Please consider sharing this www.microsegmentation.com webpage with colleagues as we believe that answers to the four questions below, that Anonos asked in its comment letter submitted in response to the ICO's proposed draft Direct Marketing Code of Conduct, are critical for the benefit of society and industry.
Four Questions Asked of the ICO:
Anonos Microsegmentation leverages Anonos’ technology, which transforms digital representations of people - or “Digital Twins” - into privacy-respectful “Variant Twins” of personal data by applying Pseudonymisation-enabled anonymisation techniques.[1] The resulting Variant Twins are use-case-specific, privacy-enhanced versions of Digital Twins. Privacy policies are embedded at the data element level, satisfying statutory and contractual requirements for lawful data use.[2] Variant Twins are ideal for creating privacy-respectful microsegments that support GDPR-compliant direct marketing, as explained below.
With Anonos Microsegmentation:
Anonos Microsegmentation powers a new direct marketing data ecosystem into which data subjects opt-in. This helps to meet high regulatory standards for consent by enabling:
In doing so, Anonos Microsegmentation offers strong incentives for users to consent to data collection for the express purpose of being included in microsegments processed by the system.
They key to building trust whilst ensuring privacy is to encourage direct marketing models to evolve in ways that provide transparency and leverage technical and organisational safeguards to enforce privacy protection and to secure data subject rights. This opens up the possibility of broader reliance on legal bases such as Legitimate Interest to process personal data for direct marketing purposes.
Here too, Anonos Microsegmentation can support compliance. Its use of enhanced pseudonymisation, anonymisation techniques, and k-anonymity create strong technical safeguards that support the use of Legitimate Interests as a legal basis by reducing the risk to data subjects’ rights. This risk is reduced to such a degree that the balancing test can be tipped in favor of the data controller, which allows greater flexibility in the processing of personal data for direct marketing.
Anonos Microsegmentation enables and enforces trust and ethical business practices. In addition, Anonos Microsegmentation can demonstrate to regulators that innovative technologies and new industry approaches can meet the rights and expectations of data subjects while allowing responsible data use.
A trusted party handles the “last mile”[4] of data subject interaction to ensure that no identifying information about data subjects is revealed, except as specifically authorized by the data subjects.
Using their relationship with the trusted party, data subjects can consent to receive relevant ads based on their inclusion in dynamically-changing and privacy-respectful microsegments.
The trusted third party has separately-stored information and secret keys necessary to “re-identify” individuals from within the microsegments for direct marketing purposes (this would be the “additional information” necessary under the GDPR Article 4(5) definition of Pseudonymisation required for authorized re-identification to occur). During processing, all personal data is pseudonymised and organised into privacy-respectful microsegments, and the processor during the microsegmentation process does not have access to the “additional information,” keeping data subject privacy intact.
The trusted party has a direct relationship with data subjects participating in the microsegmentation system and takes steps necessary to comply with data subject rights under the GDPR, including the following, as applicable:
[1] Pseudonymisation, as newly defined in Article 4(5) of the GDPR, protects against the negative effects of data breaches and prevents profiles from being used for decisions to communicate to an individual without the protections required by effect Data Protection by Design and by Default, as now required under Article 25 of the GDPR. The European Union Agency for Cybersecurity (ENISA) has published two reports since the adoption of the new GDPR definition of Pseudonymisation on best practices for compliant pseudonymisation - in November 2018 and 2019. EDPS Opinion 7/2015 on Meeting the Challenges of Big Data further highlights Pseudonymisation as playing “a role in reducing the impact on the rights of individuals, while at the same time allowing organisations to take advantage of secondary uses of data.” A document providing a comparison of Anonos Pseudonymisation technology to ENISA published Guidance on Pseudonymisation is available at https://www.anonos.com/enisa-guidelines.
[2] Anonos state-of-the-art Pseudonymisation technology enables lawful repurposing of data while preserving 100% accuracy to maximise data utility by expanding opportunities to ethically process, share and combine data in compliance with evolving data privacy regulations. Additional information about Anonos, BigPrivacy and Variant Twins is available at www.anonos.com
[3] Consent-based data collection and processing does not work in all circumstances - e.g., where processing cannot be described with sufficient detail at the time of data collection. For example, privacy notices may lack clarity, processing may be difficult to define, etc. The GDPR provides for an alternative legal basis for processing - which picks up where consent leaves off - to enable lawful processing in these situations if the requirements for Legitimate Interest processing are satisfied.
[4] The term “last mile” is used in the telecommunications, cable television and Internet industries to refer to the final leg of delivering communications to a retail customer.
[5] See GDPR Article 4(5).
[6] See GDPR Article 25.
[7] See www.anonos.com/ENISAguidelines