In the wake of the recent Facebook and Cambridge Analytica scandal, data and personal privacy matters have come to the forefront of consumer’s minds. When an organization like Facebook falls into trouble, big data is often blamed, but IS big data actually at fault? When tech companies utilize and contract with third party data mining companies aren’t these data collection firms doing exactly what they were designed to do?
IBM markets its Watson as a way to get closer to knowing about consumers; however, when it does just that, it is perceived as an infringement on privacy. In lieu of data privacy and security violations, companies have become notorious for pointing the finger elsewhere. Like any other scapegoat, big data has become an easy way out; a chance for the company to appear to side with, and support the consumer. Yet, many are long overdue in making changes that actually do protect and support the customer and now find themselves needing to attempt to earn back lost consumer trust. Companies looking to please their customers, publicly agree that big data is the issue but behind the scenes may be doing little or nothing to change how they interact with these organizations. By pushing the blame to these data companies, they redirect the problem, holding their company and consumers as victims of something beyond their control.
For years, data mining has been used to help companies better understand their customers and market environment. Data mining is a means to offer insights from business to buyer or potential buyer. Before companies and resources like Facebook, Google, and IBM’s Watson existed, customers knew very little about their personal data. More recently, the general public has begun to understand what data mining actually is, how it is used, and be aware of the data trail they leave through their online activities.
Hundreds of articles have been written surrounding data privacy, additional regulations to protect individual’s data rights have been proposed, and some even signed into law. With the passing of new legislation pertaining to data, customers are going as far as to file law suits against companies that may have been storing personal identifiable information against their knowledge or without proper consent.
State regulations have increasingly propelled the data privacy interest, calling for what some believe might develop into national privacy law. Because of this, organizations are starting to take notice and thus have begun implementing policy changes to protect their organization from scrutiny. Businesses are taking a closer look at the changing trends within the marketplace, as well as the growing awareness from the public around how their data is being used. Direct consumer-facing brands need to be most mindful of the fact that they need to have appropriate security frameworks in place. Perhaps the issue amongst consumers is not the data collected, but how it is presented back to them or shared with others.
Generally speaking, consumers like content and products that are tailored to them. Many customers don’t mind data collection, marketing retargeting, or even promotional advertisements if they know that they are benefiting from them. We as consumers and online users often times willingly give up our information in exchange for free access and convenience, but have we thoroughly considered how that information is being used, brokered and shared? If we did, would we pay more attention to who and what we share online?
Many customers have expressed their unease when their data is incorrectly interpreted and relayed. Understandably so, they are irritated by irrelevant communications and become fearful when they lack trust in the organization behind the message. Is their sensitive information now in a databank with heightened risk for breach? When a breach or alarming infraction occurs, the customer, including prospective, has more concern.
The general public has become acquainted with the positive aspects of big data, to the point where they expect retargeted ads and customized communications. On the other hand, even when in agreeance to the terms and conditions, the consumer is quick to blame big data in a negative occurrence rather than the core brand they chose to trust their information to.
About Greg Sparrow:
Greg Sparrow, Senior Vice President and General Manger at CompliancePoint has over 15 years of experience with Information Security, Cyber Security, and Risk Management. His knowledge spans across multiple industries and entities including healthcare, government, card issuers, banks, ATMs, acquirers, merchants, hardware vendors, encryption technologies, and key management.
CompliancePoint is a leading provider of information security and risk management services focused on privacy, data security, compliance and vendor risk management. The company’s mission is to help clients interact responsibly with their customers and the marketplace. CompliancePoint provides a full suite of services across the entire life cycle of risk management using a FIND, FIX & MANAGE approach. CompliancePoint can help organizations prepare for critical need such as GDPR with project initiation and buy-in, strategic consulting, data inventory and mapping, readiness assessments, PIMS & ISMS framework design and implementation, and ongoing program management and monitoring. The company’s history of dealing with both privacy and data security, inside knowledge of regulatory actions and combination of services and technology solutions makes CompliancePoint uniquely qualified to help our clients achieve both a secure and compliant framework.