Cristina de la Cruz
Data is considered a new currency, the fuel of the digital world, or even a new production factor. However, its processing must be guided by a series of values, ensuring that while the opportunities brought by data are taken advantage of, the process to do so strictly respects people’s rights.
Different international organizations and academic studies are already beginning to consider personal data as an inherent part of human dignity and human rights. As there is a legislative body of rights enforcing the right to privacy in the physical world, there should be a legislative framework that ensures that privacy is also protected in the digital world.
At Telefónica we believe that there is only one sovereignty and dignity of a person, and they must therefore be equally guaranteed both on-line and off-line. As explained by José María Álvarez-Pallete, CEO and Chairman of Telefónica:
“Data is a defining element of my person, as inalienable as my dignity. It cannot be expropriated without my clear and determined consent to know what use is given to the data”.
Indeed, the effective date of the General Data Protection Regulations (GDPR) marked a milestone in the history of personal data protection. But it is not enough. For some time we have been committed to the establishment of a New Digital Deal that modernizes our democracies for the digital age. This agreement must consider drafting the a new Digital Bill of Rights in order to ensure that the rights of individuals are protected in the digital environment.
In the meantime, Telefónica has advanced on this issue through self-regulation. In this way, we have imposed on ourselves the obligation to respect three fundamental principles:
- Transparency: the user has the right to know which personal data Telefónica holds. This implies an obligation to inform the person about its personal data in a clear and understandable manner.
- Security: Telefónica is committed to protecting user data because it has an obligation to ensure the integrity of telecommunications. Data security and user privacy are at the core of our business, shaping the way we design our services and collaborate with our partners.
- Control and ability to choose: users must have control over their personal data, retaining their ability to decide how it is used. This means providing the users with the necessary tools to understand the importance of their data and the different options about its use.
We applied these same rules to ourselves when we decided to create Aura, which is based on four pillars, also known as «superpowers»: Simplify, Enrich, Empower and Discover.
For Telefónica, it is essential to both simplify services and enrich the lives of its customers through the data that Aura can gather, and to empower users through their own data. In this way, we give the customer transparency, control, security, and knowledge about privacy, allowing them to discover simple options for the usage of their data.
Aura, Telefónica’s Artificial Intelligence, was created with the purpose of defining a disruptive, empowering and transparent experience, so that users can control their data.
People need to know what the data is used for, and this should be explained as honestly as possible in order to build trust. We must tell them that they are the owners and they control the processing of their data.
See the full report on privacy and data control on the Aura website.
Transfer of data control in Telefónica
One of the most important parts of safeguarding the privacy of users is having a system that allows them to control their information. In this regard, Telefónica has designed and developed a series of mechanisms to communicate its values to users:
1. Incorporation
The most important part is to establish a reciprocal agreement between Telefónica and the user when starting to use Aura. This incorporation process communicates the key concepts of transparency. It consists of a privacy agreement between the user and Aura, in which Aura explains the terms of their relationship, which data will be collected and which data will not be shared.
2. Management of privacy permissions
The purpose of giving the user the possibility to manage its privacy permissions is to give it effective control over access to the data of the services connected to Aura. This means the user can understand the value of said data and also that Telefónica can inform in a reliable and transparent way that it is delivering a premium data service without harming the privacy of customers.
3. Data portability
One of the rights of the GDPR is the possibility to download data and transfer it to another organization. In this sense, Telefónica has developed a data portability process through Aura that is simple and comprehensible to the user. This mechanism allows users to control their data, collect it and take it with them whenever they want.
Empowering users so that they can manage their privacy options in a conscious and informed manner, educating and generating customer knowledge, and linking Aura and the different trademarks are key points for inspiring confidence in users and encouraging them to take control of their personal data.
