Evelina Georgieva, Pryv: “investing in data privacy is not only about fulfilling a requirement to achieve compliance”

Thank you, cybernews.com for this great interview about Digital Trust, Consumer Privacy Awareness and where Pryv fits in.

Evelina Georgieva, Pryv: “investing in data privacy is not only about fulfilling a requirement to achieve compliance”

Today, everyone leaves a digital footprint on the Internet. Whether it’s when you visit a daily newspaper website or when you make online banking transactions. Unfortunately, not all companies put their primary focus on data privacy and that leaves enormous amounts of sensitive information at risk.

It’s essential that businesses would start seeing data privacy as an essential part of building trust and brand reputation rather than a tick-box to achieve compliance. 

So Cybernews invited Evelina Georgieva, the Co-Founder and Business Development Officer at Pryv, to discuss about modern personal data management solutions and how they can empower forward-looking companies.

How did the idea of Pryv originate? What has your journey been like?

Pryv is a blend of ideas initiated more than 10 years ago. While overcoming leukemia, Pierre-Mikael got inspired to develop a solution that will empower patients to stay away from the hospital but still receive crucial monitoring and care remotely. At the same time, Frederic was eager to create a B2C digital place, Facebook-like but with privacy at focus to empower users to master their data sharing and protect their data ownership rights. Simon brought his digital ethics and privacy vision. I (Evelina) joined them when we pivoted from the B2C concept to create Pryv B2B as you know it today: a trusted software vendor of privacy and personal data management solutions. 

Can you introduce us to your personal data management software? What are its key features?

We help organizations manage personal data from creation to use, sharing and disposal. Following the privacy engineering approach, we support our client’s IT teams to ensure that their data privacy compliance is done right: from the very early architecture design to the introduction of data-driven business models. We help them not only accelerate time to market but also cut IT development costs and speed up data utility and scalability across legal jurisdictions, such as the GDPR and industry-specific regulations.

Since 2015, we license our Pryv.io software which is used as a solid foundation to boost the development efforts of “integrated teams” of IT engineers, legal and business experts. The Pryv.io middleware acts as a “plumbing system” which ensures their digital platform has its best chances to engage customers and drive business values – covering the entire data lifecycle and the data privacy aspects.

Among the bestseller features are the dynamic consent, extensible data model, decentralized storage for scalability, and data mapping for automatic integration with existing warehouses.

In your opinion, what data privacy issues should more people be concerned about?

It is yet not clear enough that privacy and security are different. Unlike security, which nowadays is well understood by almost anyone, data privacy is still unclear. Privacy can be translated in different ways and have different meanings. While some will correlate it with limiting access to data, others, like us at Pryv, will look at data privacy as a tool to unlock data values. For us, privacy is not secrecy, but the ability of individuals to use their data, act on their rights and give informed consent for the rightful processing of this data. Thus, each stakeholder can win more from the unlimited power that personal and contextualized data can bring.

My message to the users will be first to decide what privacy means to them and then take decisions and measure risks versus opportunities.

How do you think the recent global events affected your field of work?

The effect of the Covid pandemic, the growing power of information war, the upscaling Digital Democracy, and the rapidly changing Data Protection Regulations on a global scale, just to name a few, have been undoubtedly an eye-opening momentum for any forward-looking business. It became apparent that investing in data privacy is not only about fulfilling a requirement to achieve compliance but an imperative to build trust, protect brand reputation, and develop new revenue streams. 

Some experts believe that keeping up to date with data privacy trends and requirements could even be the selling point for customers. Can you share some tips for businesses looking to update their privacy policy? 

We believe that personal data aggregation, sharing, and processing should be as effective, secure, and trustworthy as online banking. This is a must-have to empower the user to understand the value of the data, how to manage and control it, and promote trust and engagement. 

In this new paradigm, privacy is not a compliance tick-box but an opportunity to break data silos, differentiate products, and services and attract end-users with trust, transparency, and empowerment. 

We advise our customers to embed privacy-DNA in any process of their organizations, early in the development phase, ensure cross-functional team and privacy-engineering capabilities and thus guarantee they can deliver competitive user-attracting services and open up new horizons for achieving high ROI in a short period and overtime.

What dangers can customers be exposed to if a company they trust struggles to ensure compliance? 

Besides the obvious non-compliance and loss of brand reputation and trust, for many businesses, a data protection breach will mean a loss of business that could be as strong as pushing the business to bankruptcy.

For users, understanding the trusted brand lacks privacy compliance might result in disappointment and disengagement, as well as pushing the individuals to act on their data rights (where is my data stored, prove me you have my consent and what so for, provide an audit on the data interactions, etc.) Incapacity to deliver will again result in impressively huge fines and serious business consequences.  

What are some of the worst mistakes companies tend to make when it comes to handling large amounts of customer data?

The biggest mistakes in my opinion are the following:

  • Undervaluing the importance and impact data privacy has on their business
  • Misunderstanding the data privacy principles
  • Non-differentiating data privacy and security
  • Not being able to identify data categories correctly
  • Lacking efficient data governance strategy
  • Implementing “bolt-on” patching solutions
  • Missing the right team expertise

Talking about individuals, what actions should average Internet users take to protect their personal data online? 

Before taking action, we advise users to be informed about the data privacy rights they have and then to act on them. 

Share with us, what’s next for Pryv?  

We have recently introduced a powerful extension of our services by teaming up with OpenWT. As part of Pryv corporate development and pivotal time of growth, Pryv continues its full operations, focused on delivering licenses of its proprietary Pryv.io software, while data privacy consultancy services will be carried out by the OpenWT Data Privacy Excellence Practice.

About Cybernews.com is a research-based online publication that helps people navigate a safe path through their increasingly complex digital lives. The CyberNews Investigation team uses white-hat hacking techniques to find and safely disclose cybersecurity threats and vulnerabilities across the online world. Leaks of users’ personal information? Security flaws in enterprises? Exchanges of sensitive data on the dark web? They’re on it. The CyberNews Editorial team provides cybersecurity-related news, analysis, and opinions by industry insiders. They are working independently and transparently following our Editorial guidelines.