The Big Brother you want: Finding the data privacy sweet spot
The following is a guest article from Steven Hillion, chief product officer of Alpine Data.
It is just one year until the European Union's General Data Protection Regulation go live. The new set of rules that require banks, credit card and insurance providers to be more transparent about how they collect and handle consumers’ personal financial data.
What do these two divergent actions, taken within weeks of one another, tell us about the prevailing winds surrounding data privacy? Who’s getting it right?
Only time will tell at this point, but one thing is clear: when it comes to personal data and privacy, businesses, policy makers and consumers are still trying to find the "sweet spot," where all parties feel like the right balance between data privacy and data innovation is struck.
Certainly, data privacy is not an all-or-nothing, zero-sum game. It’s hard to imagine consumers accustomed to sharing their personal information on social media wanting to go back to a time when they couldn’t exchange their shopping histories for product recommendations.
At the same time, smart businesses will understand that there are lines that shouldn’t be crossed. Here are few common sense guidelines:
Don’t be a creep
Imagine two people having a drink at a bar. The bartender interrupts their conversation to say, "I couldn’t help overhearing your discussion about grabbing a bite to eat. I always eat at the bistro on the corner, and it’s fantastic." In all likelihood, he’ll receive their thanks for the recommendation.
Now imagine a different recommendation from the bartender: "I couldn’t help overhearing your conversation about your marital problems. I have a great therapist I could recommend …" In this scenario, will he be viewed as a helpful service professional or a creepy eavesdropper?
Whether we are talking about customer service in the real or digital world, a good rule of thumb when using personal information is to consider the sensitivity of the information and the context.
This is why the reversal of the U.S. ISP privacy guidelines is potentially problematic. Complete browsing histories and email content can be a lot more personal and sensitive than the stuff we willingly share on sites like Facebook and Twitter, or that Netflix or Pandora’s recommendation engines collect.
But what sort of data would we be ok with our network providers accessing? Can they look inside our most private communications? Collecting aggregate stats of network traffic seems like the right context for an ISP and can help them develop better services for their customers. But looking "inside the envelope" at more personal and identifiable information (and selling it to others) is likely to erode customer trust.
This should be a no-brainer, but the truth is that most companies actually struggle to drive (and realize) value from the data they do collect. In fact, despite some of the hand-wringing about a Big Brother future, the promise of Big Data and artificial intelligence is shockingly over-hyped, with many businesses’ efforts to leverage data falling well short of being innovative.
Think about how often "personalized" offers get it wrong. How many of us, for example, have been served with a mortgage offer when we log into our online banking, despite the fact that we may already have a mortgage with the very same bank?
While, yes, consumers do care about data privacy, they are also eager for companies to use contextually relevant data (and especially the data that they willingly volunteer) to add value to their interactions.
They like it when Netflix and Pandora make good recommendations based on their viewing patterns. They are delighted too when Facebook gives them the jump on those Beyoncé tickets. But these examples are more the exception than the rule as data silos and poor analysis techniques hinder accuracy.
Simply put, adding value should just be part of the bargain companies make with their customers if they are going to use their data. And not just because they are forced to (or not) by a regulation, but because it’s good business. There’s a reason many of us share our location data with Google Maps and Waze. These businesses provide a really great, free, useful app in return. Consumers are more incentivized to share when there’s something in it for them.
As we’ve seen in the news, stories of companies getting into hot water for not being upfront with their customers continue — Bose and Unroll.me are recent examples — the importance of transparency is obvious. Businesses must make it clear to their customers what data they are collecting and how they are using it. And no, this information should most definitely not be buried in legalese deep within a Terms of Service agreement.
The EU’s GDPR reflects the view that businesses have a responsibility to inform their customers about how they use their personal data, and because it covers financial products and services, it will impact U.S.-based businesses that operate in the EU market.
In a landscape where one too many businesses have confused with true transparency, it’s a good model to follow. Building trust with consumers about their personal data is essential and is only going to become more so, especially as companies find more ways to collect and use it.
Evaluate actions, not attributes
Rather than analyze using superficial properties like gender or age or race, we can instead learn about people based on their activities, interests and behaviors.
Traditional marketing methods used crude filters to target ads. Big Data allows our online selves to be defined as the aggregate of millions of actions and preferences collected over time, cumulative and complex and open to rich analysis. Handled the right way, it’s a marketer’s dream.
In the end, thoughtful best practices around data privacy are a win-win for the business and the consumer. Regardless of what laws and regulations are made (or reversed), it’s worth every businesses’ time and effort to find the "sweet spot" that builds the trust and loyalty of their customers. In the end, that’s what it’s all about.