Every 28th of January, we celebrate the Data Privacy Day, known in Europe as the Data Protection Day, with the aim of raising awareness and promoting best practices in the use and processing of personal data. This date commemorates the signing of the Council of Europe's Data Protection Convention or "Convention 108", the first legally binding international instrument in this field, which laid the foundations for solid frameworks for safeguarding privacy, such as the well-known General Data Protection Regulation (GDPR).
Privacy is not a simple concept to define. Its boundaries are determined by history, cultural context, practices and, more recently, technological progress. Despite this difficulty in finding a concise meaning of the term, privacy is a foundational value of democratic societies and responds to the right of individuals to have nothing and no one interfere in their private lives.
This right has become even more relevant with the digitalisation that our societies and economies have been experiencing in recent decades. Data is transforming everything, allowing us to move at a pace we could never have imagined. However, this speed is also leading to a sense of loss of control over our digital lives. According to the European Union Agency for Fundamental Rights (FRA), 55% of Europeans still fear criminals or fraudsters accessing their personal data.
At Telefónica, we believe that digitalisation should empower people. This means knowing how to take advantage of the enormous potential offered by the use of data, while mitigating the potential risks associated with this practice. We have a clear premise: technology must go hand in hand with respect for the privacy and consent of the person concerned.
This requires a renewed approach on the responsibility of companies and public administrations towards the people and societies to which they offer their services. The goal should be to create data governance that builds trust by providing control and value to digital life and to the data generated by users.
This model must be based on four fundamental axes: ensuring user control, transparency, choice and security:
- Individuals must be able to manage and have control over their personal data. This implies enabling access to their data and to additional information on risks and benefits associated with its management.
- The principle of transparency implies making available to individuals simple tools to substantiate it and adequate technological development to be able to generate potential benefits associated with the use of the data.
- People should have real choices ("granular choice") on how to use data, avoiding the "all or nothing" trade-off that is so common and present in the terms and conditions of digital services.
- Data must be secure and people's privacy must be preserved. This is the basis of our business and our main consideration when designing our services and collaborating with third parties.
Protecting users' privacy must be a sine qua non condition when offering digital services. In the digital age, we must consider privacy and innovation as levers of opportunity. In fact, the most innovative and promising ideas today have user privacy as their starting point. They are all based on the premise that people should be in control of what they share with whom, when and where. These innovative proposals will foster trust in digital services, promote the development of the digital economy and multiply the opportunities it can offer to individuals and society as a whole.
In this respect, it is essential to foster new mechanisms that give users more control and choice over the decisions they make in the digital environment. Companies and public administrations that use or develop such services should implement existing best practices for responsible use. A relationship based on trust between the parties involved in the process will ultimately be the basis for a new model of fair data exchange that allows us to enjoy a full, secure and trustworthy digital life to the fullest.
Finally, it is important to highlight the need for data protection regulation, both in its drafting phase and in its development and interpretation, to generate the necessary certainty and provide adequate and sufficient answers to the economic operators who must apply it. This will be particularly relevant for issues associated with innovation, complex ecosystems of new products and services and the hyper-connected digital environment based on the international movement of data.