For a data-friendly future

by John Suffolk, Senior Vice President, Global Cyber Security & Privacy Officer (GSPO) suffolk-small

Security & trust in the always-on age

When the Council of Europe launched Data Protection Day ten years ago, to raise awareness about the protection of personal data, smartphones were high-tech gadgets used by a minority. What a long way we have come since then. Data protection issues are more present in our daily lives than ever before. As our devices are getting smarter, and more and more everyday objects move into the network, the quantity of data used to feed this connectivity is growing exponentially.

This presents us with the dilemma of weighing the information we give away against the convenience and service we receive in return. This constant, semi-conscious selecting and filtering is, in fact, a transition process: the next generation of wireless technology, 5G, and the billions of connected devices and machines it will enable, are set to create a digital economy running on data.

The kind of online environment we will be striving to achieve is a data-friendly one – where we can go about our lives and businesses with confidence, and without privacy considerations hindering our movements. Perceived online security is a key driver for future business.

Achieving this will require a global, collaborative effort involving the industry, policy-makers, researchers and even the public at large. Three main aspects need to be addressed right now.

  • Building privacy into the technology. While we are busy defining and designing the next generation of telecommunications, 5G, we must ensure that data protection is made a prerequisite rather than an afterthought. As set out in our latest White Paper on 5G security, security and privacy for such a vast, global system must be built into the system design right from the start. This involves dialogue between the security and privacy communities as well as “built-in security and privacy” design for 5G infrastructures, access technologies and service-type sensing.
  • Building privacy into the digital single market. Now that a deal over the EU’s new General Data Protection Regulation (GDPR) has been clinched, the European Commission will work closely with data protection authorities and the new Data Protection Board to ensure the implementation of the GDPR over the next two years. The new rules, which mark a clear step forward, lay the basis for improved protection, building trust through common standards. Now is the time to turn the principles agreed into processes, objectives, benchmarks and results.
  • Solving the cross border data flow conundrum. In a world of globalised services, citizens want certainty over how their data is protected, regardless of the service provider or their country of origin. The importance of safe harbor 2.0 and answering the question of “whose law, if any, has primacy” is crucial to citizens and enterprises in trusting that their data will be protected and used only for the purpose it was intended.

Privacy by design, from a regulatory as well as from a technology perspective, means data protection by default. At Huawei, we embrace this built-in principle: it is part of our end-to-end approach to cyber security and privacy.

About the author

John Suffolk is a Senior Vice President and the Global Cyber Security & Privacy Officer (GSPO) for Huawei. In this role, he oversees the enhancement and implementation of Huawei’s end-to-end global cyber security assurance system, which includes monitoring and improving all aspects of information security across the company’s global supply chain, in addition to the management of the Trusted Delivery Process. Mr. Suffolk is responsible for strengthening the company’s understanding of information security issues of governments and operators and ensuring the trusted delivery of telecommunications networks.

Mr. Suffolk has more than 30 years of experience in the information and communications technology industry. Prior to joining Huawei in 2011, Mr. Suffolk spent more than seven years in the UK Government, where he was Her Majesty’s Government CIO and CISO, leading the delivery of the Government’s strategy for the transformation of public services enabled by technology. Previously, he was Operations Director and Managing Director of Britannia Building Society, and Director of Customer Services at Birmingham Midshires.

He was named the most influential CIO in the UK in 2010 by Silicon.com and was ranked in the top five of the most influential people in technology behind Sir Tim Berners-Lee.

Mr. Suffolk received an MBA from The University of Wolverhampton in the United Kingdom.