Data Responsibility

On Privacy Day, Remembering How Much Work Still Lies Ahead

Share this post:

International Data Privacy Day is meant to raise awareness about how personal data is being used, collected and shared in today’s digital society. That’s critically important, as we know that data privacy is increasingly top of mind for so many of us. A recent Morning Consult poll of consumers in the U.S. and E.U. commissioned by IBM found that consumer data protection was a top priority for 71% of respondents, tied only by climate change.

Throughout our long history, generations of IBMers have earned the trust of our clients and society through responsible stewardship of their valuable data and by living up to our Principles of Trust and Transparency. We believe all technology companies should have an obligation to handle data responsibly, especially at a time when we are hearing loud and clear from Americans that data privacy is a top concern. In the same Morning Consult poll, 83% of all respondents said they “strongly support or somewhat support” public policies to safeguard consumer data.

Last week at the World Economic Forum in Davos, IBM Chairman, President and CEO Ginni Rometty stressed the importance of privacy, and how the 2020s must be “the decade of trust.” And today, as International Privacy Day gives us an opportunity to reflect on building a strong foundation for that decade, I believe it’s critical to underscore that personal data must be protected and conserved. Consumers deserve consistent privacy protections such as knowing what personal data of theirs is collected, used and shared, and the right to exert control over that data. That’s why, here in the U.S., we support a strong and bipartisan national consumer privacy law.

In the age of AI, data is becoming the world’s new natural resource, revolutionizing our society but also raising questions about which data is collected and how it will be used and shared. IBM has called for a precision regulation approach to addressing Americans’ privacy concerns and we have actively encouraged the U.S. Congress and governments worldwide to make providing privacy protections a priority.

Establishing a strong national privacy standard in the U.S. is critical, and in its absence, the states are stepping in to protect the privacy of their citizens. In just the first month of 2020, in addition to the California Consumer Privacy Act going into effect, five new privacy bills have been introduced at the state level, and eight states are now actively considering privacy-related legislation. As data becomes increasingly collected, shared and processed in the digital economy, regulating privacy practices is critical, and it’s important to provide a consistent national standard and not a patchwork of different rules at the state level. Privacy protections shouldn’t vary based on where someone lives or from where they access the internet. A national privacy framework must be flexible enough for organizations to implement while driving accountability.

An important step in this direction is the National Institute of Standards and Technology’s (NIST) Version 1.0 Privacy Framework that was released earlier this month and which IBM strongly supports. In the absence of a law, it helps build consumer trust now by driving robust organizational accountability. The Privacy Framework makes it easy for organizations to provide privacy protections, using the same structure as the successful NIST Cybersecurity Framework, and is interoperable with global standards.

As IBM works every day to serve the evolving technology needs of our clients, we apply our values and principles every step of the way. These values, with trust as the foundation, have been ingrained in IBM throughout our more than 100 year history. We recognize our obligation to protect privacy while fostering innovation and competitiveness. On this International Privacy Day, we reflect on the importance of that commitment, while calling for decisive action from our elected officials to foster trust in the digital economy on a much broader scale.

Christina Montgomery, IBM Chief Privacy Officer

More Data Responsibility stories

GDPR’s Birthday Wishlist: Greater Harmonization and Robust Data Transfer Mechanisms

Two years ago, on 25 May 2018, the European General Data Protection Regulation (GDPR) entered into force. On this anniversary, the COVID-19 pandemic has in an unprecedented way underlined the need to use data to safeguard people’s health, accelerate research, benefit governments, and to support the resilience of the economy. Most of the important steps […]

Continue reading