Why does privacy matter? I faced this question about ten years ago when I was running a management consulting company focused on IT Governance. The question was popping within the board rooms and for most part directed at CIOs and CSOs to basically “figure it out”.

Then and now, the challenge remains that not too many businesses and technology leaders actually can take the time to understand how privacy can become an enabler to advance the business strategy.

Most are still of the mindset that privacy effectively blocks technology innovations such as Cloud Computing, Software as a Service, Data Analytics, Target Marketing, Social Media, Big Data, and the list goes on.
CSO Digital

Some have been quite successful to create an environment where technology innovations are placed directly against Privacy. This constituent basically argues that if you value the protection of personal and / or confidential information then you must be dead against any technology innovation that utilizes personal and / or confidential information.

My experience as both CEO and CIO has been the exact opposite.

Carsten Casper, Vice President of Gartner Research has captured my experience on this matter quite brilliantly in a Gartner case study published in 2013. Carsten synthesized my own experience as a CIO with privacy and as well Dr. Ann Cavoukian’s long-standing view that privacy enables technology innovation and a positive sum gain. In the case study, Carsten demonstrates that “IT leaders who embrace “privacy by design” in technology architectures can transform compliance efforts into competitive business advantage”.

My current experience as AcuteNet CEO has proved to me that CEOs and Boards need to invest a bit of thinking time to figure out how privacy agenda can be repositioned strategically to create a competitive advantage for their business. It is incumbent upon CEOs and Boards to stop privacy compliance game. I am also of the belief that CIOs and CSOs themselves also need the thinking time and stop acquiescing to privacy compliance.

For example, Roger Martin has been a great influence in my career and as well life in general as he has thought me the value of thinking before taking actions. In his book The Opposable Mind, Roger demonstrates that leaders that have the ability and willingness to see the opposite side of an argument tend to avoid the temptation of solving a problem through either / or choice decision framework. As such, these leaders end up unlocking values that are hidden to others.

By embedding Dr. Cavoukian’s methodology of Privacy by Design within the architectural design of AcuteNet, which I now lead as its CEO, I have been able to take full advantage of the power of cloud computing to provide a Patient Assessment SaaS solution to over 1000 Frontline Health Care Providers in US, Canada and Singapore to service various health care needs for over 30,000 patients. The principals, however, are universal.

Any organization can be more proactive, not reactive, or enforce privacy as a default setting, to take just two examples. The Privacy By Design certification program offered by Ryerson and Deloitte will be a way to empower those who will lead this case, and shift corporate cultures to make transparency, visibility and accountability a part of their organization’s most important values.

I hope others can join this journey and unlock values that have been overshadowed by the either / or way of thinking.


  1. I agree that “privacy can become an enabler,” to benefit from “technology innovations such as Cloud Computing.” I found interesting projects that addressed this challenge and one project included incoming source data from various European banking entities, and existing data within those systems, which would be consolidated in another country.

    One project achieved compliance with the strict EU Cross Border Data Security laws, Datenschutzgesetz 2000 – DSG 2000 in Austria, and Bundesdatenschutzgesetz in Germany by using a data tokenization approach, protecting the data before sending and storing it in the cloud.

    This new technology development makes it easy to store data outside the domestic borders and at the same time be compliance to regulations and also ensure that the data remains secure and private.

    Ulf Mattsson, CTO Protegrity

    • Ulf,

      I see privacy and security as distinct things. Tokenization and encryption can make data secure, but not private. The data is still easily discoverable, just not easy to read. True privacy means not spreading copies on server after server across the Web.

  2. Whether or not privacy is an enabler of tech innovation or not (I agree with the article that it is), it is vital in its own right. Privacy is an essential element of human liberty, and we forget that at our peril.

    What we need are tech architectures that take advantage of smart phones as portable computers. ShazzleMail is a private email service that uses your smart phone as the mail server, allowing you to deliver your own email privately. We need more architectures like this that retain all functionality without using the Web which is inherently non-private


Please enter your comment!
Please enter your name here