PrivacyWashing

The viability of a society and the success of its economy relies on trust. People must be able to trust that organisations and governments will act in their public interest. They must be able to trust industry to treat them fairly and respect their personal information.  

The administrative requirements of data protection laws can sometimes seem onerous and time-consuming. Nevertheless, they are indispensable tools for building trust with customers, staff and other businesses alike with respect to the management of their personal data.

In exchange for goods and services we share personal information, sometimes we can select the company with whom we trade and sometimes we have no choice as Government is the only option. Nonetheless as individuals we seek reassurance and demonstrative evidence that organisations respect and value our personal information, from the simplest of details to our deepest and sometimes intimate secrets. In our quest to comfort our need of trust and respect we deploy a few investigative tools to help us to establish an organisation’s privacy pedigree.

  • Step 1 - If they take privacy seriously, they will be registered with the Jersey Office of the Information Commissioner.
  • Step 2 - They will have an accessible privacy policy on their web page.
  • Step 3 - Publicly they may talk privacy.

Are these steps enough? Will we be reassured? Will we be misdirected?

Greenwashing is a phrase coined back in 1986 to describe incorrect corporate environmental claims. The Guardian[i] states that ‘3 decades later, the practice has grown vastly more sophisticated’. Typically, companies claim to be environmentally friendly in their activities but in reality, this is not the case. Awareness of false claims has happened as people learn more about sustainability and climate issues. Companies have sought to take competitive advantage via communication campaigns to exploit consumer interest in the environment. Furthermore, companies extol the virtues of investing in green projects, some of which are now identified as ‘so-called environmental’ projects.

Our appetite to reassure and to make sure as individuals we are doing the right thing may lead us to being vulnerable to green messages and claims.

2018 was a pivotal year for privacy across Europe. The introduction of the General Data Protection Regulation bestowed more powers with Data Protection Authorities, heightened awareness and raised the privacy stakes. In Jersey, our data protection law, based on GDPR, was implemented in May 2018.  

Transparency and accountability are essential components of data protection in supporting privacy. We all expect organisations of all shapes and sizes and Government to behave in accordance with the Data Protection (Jersey) Law 2018. Commitment to data protection has to be more than lip service.

Respect for individuals’ personal information should be part of an organisation’s DNA. Commitment to privacy is everyone’s responsibility from board members to personnel, contractors and executives. To be truly privacy focussed an organisation needs to implement a suite of data protection policies and procedures and ensure that these are relevant, effective, proportionate and reviewed frequently.

Let’s not be part of a new phrase called ‘PrivacyWashing’ whereby there is express approval of or support for privacy insincerely or without taking any significant action.

[i] https://www.theguardian.com/sustainable-business/2016/aug/20/greenwashing-environmentalism-lies-companies