Data security and privacy — a matter of concern for citizens and governments alike

Frank HarmsenBy Jonas Groes, Partner, Advisory, Ernst & Young Global Limited.

I heard less than half the population in OECD countries trust their governments. Less than half? It seems there is widespread apprehension among citizens about sharing personal data with governments. Terrorism, increased information and awareness about how personal data can be misused – and news about data breach incidents in the public sector, no matter how few – seem to be adding fuel to this fire of fear and doubt.

Perspectives on this topic are very diverse. There is a view that we, as consumers, are more open to providing online private players access to our data than we are, as citizens, to governments. There is also a view that our expectations from governments on how our data is handled are much higher than our expectations from private companies.

Governments today have a strong, even ineluctable, case to go digital; therefore, gaining back citizens’ trust, getting them to share personal data confidently and living up to their expectations seem to be the only next steps. Here are a few lessons that we can learn from the experiences of governments that have succeeded.

  • Design for security: Design solutions and systems with data protection in mind instead of retrofitting privacy “fences.” Look at new models for privacy, and new ways of segmenting the systems and using encryption models if needed.
  • Improve user experience: Improve the experience of the individuals who give government agencies their data. This could be done by ensuring individuals only give their data to a single agency — which, by the way, would require agencies to share data more often than they might have in the past.
  • Make lives easier with digital: Use digital to make the lives of citizens easier, for example, by creating apps that make citizens’ interaction with government agencies and departments (for income tax, utilities, children’s education purposes, etc.) seamless and through a single point of contact.
  • Balance compliance and efficiency: This means working together across agencies, conducting risk assessments to inform decision-making, and matching capabilities to need.
  • Generate awareness: Educate citizens on data security and on the importance of digital to ensure proactive public participation. Governments can also help drive awareness campaigns on the importance of people and organizations treating their data carefully.

Going beyond compliance

While governments are required to comply with regulations, such as the EU General Data Protection Regulation (GDPR) due to come into effect on 25 May 2018, it shouldn’t be only about compliance. Governments can use regulations to think harder and more strategically about how it captures, stores and uses data. And by doing so, it would be taking great strides toward renewing and building trust with its people.

Legal disclaimer: The views expressed are those of the author only and do not represent the views of any of the member firms of Ernst & Young Global Limited


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s