The DPOInsider covers the latest news and developments in data compliance and privacy. The DPO's favourite weekly read ☕️

Data ethics, who’s responsible?

What’s the best approach to corporate data ethics? Companies are increasingly having to balance commercial decisions with subjective ethical considerations. And all this is whilst technology is getting smarter and using more and more data.

So what’s the answer? A recent panel discussion tackled this topic, and you can find a nice summary here.

The most important takeaways for me:

• Incorporate privacy and data ethics into ESG and link it to the wider company mission to retain visibility and receive support from senior leadership.

• Build data ethics and privacy by design principles into the organisation as part of a long-term roadmap for digital success including appropriate awareness and engagement with senior management, business delivery partners, clients, industry bodies and policymakers.

• Continue to monitor for adverse results including bias or discriminatory outcomes including the ongoing review of customer complaints and feedback and periodic health checks and audits of AI and analytics-based decision making

As privacy professionals, we are required more and more to define these ethical lines and implement them within our organisation.

For a deeper dive into this grey area between legally permissible data usage and ethical data usage this paper commissioned by the EU is a good read.

Other news

• French hotel chain Accor fined $600k after EDPB intervention.

• Plex instructs users to change their passwords after a data breach and then causes the service to crash.

• Potentially more on this next week, but the Facebook-Cambridge Analytica data break lawsuit ends in a dramatic late settlement.

DPO post of the week

A new part of the newsletter will be to share something I’ve seen from a Data privacy professional. This week this post particularly resonated with me: