A Regulator talking about ethics is bound to raise some eyebrows. "Aren't they just meant to enforce the law, not worry about the philosophy?". So the ICO's recent Blog on the impact that Data Ethics will have on its work and the fact that they have appointed a data ethics advisor would seem to give any outraged letter writer some interesting ammunition.
However, both Simon McDougall, who wrote the blog, and Ellis Parry the newly appointed Advisor are both old hands and have held many senior, serious and practical jobs in privacy. This is no indulgent flight of fancy, rather it is an interesting reaction to the fact that the borders between tech, the law, privacy and the rights of the individual are getting increasingly difficult to navigate. As I commented in a blog last week, the balance between privacy and innovation will sometimes be tricky for companies to manage. Triangulating what the tech can do; what the law will allow them to do; and what their customers want them to do. Now we are saying we need to add in another layer - should it be done, even if it can be technically and legally and customers are asking for it?
Getting privacy "right" is often going to be a mix of legal advice, practical application and an empathetic approach to how the individual's data is being used. Ethics is not just for the birds, or the Regulator.
How do we balance the interests of society against individual rights, on issues like facial recognition technology? How do we allocate rights and responsibilities in a world of connected devices and real-time automated decisions? How much thought does the law require organisations to put into what is ‘right’, and what their customers would reasonably expect to happen to their data? We face an increasing number of these types of questions, as we consider the practical implications of growing use of personal data.