Big Data: Protecting Privacy Is Good For Business - InformationWeek
IoT
IoT
Software // Enterprise Applications
Commentary
5/12/2015
07:06 AM
Pam Baker
Pam Baker
Commentary
Connect Directly
Twitter
LinkedIn
RSS
100%
0%

Big Data: Protecting Privacy Is Good For Business

Privacy issues in big data often put companies and consumers in adversarial positions. It doesn't have to be that way.

6 Ways To Master The Data-Driven Enterprise
6 Ways To Master The Data-Driven Enterprise
(Click image for larger view and slideshow.)

When it comes to big data best practices, most companies are stumped about how to respect consumer privacy and still get the data they need to make their enterprises profitable. This is particularly true for companies using mobile apps, which often collect all manner of data about user location and habits.

The Mobile Ecosystem Forum (MEF), a global mobile trade association, publishes an annual research report on consumer trust and privacy, which tracks the attitudes of mobile users in 15 countries. In its latest report, released in February, 49% of the 15,000 survey respondents said a lack of trust limits the number of apps they download, compared to 37% who said the same in 2014. More than seven in ten respondents (72%) said they are not happy sharing personal data, such as location or contact details, when using an app, while 34% said lack of trust stops them from buying more goods and services using their mobile device.

"Companies clearly need to balance the need to gather consumer data to monetize services with the need for consumers to trust the services that are offered," said Andrew Bud, chairman of The Mobile Ecosystem Forum, in an interview. "Consumers must be treated as full partners in this value-exchange by helping them understand why their data is collected, how it is used, and what it is used for. That means transparency and a focus on clear privacy policies that are fully comprehensible and easy to read on a tiny mobile screen. In some parts of the world this is becoming a legal necessity, which companies turn into an asset."

(Image: Geralt via Pixabay)

(Image: Geralt via Pixabay)

It all begins with a change in perspective: Rather than looking at customer privacy as an challenge for your company to overcome, try looking at it as the foundation upon which all of your customer relationship efforts are built. "Customer privacy, and organizations' ability to protect it as customers expect, is, in fact, the building block of trust and long-lasting engagement," said Enza Iannopollo, a researcher at Forrester who is based in the UK where consumer regulations are far tougher than they are in the US.

Indeed, the data-collection practices of companies and governments have created trust issues with consumers. Government agencies and corporations worldwide have engaged in years' long data-gathering projects -- such as the NSA's collection of bulk call data from US telecommunications companies, which an appeals court last week ruled was illegal. Such bulk data gathering is often done with little to no regard as to whether the data gathered was actually useful to the agency or enterprise gathering it, or whether vacuuming up and storing such information was ultimately harmful to the consumer.

To make matters worse, some corporations shoved opt-out options into dark corners of their websites or apps, where consumers could not easily find them. Even if consumers found the opt-out button buried deep in an app or device menu, clicking it did not stop the data collection.

[ How much personal healthcare data will you reveal? Read The Internet Of Me Is Getting Real In Healthcare. ]

In his DoctorBeet's blog post, UK based ICT consultant Jason Huntley revealed the details of how his LG Smart TV collected personal data. Opting out did not stop the TV's data collection. After widespread news coverage and a resulting consumer backlash, LG announced it has fixed the opt-out problem.

Data Collection: Transparency Is Key

Most organizations today recognize the need for transparency in their data collection, usage, and retention practices. However, for many companies this is a scary tactic. The fear is that consumers will share little to no data voluntarily, or will over-restrict data use.

Scary or not, transparency is actually less harmful in practice than presumed, and actually provides more benefits to companies than insidious tactics do. "Consumers are happy to share data when three things converge: transparency, trust, and benefits," said Maxwell Luthy, director of trends and insights at TrendWatching, in an interview. "If the organization is transparent about what data it collects, the organization can be trusted to keep data secure, and the benefits of the collection are clear to the customer, most people are happy."

To turn data-gathering into a customer relationship enhancer, companies have to ditch the idea of a one-way data funnel and build a two-way engaging relationship centered on personal data. In other words, use analytics to provide insights for the customer as well as insights for your company. Personalized insights are often considered by customers as a top benefit. Other consumer benefits run the gamut from personalized services and loyalty rewards to simply feeling good for helping a good cause.

"Turn insight back around to the customer, for that is what creates the value cycle," said Brian Hopkins, vice president and principal analyst at Forrester, in an interview.

Companies need to move to a transparent, informed-consent, collaborative data model now, or risk losing major investments later, Hopkins said. "If you're dependent mostly or solely on consumer data, what happens to your organization and ecosystem if everything you're doing suddenly becomes illegal? One stroke of the legislation pen and you're out of business," said Hopkins. "Get proactive and protect your business with transparency and by digging into systems to make it easier to adapt to changes in political winds or to add more controls. Companies may be facing very expensive fixes as more legislation appears."

In other words, the longer you wait to provide transparency, build consumer trust, and provide real benefits in a data exchange, the more your costs are likely to rise in making those fixes later.

How do you go about making this transition? Craig Spiezle, executive director of the Online Trust Alliance (OTA) and former director of security and privacy product management at Microsoft, offered the following nine tips:

  • Communicate the value to the consumer
  • Have a clear and concise privacy policy written for the consumer, not for your legal team
  • Provide the ability for consumers to opt out
  • Restrict any sharing with third parties
  • Have a lawyer's privacy policy with icons
  • Consider having privacy policies written in multiple languages
  • Define your data retention practices
  • Embrace do not track
  • Move from a compliance mindset to stewardship

What's your big data strategy? Have you tried any of these tips in your organization? If so, how have they worked for you? Do you have additional best practices for big data collection that have kept you in good standing with your customers while giving your organization the insights it needs? Tell us all about it in the comments section below.

[Did you miss any of the InformationWeek Conference in Las Vegas last month? Don't worry: We have you covered. Check out what our speakers had to say and see tweets from the show. Let's keep the conversation going.]

Pam Baker is author of Data Divination: Big Data Strategies, which met with rave reviews and is currently being used in universities as a textbook for both business and tech courses. It's also sold to business audiences in the general market. The US Chamber of Commerce and ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PeterF028
100%
0%
PeterF028,
User Rank: Moderator
5/27/2015 | 2:06:47 PM
Time for new expectations
As our world morphs into a large IoT environment, we are going to need to revisit privacy. What are realistic expectations? What do businesses need to do to separate personal from the data? There needs to be a serious conversation here. This also leads to the bigger discussion around security. Fortunately, CIOs are well aware of the challenges, whether or not they have any solutions. In 2013, 78% of all CSC CIO Survey respondents saw cybersecurity as a major concern in the next 3–5 years. That focus has only intensified in the intervening year. In 2014, 82% of all respondents cited cybersecurity as a high or critical concern for the next 12 months, the highest percentage across all surveyed categories. Peter Fretty, IDG blogger working on behalf of CSC
kstaron
50%
50%
kstaron,
User Rank: Ninja
5/26/2015 | 5:36:59 PM
Partner not a victim
Consumers must be treated as full partners in this value-exchange by helping them understand why their data is collected, how it is used, and what it is used for.

This is critical. Only after we as consumers can trust the company will we feel comfortable in giving them data. If a company won't tell me why they collect it, what it's for or how they are going to use my information I don't want anything to do with it. I will assume the worst. not only will i assume that they are going to sell my information to the highest bidder, that my inbox will be flooded with useless ads, I won't trust them to have my data secure either. If you want my data don't be sneaky, don't buety it in the fine print. Just tell me. Tell me and I might be okay with it. don't tell me and I'll never trust you again. When companies don't make me feel like a partner, they tend to make me feel more like a victim.
Ulf Mattsson
50%
50%
Ulf Mattsson,
User Rank: Strategist
5/12/2015 | 4:13:02 PM
Move from a compliance mindset to stewardship
I agree that we need to "Move from a compliance mindset to stewardship". Compliance is giving us a false sense of security. A good data security poster will automatically bring many compliance benefits. PCI DSS is a great example how to define a minimum required security level and to also provide great additional guidance on how to secure the entire flow of sensitive data with tokenization.

Ulf Mattsson, CTO Protegrity
butzibau
50%
50%
butzibau,
User Rank: Apprentice
5/12/2015 | 12:00:44 PM
Couldn't Agree More!
In my opinion, out of the nine tips, #3 is the most crucial.

There's a whole genre of apps and services -- e.g., the Duck Duck Go search engine or the Threema IM -- that use the fact that they don't collect user data as distinguishing feature. (And most of them are quite effective at it, too.)

If you don't need the user data for your business, you should really provide the possibility to opt out of any data collection.
Ariella
50%
50%
Ariella,
User Rank: Author
5/12/2015 | 9:41:10 AM
Re: protecting privacy
Forrester has also issued a report on the CPO, chief privacy officer

The chief privacy officer (CPO) will weigh in not only on data security and privacy issues relating to customer data but also on corporate and employee data and agreements with third-party business partners. It's a role with great importance and influence as privacy issues and corporate responsibility dominate discussions regarding data collection, storage, and use
Ariella
50%
50%
Ariella,
User Rank: Author
5/12/2015 | 8:27:44 AM
protecting privacy
""Customer privacy, and organizations' ability to protect it as customers expect, is, in fact, the building block of trust and long-lasting engagement," 

That is an excellent observation. If the relationship with a business has any parallels at all to relationships with real people, there would be an expectation that information told in confidence remains private.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll