physical security of the hardware, organizational practices and standard policies. More privacy-friendly AnalysisSolutions must be protected. They should:

• Minimize the risk of data leakage as much as possible.
• Keep data secure and minimize data breaches.
• Prevent attacks.
• Protecting data from human error.

This allows companies to avoid reputation damage and impose higher fines. At the same time, the security of digital information is essential. People need to be confident that any personal information they share will be truly secure. Otherwise, they may not want to share the data, although they may benefit in some way.

It is very important to conduct analytical data as well as other personal data. Using good security practices such as:

• Regular Audit Internal processes and analytics software used.
• Restrict access to data such as micro-user permissions and firewalls to prevent external access.
• Good policy on creating and managing backups.
• Secure access to data such as usage Single loginImplementing techniques and secure HTTPS connections for all Tools Those who have access to data

Which analysis sites are best suited for privacy?

No AnalysisAre the sites optimal for privacy? The short answer is very important AnalysisSites like Google Analytics and Adobe Analytics are not designed with privacy in mind. They do some things well, such as data security, but lacking in others, especially providing transparency and control.

For example, Google’s business model is based on maximizing data collection. This can lead to a loss of control over the data collected by Google Analytics. Google uses Google Analytics data to improve services and share insights with users of other Google products.

Looking at where data is stored, Adobe has data centers in only a few areas. Google Analytics typically stores data on external servers located in the United States. For companies that want to comply with Dutch and European laws regarding the location of data storage, Adobe or Google are less good choices. Finally, with Adobe Analytics or Google Analytics Tools Approval is required from third parties to handle management or data requests.

The good news is in terms of privacy-friendly Analysis And there are more possibilities. The demand for these types of sites is also growing strongly. This shows that more and more companies are taking data privacy seriously and are really committed to it. By carefully considering any privacy requirements a AnalysisWant to meet the stage, can choose the best. One thing is for sure: with more focus and concern on privacy, more and more companies are really focusing on this. And this is a good development for everyone.

About the Author: Vincent de Winter Regional Manager Benlex Bevik P.R.O..

Want to know the latest news in your field? Follow Emerson in the community: LinkedIn, Twitter On FAce book.