Data protection is about keeping data protected. Data privacy is about keeping data private. And data security is, you guessed it, is about keeping data secure. The people about whom the data is are somehow lost in the process. Many will argue they are there and they are to some extent, but they are secondary at best and usually not even that.
Conversations about data protection, privacy, and security tend to focus on the data and then quickly move on to the protection, privacy, and secuirty aspects. Often these become deeply legal and technical conversations. And conversations about liability, regulations, and organisational risk. Rarely is the conversation centred around the people about whom the data is.
Perhaps people are too hard. People are physical, tangible. People are vulnerable (in a myriad of different ways). And people have rights. Human rights.
Putting people back into the centre of data management is hard because we’ve been out for so long. Data protection, privacy, and security is not about bits and bytes – it is about people. And yes that may mean the data protection folk might need to talk with the human security team and the safeguarding team and so on. We all see a part of the picture, but not the whole.
How can you start the shift today?