While Security has long been near the top of priority lists for most companies dealing with technology, Privacy has been slower to climb the priority ladder. Fortunately, this is starting to change: the growth of the International Association of Privacy Professionals (IAPP) is one indicator of this. For the Market Research industry, this new focus on Privacy has also been clear, and the Global Privacy Webinar Series sponsored by CASRO (Council of American Survey Research Organizations) has been catering to the increased interest. But what do we mean when we talk about “Privacy”? And why should there be growing interest?
What is Privacy?
The American Institute of Certified Public Accountants defines Privacy as encompassing “the rights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure, and disposal of personal information.” For a firm operating in the Market Research industry, key aspects of those Privacy obligations will usually depend upon whether the firm is acting as a data controller or data processor, the nature of the data itself (e.g., health, financial, children, basic contact and/or service usage) and the purposes for which the data is being used (e.g., fraud detection). Unfortunately, few regions share exactly the same definitions of these and other important Privacy concepts within their laws, so great expertise is required when evaluating compliance in a global setting.
As a side note, those new to Privacy may easily confuse it with Security, a separate but related discipline. Whereas Security is needed to ensure Privacy, the reverse is not true. For example, a Privacy audit may be concerned with whether one is storing health information, giving proper notice about this to users, etc., while a Security audit would be more focused on how that information is actually transferred and stored.
Why the Interest in Privacy?
The interest in Privacy is due to more than just the public perception issues raised by high-profile data breaches (see the consumer education website operated by the Privacy Rights Clearinghouse). It is also driven by concern for protecting consumers from identify theft, meeting client expectations, regulatory compliance, insurance and other liability considerations, etc.
We on the TrueSample Team also take into account Privacy considerations in the context of the need for market research data quality – as researchers need to ensure that the respondents taking their surveys are who they say they are. These researchers need a stamp of proof for each respondent’s authenticity – proving that he or she is “real” and is qualified to participate in market research studies – and TrueSample uses personally identifiable information (PII), such as name, address etc., to validate sample. The TrueSample team maintains a commitment to handling PII in the most responsible way to protect privacy and confidential information.
To learn more about Privacy, see the following resources:
- International Association of Privacy Professionals (IAPP)
- CASRO Global Privacy Webinar Series
- Privacy Rights Clearinghouse
- Data Privacy Day