In March, the U.S. Senate voted to roll back broadband provider privacy regulations promulgated by the FCC. This means ISPs will not be prohibited from selling customers' web-browsing histories and other data without their permission. In terms of your life on the web, there are three things you should understand about this development:
- It’s largely symbolic; the privacy regulations had not yet gone into effect, so the rollback is unlikely to change the way anyone was doing business.
- There are other restrictions in place that prevent ISPs from selling your individually identifiable data, so the rollback only allows for the sale of aggregated data. Advertisers may target you as a member of a herd, but it’s doubtful anyone will be poring over your particular web habits.
- The rollback is a clear signal from the U.S. Congress that individuals are responsible for their own privacy. We’re supposed to let the market sort it out.
There is a way in which letting the market sort out privacy issues imposes burdens on Internet businesses. In a world with privacy regulations, everyone presumably knows what is expected of them, and the cost of meeting those expectations is baked in. In the absence of regulations, on the other hand, businesses are left to ponder the meaning of privacy, whether there’s value in protecting it, and how they might capitalize on it.
Unless everybody starts using VPNs (which can anonymize your web use, even to your ISP), ISPs will have the opportunity to make money by selling their users’ data. But is that opportunity worth more than the competitive advantage they could gain by refusing to sell it? There must be quite a few businesses struggling with that question now.
That they will need help in figuring out how to proceed can create career opportunities. Privacy is now a profession. The International Association of Privacy Professionals (IAPP) was founded in 2000 and has 20,000 members in 83 countries. For the past three years, membership has been growing at an annual rate of 20%. IAPP sponsors an international conference on privacy — the Global Privacy Summit, being held this month in Washington, DC. It also runs professional certification programs.
Logical Operations is a partner to IAPP in these certification programs. Our partnership brings each of IAPP’s certifications, including the Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM) and Certified Information Privacy Technologist (CIPT), to Logical Operations’ network of over 3,000 training centers worldwide. Courses are two-day, instructor-led training sessions that include textbooks, participant guides, exam vouchers, and a one-year IAPP membership.
Businesses are regularly discovering the costs of privacy stumbles. Fines, legal sanctions, and loss of trust in your brand are only the first-order effects. They can be followed by lawsuits, boycotts, and the costs of remediation. Each privacy stumble that finds its way into the news increases the likelihood of success for businesses that commit themselves to protecting user privacy and achieve a reputation for doing so successfully. In addition, data privacy laws vary from region to region, which increases the demand for privacy specialists. You don’t have to be able to predict the future of privacy to predict the future of privacy professionals. It’s pretty bright.