Citizen distrust in data practices

One of the most popular false statements I hear is "issues with trust in data are mostly technical.” Examining the Statement - Common Belief: Trust problems vanish if we fix errors in code, tools, or pipelines. - Key Question: Can flawless data still be mistrusted if people don’t understand or believe in its source or purpose? Rethinking “Trust” Trust isn’t just about accuracy; it’s about transparency, context, and credibility. Even perfect data won’t be trusted if no one knows where it came from or why it matters. Think of a beautifully wrapped gift from a stranger. Without knowing what’s inside or who sent it, scepticism persists. In Practice - Documentation & Explanation: Show how data is collected, validated, and maintained. - Open Communication: Invite questions and be honest about limitations. - Cultural Acceptance: Foster an environment where challenges to data are welcomed and addressed. Trust in data isn’t earned by technical perfection alone. It grows when people understand, relate to, and find meaning in the numbers they rely on. #DataTrust

The cost of neglecting cybersecurity and privacy in public digital infrastructure? Over 6 billion BRL in fraud. Brazil has long been a global reference in Digital Public Infrastructure (DPI), from PIX (our instant payment system) to one of the world’s most advanced e-government platforms (Gov.br), electronic voting, and mobile-based benefit distribution at national scale. A recent major fraud scheme of pension fraud targeting retirees has exposed major weaknesses in how Brazil’s public data systems are protected. At the center of it is Dataprev, a public tech company responsible for safeguarding the data of millions, including employment histories and identifiers used to access social security (INSS). The scale of the damage is enormous: over 6 billion BRL (more than 1 billion USD) lost to fraud schemes exploiting unauthorized data access, digital impersonation, and misleading financial offers, often targeting those with low digital literacy. I did a technical analysis suggesting solutions that would not only be more affordable than the current financial and reputational losses, but also help rebuild public trust. Privacy technologies can play a role in preventing both fraud and corruption. If governamental systems are designed in ways that allow data leaks, impersonation, and indiscriminate access, they aren’t just vulnerable: they actively enable fraud. Back in 2019, a legislative change removed safeguards that had protected this data from being shared with private companies. What was supposed to prevent fraud ended up doing the opposite. This is a wake-up call. Governments around the world are now building their own DPIs, inspired by examples like Brazil. They would be wise to not only study what worked — but also take careful notes on what must not go wrong. DPIs are amazing tools for development and economic growth, increasing access, productivity and opportunities, but… Privacy must be at the center of any DPI strategy. Not only because it protects citizens, but because it protects the trust people have in the State itself. Public institutions like Dataprev must go beyond traditional compliance and embrace modern privacy and security engineering practices,!including strong authentication (like passkeys), role-based access, data minimization, and transparency by design. Brazil’s digital leadership should include leadership in protecting the people behind the data. The post is in Portuguese, but nothing a translator can’t solve :-) https://lnkd.in/dyByupwu

After a year of the passage of #India's #privacyregulation—the Digital Personal Data Protection (#DPDP) Act—the perception of data practices followed by corporates in #India is deemed problematic by citizens. In a recent survey conducted jointly by Confederation of Indian Industry and Protiviti, 61 per cent of the respondents felt that companies in India were taking part in activities such as excessive data collection and secondary processing without #consent, which are not in line with the #DPDPAct and are considered problematic from a user privacy point of view. Further, according to the report, around 82 per cent of the mid, senior, and entry-level employees who participated also said that they perceived companies in India to be less transparent or not transparent at all about the use, processing, and sharing of #personaldata. Sandeep Gupta, managing director, Protiviti—the joint research firm for the report—in an interaction with Business Standard, attributed the lack of transparency around #dataprocessing to the delayed notification of detailed rules for the DPDP Act, 2023. “The survey covers a wide spectrum of industries and typically clients or organisations, and I would say organisations are waiting for the rules to be enacted. Otherwise, traditionally, India has been doing business in a particular way, and #privacylaws were not taken for granted. Now with this Act coming in, the rules getting formed, I think the transparency levels will go up,” said Gupta, managing director, Protiviti India member firm. #dataprivacy #datasecurity #personaldata