Discover the Facets of Information Governance: Privacy

November 5, 2018


Most of us don’t rely on libraries anymore to find information. We surf the web. We don’t travel to shop as much as we use to, we buy online. A large majority of us carry connected devices, at any given time, able to record very personal data about our habits, location, and more. Even my grandmother has a cell phone and knows how to use it. We willingly subscribe to social websites and give away personal information about us, like our love life status or what kind of music we like. Adding to this the internet of things. We bring technologies into our home that can recognize us to the sound of our voice. We unlock our computers with fingerprints. Knowingly and unknowingly, we make tons of private information available for organizations to analyze.

The digitization of our habits brought this incredible opportunity for companies to get to know their customers better. Crunching data is one of the biggest current priorities for most. With that comes a big responsibility though; this information has to be protected by the entity collecting it. Privacy is an increasingly important concern for everyone. None of us would appreciate being literally spied on from the comfort of our houses, but it’s how being so connected sometimes make us feel. In this post, discover another facet of Information Governance: Privacy.


Protecting Privacy

Amongst the biggest concerns for privacy are healthcare records, financial transactions, criminal records, biological traits, residence information, geolocation data, and user behavior on the web. To protect these pieces of information, these regulations have been enacted:

  • Health Insurance Portability and Accountability Act

  • Gramm-Leach-Bliley Act

  • The United Kingdom Data Protection Act

  • Canadian Personal Information Protection and Electronic Document Act

  • European Union General Data Protection Regulation

  • California Consumer Privacy Act

  • Children’s Online Privacy Protection Rule

It’s easy to understand why the privacy of information such as health care and criminal records are important for individuals. Their public knowledge can be damaging for careers, relationships, and more. Other things like geolocation data are a bit trickier. If you have nothing to hide, why worry? It’s just that not regulating this kind of information opens many doors. For now, it’s mostly used to market certain products or behavior analytics. Maybe you don’t want any part in that, and that’s your right.


The Right to Be Forgotten

Some of these regulations, enacted to protect our privacy, state that everyone has the right to be forgotten. It has to be easy to know which information any organization has and how it is used. It also has to be possible to delete it. In order to achieve that, organizations can’t just pile up information everywhere with no way to find it all. If Jane Doe requires to be forgotten, all data about her needs to be deleted. You can’t just forget the bits that say she likes mint ice cream because it’s in a weird location. All of it has to go.


Room for Improvements

The Federal Trade Commission in the United-States is advocating for the Internet of Things and geolocation to be appropriately regulated. IoT assistants are so popular now, but the regulations haven’t kept up with the trend. Same with geolocation. Most apps on our phones keep track of our location, but it’s not really regulated. Three bills are pending to regulate IoT devices. For geolocation privacy concerns, U.S. senators have also tried to pass a few bills since 2011.


Why is Privacy a facet of Information Governance?

Privacy is a facet of Information Governance because as it’s regulated, privacy activities reduce risks linked to information. Good Information Governance practices also ease privacy has it gives visibility and control over who has access to what. It eases the search and content management of unstructured data repositories. It also improves the governance of data, which results in structured information being accurately labeled.

It’s easy to forget that data are people. In that regards, regulations are needed to keep organizations in check. Technologies like biometrics, with facial recognition, and artificial intelligence, able to automatically process data, are not futuristic anymore. They exist, will constantly be improved, and will be increasingly used.


It is important that limits be defined now so our privacy can be protected. For Edward Snowden, it is everyone’s business:

‘’ Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.’’

This article is the third of a series of ten. Click below to discover more facets of IG:

  1. Compliance
  2. Information Security and Protection
  3. Privacy
  4. Audit