Tech Giants Talk the Data Privacy Talk
The reputation of Silicon Valley’s elite brands is in urgent need of repair.
In recent years, data scandals from breaches of personal information to alleged interference with democratic elections have repeatedly made the news headlines.
A corresponding drop in public confidence and the prospect of industry regulation are driving the likes of Apple, Google and Facebook to publicly declare their commitment to privacy.
Suddenly, it’s become fashionable for them to talk the data privacy talk, each one laying claim to be more trustworthy than the other.
The sight of these big tech companies vying to become privacy guardians sends a strong signal to the rest of the business world about the importance of taking data protection seriously.
A well-established and proven way to keep company-sensitive data private is to use centrally managed virtual private networking (VPN) software.
Talking the Talk
Fallout from the 2018 Cambridge Analytica data privacy scandal is still being felt by the world’s technology giants.
Against this backdrop, the CEO of each has spoken publicly on the subject during the first half of 2019.
Tim Cook was keen to draw a distinction between Apple’s model of selling hardware and those who sell advertising on the back of people’s data. He called the latter “surveillance” adding, “The people who track on the internet know a lot more about you than if somebody's looking in your window."
Data protection was also a core theme when Google and Facebook CEOs spoke at their respective conferences.
According to the former’s Sundar Pichai, “the present is private” while the latter’s Mark Zuckerberg said, “the future is private.”
Apple believes privacy to be a fundamental human right.
Actions like its famous refusal to release iPhone code for FBI investigators on the grounds of civil liberties certainly give Apple more right than most to champion data privacy.
Apple has also announced a new single sign-on (SSO) service for developers. In contrast with similar services from Google and Facebook, Apple’s new service promises to restrict data collection, sharing the barest minimum of personal data with app creators and keeping that data contained within the Apple environment.
The sign-in process was the one area where data could potentially leak. Plugging this allows Apple to claim, “What happens on your iPhone stays on your iPhone” with greater justification.
Commendable as all this is there is one caveat. Apple’s iMessage is the only end-to-end encrypted app allowed in China. Questions remain over whether Chinese citizens entrusting their iCloud data to the servers of a state-owned telecoms provider enjoy the same privacy rights as citizens in the rest of the world.
Search for Privacy
Google’s support for data privacy extends as far as ensuring Google data is adequately protected wherever it may reside.
It draws the line, however, at any regulation that might pose a threat to its business model.
Ever since it brought out incognito mode for Chrome, Google has been steadily introducing greater data protection into its products and services.
Measures include discontinuing the scanning of free Gmail inboxes for personalized advertising and limiting the amount of data available to third party Gmail app developers. In fact privacy features are becoming increasingly embedded into Google releases.
For example, Android phones can now be used as a security key for two-factor authentication and can be set to auto-delete location history and web activity data at pre-set intervals.
Even Internet of Things (IoT) equipment like the Google Nest Max does all its facial recognition processing at device-level and does not share the data online.
Nevertheless, Google is aware that scrutiny of its data collection practices is growing.
It is assigning more resources to address security issues. Google has, for example, committed to doubling the number of data privacy engineers at its Munich, Germany, facility to 200 by the end of 2019.
In short, privacy for Google is becoming synonymous with on-device data processing to make features faster and more widely accessible.
Aspiring to Reform
Of the three big tech companies featured in this article, it is Facebook that arguably has the most work to do regarding privacy.
To date, Facebook has done little more than pay lip-service to the subject.
When Facebook talks about privacy, it means doing more to limit what governments and casual observers can learn about individual users.
So far, Facebook has promised end-to-end encryption across all its instant messaging services and a tweaking of its platform in so that people only share data with smaller, more private communities of like-minded people.
Privacy experts want them to go further by limiting the amount of information it harvests and stores on its customers.
Regulators are watching carefully to make sure Facebook does not use privacy as a way to lock users in, thereby preserving Facebook’s status as the world’s leading messaging platform.
To extend Tim Cook’s analogy, they want evidence users can close the shutters to stop people looking in the window if they choose to.
A Signal to Business
Big tech’s present preoccupation with privacy signals to businesses of all sizes that data protection needs to be the first priority for every digital communications environment – whether on premise, mobile or in the cloud.
Customers and regulators will no longer tolerate partial, cosmetic or half-hearted measures.
To prevent people “looking in the window” of their networks, many enterprises have opted for end-to-end encryption tools such as VPN software.
VPNs generate an encrypted tunnel for information passing over the public internet, effectively rendering it unintelligible to casual observers.
In summary, the fact that Silicon Valley is talking about data privacy is a sign of the growing pressure on companies to get data protection right.
Implementing end-to-end encryption across the whole communications environment is an important first step.
One effective way for organizations to manage their data privacy needs is to use enterprise-grade VPN software. A centrally managed VPN allows IT engineers to authenticate, update and secure remote endpoints.
Robust protection measures of this kind can help organizations assure regulators and customers that their commitment to data privacy is a lot more than just talk.