Close

PRIVACY

Corporates are vital avenue for data protection

The right to privacy is not absolute

In Summary

• Despite domestic and international law protections on the right to privacy, many businesses remain in the dark about the advantages and disadvantages of respecting privacy

• The right to privacy can be summarised as a person’s right to create a space around themselves free from interference by the government or other actors.

Data
Data

Recently, the discourse in the area of data protection and the right to privacy has been steadily moving away from debates about government policy and abuse, to the realm of corporate entities data handling. This especially those in the tech sector and those that collect and store personal data from clients in digital form.

Increasingly, it is being understood that corporate entities are collecting a lot of data about their clients and third parties that can be easily abused. Data on the face of it may look mundane or useless, however, they can be utilised in a manner that can be very invasive.

Despite domestic and international law protections on the right to privacy, many businesses remain in the dark about the advantages and disadvantages of respecting privacy - and the risks that they expose themselves and their clients to if they don’t safeguard data.

The right to privacy can be summarised as a person’s right to create a space around themselves free from interference by the government or other actors. Here, “space” means many things: It can mean physical space such as dwellings whereby one has the confidence that no one will arbitrarily enter and search their house, office, club or car. The law requires that court orders or warrants be issued as a prerequisite for government access.

The second aspect is in communications and associations with other people. Here, there is the legitimate expectation that your communications to others are not arbitrarily intercepted or surveilled. Connected to communications is the legitimate expectation that information about financial transactions and recipients, what one watches, listens to or searches online, the websites one visits, and GPS locations are not tracked.

The third aspect is held by other parties such as government, corporate agencies such as insurance companies, tech companies and hospitals. The understanding is that your information should not be arbitrarily shared to third parties without one’s consent.

Fourthly, there is the aspect of privileged relationships or communications such as between spouses, doctor-patient, lawyer-client, bank-client, journalist-source, employer-employee privileges where the information collected is not to be transmitted to third parties because these exchanges are protected.

Fifthly, there is the right to privacy of the body whereby you are presumed to have the prerogative to decide what to do with your body or what should be done you. This may range from the ability to for the state to order for medical procedures or tests such as DNA, brain mapping or examination.

The right to privacy is not absolute. The law envisages instances when certain personal or private information can be retrieved by government agencies such as law enforcement mainly for national security or planning reasons.

There is, therefore, a need for national legislation, policy and regulatory frameworks that obligate companies to respect the right to privacy. Moreover, companies need to have better understanding of their responsibility to safeguard clients and others right to privacy and have internal policies and strategies to ensure this.

Research has shown that consumer trust is vital for any business. When customers or clients trust and believe that a company will properly handle their data and do what it takes to prevent any breach, they are more likely to be loyal to the brand.

As such, every company that handles or collects client’s data in any form must conduct a review of company policies, products and services to identify where privacy issues may arise. This will allow the company to decide on who has access to what, depending on need such as encryption needs; complaints procedures; available remedies; and an understanding on the legal regime they operate within - in order to ensure that even when information is requested by authorities, such information is obtained following laid down procedures.

Because data has become very precious to businesses, many corporate entities are willing to pay an arm and a leg to access certain information about clients, potential clients or targeted groups.

If a company for one reason or another takes data dealing with weight of clients, an insurance company would be very interested because more weight is associated with higher susceptibility to sickness and thereby higher risk in insurance terms, and higher insurance premiums.

Data regarding our names, contacts, our purchases, financial transactions, food consumption, allergies, health status, places we visit, where we live or come from, parentage, our conversations, political ideology, internet searches and browsing history, books we read, education level may appear mundane. However, they can be easily used to profile and target us for a wide array of interests.

Constitutional and human rights lawyer

Email: [email protected] Twitter: @kipdemas