John Chen is the executive chairman of the board and chief executive officer of BlackBerry Ltd.
The inevitable implications of a data-driven economy are right in front of us and we now stand before a moral, ethical and public-policy crossroads.
Recent events, where mass privacy breaches have occurred, have raised public awareness of the pitfalls of Big Data and the elevation of profit over privacy by some corporate actors.
As a consequence, public authorities are now demanding more comprehensive answers from Big Tech, and a healthy public-policy discussion has finally begun.
Many have rightly observed that data are becoming a powerful economic engine in an increasingly digitized world. Data are now a highly sought-after commodity, and many large tech companies have built their business models on monetizing data.
With artificial intelligence on the verge of becoming the next force in Big Data, everyone should be concerned about what some have called “surveillance capitalism.”
One only has to consider the future implications for financial technology, health care, autonomous vehicles and how we will build smart cities. Should we allow corporate interests to monetize personal data and dictate the rules of the game?
The implications are not just economic, but also sociological and political, potentially undermining the democratic principles upon which modern societies operate. As we have seen, digital platforms can be used for nefarious purposes. The use of automated algorithms makes monitoring potential abuse even more challenging to those charged with oversight.
How we collectively decide the rules of the game for this new data-driven economy, I would argue, is one of the most important issues facing global policy-makers today. At the core of these considerations is the fundamental issue of data ownership. Who owns and controls data, for what purpose and to what end is it being employed?
As chief executive of a company that made security and privacy not only a priority, but a core element and value proposition of its business, I feel we have a collective responsibility to tackle this issue.
Companies should protect the data they manage, not exploit it. Every individual should own their own data. It should be yours, and yours only. Data protection and security should be paramount. Privacy should be embedded by design in the development of products and services.
There are important global governance elements to data protection. Do we need global rules regulating the trade of data? With the introduction of the General Data Protection Regulation (GDPR) in May, 2018, the European Union has set a new regulatory standard for customer privacy. Increasingly, regulatory frameworks based on privacy – what experts call data realms – are creating different playing fields.
We should aim at setting the bar high, abide by strong data-protection principles and welcome responsible and balanced regulatory enforcement mechanisms that permit consumers to take advantage of cutting-edge technologies. As we move forward, national governments should reinforce existing privacy regimes with appropriate enforcement mechanisms.
In Canada, where the privacy regime is already strong under the Personal Information Protection and Electronic Documents Act (PIPEDA), there might be scope to give the federal Privacy Commissioner more power to protect consumer data from potential abuse. The GDPR, which makes it easier for individuals not just to provide, but also to withdraw their consent from companies to use their data, should be the new standard.
Now is the time for a robust discussion between policy-makers and the tech sector about how much regulatory oversight is needed, both to protect privacy and to spur innovation and competition.