This article is summarised from an ISO media release by Clare Naden on 11 May 2018.
A newly formed ISO project committee is developing a data privacy standard. This standard will provide the first set of preventative international guidelines for ensuring consumer privacy is embedded into the design of a product or service.
The committee, ISO/PC 317 Consumer protection: Privacy by design for consumer goods and services is developing a standard that will:
- be of use to those providing digitally connected consumer products like home appliances and devices, wearable devices, mobile application developers, online service providers, and more
- enable compliance with EU regulations and generate greater consumer trust at a time when it is needed most.
Pete Eisenegger, ISO/COPOLCO’s lead person for data protection and privacy and member of ISO/PC 317, said that implementing the standard will help companies comply with regulations and avoid potentially devastating data breaches that erode consumers’ confidence in the digital world.
‘It will place the consumer at the centre of the design process,’ he said. ‘It will allow goods and services providers to address all the life-cycle issues of privacy by design, so that consumers can have greater confidence in their purchases and take back control over the use of their data.
‘What’s more, it will also address cybersecurity, that is, the security of our products in our homes – an important issue for everyone.’
Sharing ideas at an ISO international workshop
A recent ISO international workshop provided an opportunity for the ISO/PC 317 committee to share ideas and advance the project. The workshop, held under the theme ‘Consumer protection in the digital economy’, brought together over 150 consumer and standardisation experts from 34 countries.
The workshop covered areas like the impacts of data protection, artificial intelligence, the sharing economy and legislation on the online consumer experience. Speaking via video at this workshop, internationally renowned Canadian privacy expert Dr Ann Cavoukian welcomed the standard.
‘The majority of privacy breaches remain unchallenged, unregulated and unknown,’ she said. ‘Regulatory compliance alone is unsustainable as the sole model for ensuring the future of privacy. Prevention is needed.’