The D-seal is perhaps the world’s first labeling program for digital accountability. It was launched in Denmark on 22 September and adds to the small family of privacy seals in Europe, for example the German EuroPriSe and the planned Digital Trust Label in Switzerland. The purpose of the D-seal is to promote data security, data protection and data ethics at Danish companies, so that customers and consumers can feel safe when using the companies’ products and services.
One of the first companies to receive the D-seal is Vissevasse, a small company selling posters, cards, games, and notebooks from their web shop. Getting the D-seal has helped them strengthen their data security processes and reminded them how valuable data is to the company and their customers. This insight was shared by the company’s CEO Karsten Noel Poulsen in connection with the launch of the D-seal.
The D-seal is based on 8 criteria encompassing:
– A management system for data accountability
– Awareness and safe behavior
– Technical IT security
– Requirements for suppliers’ IT security and digital accountability
– Transparency and control of data
– Privacy & security by design & default
– Reliable algorithms & AI
– Data ethics.
The criterion of data ethics is translated into two general requirements: a) to put people at the centre and b) to ensure that the use of data takes place only after a risk assessment of the consequences of using data in a short-term and long-term perspective.
The insight into these risks should guide the development of products and services together with respect for the individual’s right to privacy. The company should include awareness on the fact that the human being is unique and acts with empathy, will, unpredictability, intuition, and creativity – and therefore cannot be equated with a data process or a piece of software. In this way, the criterion emphasizes that humans have a higher status than the machine and must have the primary benefit of the data processing.
All companies, regardless of size, must meet the D-seal’s data ethics requirements if they develop software and if they use or develop algorithms and AI.
The D-label is relevant to all types of companies. It helps the companies create an overview of necessary processes and initiatives within IT security, data protection and data ethics to be established to achieve digital accountability. But it is also intended as leverage to look at data accountability as an effort that creates business value and gives the company a competitive edge.
The D-seal is based on recognized international frameworks from European and national councils, committees and working groups.
The D-seal is founded by the Confederation of Danish Industry, the Danish Chamber of Commerce, SMVdenmark and the Danish Consumer Council. It is supported the Danish Business Authority and financed by the Danish Industry Foundation.
The D-seal is not based on external independent audits, which is often a prerequisite for trust, but the secretariat makes assessments and annual controls, and this is a very good beginning.
Birgitte Kofod Olsen has represented DataEthics on the D-brand Advisory Board and has contributed to the design of criteria 6, 7 and 8.