Privacy key to UK business opportunity, says KPMG

Finding the right balance between privacy and business insight could help UK firms take the lead in innovative online services, says KPMG

Finding the right balance between customers’ right to privacy and getting business value or insight from that data could help UK firms take the lead through innovative online services, says consultancy KPMG.

Stephen Bonner, partner in information protection and business resilience at KPMG, said most interactions with customers are now through digital channels, driven by the insight that provides.

“Businesses are getting so much economic benefit from understanding their customers better, but that insight must come with assurances that they are not over-stepping the mark,” he told Computer Weekly.

In this regard, Bonner believes the Information Commissioner’s Office (ICO) plays a key role.

“In a flat, global network where e-commerce can be delivered anywhere in the world, striking that right balance of fair, but firm regulation is what provides a competitive advantage for countries,” said Bonner.

Just as London created a liberal, but safe environment for investors in the finance world, he said the UK should seek to enable freedom to innovate online, but at the same time provide protections for customers.

“This will give the UK an interesting ability to compete globally, especially as US-based internet firms are losing global customers because of concerns over surveillance by the state,” said Bonner.

In the latest annual report, information commissioner Christopher Graham said the ICO seeks to enable the development and delivery of new products and services without compromising privacy.

Read more on the ICO

  • ICO probes Facebook over psychology experiment data protection fears
  • Wearable tech must comply with privacy laws, warns ICO
  • UK police forces fail to impress in ICO audit
  • ICO publishes guide on top IT security failings
  • ICO issues data protection warning to users of Windows XP
  • ICO updates corporate plan for better data protection
  • ICO fines charity £200,000 for data breach
  • Infosec 2014: Act now, but no new EU data protection law before 2017, says ICO
  • The ICO issues BYOD warning after breach
  • ICO denies bias against public sector organisations

"But to be an effective partner in delivering modern and innovative services, the ICO needs stronger powers, a more sustainable funding system and a clearer guarantee of independence," he said.

Graham believes that, as organisations' use of data gets ever more complicated, UK citizens need to know someone is watching over their information.

This is particularly true, said Bonner, as the world move towards the internet of things and the automated home, which will see an unprecedented depth of intimate knowledge firms will have about individuals.

“We stand at the cusp of what could be incredibly empowering insights from data properly collected and analysed that will change the way we do medicine and commerce, creating opportunity for innovation.

“But there is also the terrifying possibility of oppression, manipulation and restriction of freedom, so there is a need for industry to embrace a proper regulatory framework,” he said.

While most companies have shied away from this, relying instead on a self-regulatory approach, Bonner believes they will now begin to seek more widely recognised ways of proving their privacy credentials.

This is driven by concerns that if someone abuses their data collecting ability, it could have a negative effect on the whole industry, including those who have spent the time and money to do it properly.

“If consumers lose confidence in the whole industry, those who have built safe and secure systems may get penalised almost as much as those who have not,” said Bonner.  

“This is where regulatory enforcement becomes valuable because it ensures that the market is fair and that everyone is doing at least the basics well.

“It also allows a bit more education of consumers so those companies that go beyond the basics are talking to an audience who understands that might be valuable to them,” he said.

Read more on Privacy and data protection

Data Center
Data Management