An interesting article by Jeff Turner and Amol Naik from Squire Patton Boggs looking into some of the privacy and security challenges businesses are facing as they look to exit Covid-19 lock downs around the world.  These challenges can sometimes clash, which is not a modern concept, but does require serious consideration.

Businesses are being asked to collect more of their customers and employees personal data, and at times sensitive personal data, in order to adapt to societal changes as economies re-emerge in the post-lockdown environment. In most cases, these changes are a condition for business to re-open and must happen at pace, with little or no guidance from regulators or governments. This is compounded by the uncertainty around the available tools and technology to satisfy these asks. 

This is of course challenging, but the basic principles of many privacy and data protection laws do provide a useful starting point, namely that you should collect only the data you need, be transparent about how it will be used and to look after it responsibly and securely, such as through data aggregation or encryption.

Privacy and security are concepts which complement each other and businesses should not treat them as a binary choice. As businesses begin to re-open their doors to customers and seek to recover lost revenues during lock down, it is important that data risks are appropriately managed – few businesses can afford to contend with the fall-out of a major data incident in the current climate. Designing a process starting from these principles, whether it rudimentary and manual, or high-tech and automated, will set businesses on the right path.

If you would like to more on this please feel free to reach out to my colleagues: Robert Grosvenor, Matthew Negus or Stephen Miller.