What businesses can learn from Twitter’s approach to data privacy
TWITTER recently re-assured users that the company takes ‘data privacy’ seriously.
In a blogpost, Data Protection Officer Damien Kieran and Product Lead, Twitter and Co-Founder, Periscope Kayvon Beykpour said that many companies talk about data privacy without explaining what they’re actually doing to ensure it is provided to users across the board.
Given the various state-driven data privacy laws in the US and the EU’s General Data Protection Regulation (GDPR), the company is working on improving data privacy — but its efforts are meant to be tackle more than just compliance. Twitter wants to get more users to trust it.
While Twitter is a technology company, the reality is that it has been operating for a number of years now and suffers from many of the challenges that traditional, non-technology organizations face. Twitter’s journey to better data privacy, therefore, is something everyone can learn from.
Here are the three main areas where Twitter has decided to focus its energies — and what other businesses can learn from it:
# 1 | Technical debt
Twitter started almost 14 years ago. Growing quickly meant that the company built new systems on top of old systems. In many cases, the older systems were not meant to support existing use cases. That is what technical debt means.
It’s something that is common to Twitter and all other companies that have been quickly (and often carelessly) scaling technology infrastructure over the past few years, to meet demand.
Obviously, this isn’t good for data privacy. Twitter, and those following in its footsteps, therefore should focus on fixing this. Although it involves taking one step back, it prepares the company to take two steps forward, in the right direction, when the digital infrastructure is ready.
# 2 | Privacy by design
Twitter has come to realize that privacy needs an investment. “It is earned, not given” — which serves as the motto for the group (Twitter Doves) that crafts privacy, security, and management practices for everyone in the company.
The technology company is also exploring the expectations of different cultures and groups in terms of data privacy and how they could possibly impact their service/offering.
Privacy by design is something every organization needs to focus on. The beauty of the principle, once adopted, lies in its simplicity — enabling organizations to build better services, features, and capabilities from the ground up.
# 3 | Accountability
Accountability is something that organizations need to acknowledge, own, and drive, by themselves — but doing it willingly and wholeheartedly goes a long way in earning and retaining the customer’s trust, even in the event of a breach or lapse.
At Twitter, Data Protection Officer Kieran is trusted to provide an independent assessment of all privacy and data protection-related work to the company’s board of directors on a quarterly basis.
Doing so helps make sure that Twitter is discussing issues and concerns and driving alignment on what matters from a data protection perspective — and is ahead of the curve.
For most other businesses, acknowledging their responsibility and taking ownership of data they collect, store, and use is a good first step. That’s the foundation on which to build a good data privacy framework.