IBM clients’ data is their data, and their insights are their insights. Client data and the insights produced on IBM’s cloud or from IBM’s AI are owned by IBM’s clients. We believe that government data policies should be fair and equitable and prioritize openness.
Clients are not required to relinquish rights to their data — nor the insights derived from that data — to have the benefits of IBM’s solutions and services.
Our commitments on data ownership
- IBM client agreements are transparent. We will not use client data unless they agree to such use and we will limit that use to the specific purposes clearly described in the agreement.
- IBM employs industry-leading security practices to safeguard data. This includes use of encryption, access control methodologies, and proprietary consent management modules which allow us to restrict access to authorized users and to de-identify data in accordance with applicable permissions.
Data Privacy
IBM is fully committed to protecting the privacy of our clients’ data, which is fundamental in a data-driven society.
How we advance data privacy
- While there is no single approach to privacy, IBM complies with the data privacy laws in the countries and territories in which we operate.
- IBM was an early leader in developing and adopting the European Union (EU) Data Protection Code of Conduct for Cloud Service Providers for several offerings, securing certification under the U.S.-EU Privacy Shield and the APEC Cross-Border Privacy Rules, and established a comprehensive compliance framework to ensure GDPR compliance for all IBM products and services.
- IBM will advocate for strong and innovative means to enhance privacy and data protection, and will continue to invest in privacy-enhancing technologies.
- IBM supports global cooperation to facilitate mutual recognition of privacy regimes to enhance and facilitate cross-border data flows.