Change is always difficult and individuals who have been impacted by globalization, automation, and other technologies are pushing back. Rising populist sentiment around the globe is altering the political environment and spilling over into the business landscape. Trying to halt technological advancement, however, is like trying to stop a tsunami with a wall of sand. There is one area, however, where global pushback could impact business in a big way — concerns about privacy and big data security. “According to a survey commissioned by the Centre for International Governance Innovation (CIGI) and conducted by global research company Ipsos, the majority of global citizens (83%) believe there need to be new rules about how companies‚ governments and other users use personal data.”[1] Of course, you don’t have to be an angry, unemployed consumer to be worried about how governments and businesses use and protect personal data. It’s a concern shared by people across the political spectrum.
The Intractable Tension between Privacy and Big Data Analysis
“Big data privacy is a topic that is becoming increasingly important as the methods we are using to accumulate big data are becoming more sophisticated,” write analysts from Nanalyze. “The term ‘big data’ has now become a catch all term that refers to the proliferation of massive sophisticated data sets that we can now analyze using new tools like deep learning. Through analyzing big data, we gain insights that create efficiencies and help us become more effective at our jobs across all industries. The problem is that now we’re getting good at analyzing every single piece of publicly available data out there and some of the information is going to raise big data privacy concerns.”[2] In other words, there is a natural and intractable tension between privacy and big data analysis.
“Data analytics and privacy are by their nature antithetical to one another,” writes Kon Leong, President, CEO, and co-founder of ZL Technologies. “Analytics initiatives accumulate as much data as possible in order to provide the greatest possible insight into their subject.”[3] Leong agrees with global sentiment that firm guidelines (i.e., governance) need to be established about how data is gathered and used. “The only solution,” he writes, “is an ongoing information governance strategy that sets the ground rules for responsible data initiatives and ensures that sensitive data doesn’t end up in the wrong hands. Despite what you may think, the most intrusive governance system is in fact the most private.” He elaborates:
“Information governance is about control. … Some companies say, ‘Let’s lock up all our information in Fort Knox to protect it.’ The problem then is that no one uses it because they have to hike all the way to Fort Knox to get it. Data utility and security must be reconciled. Easier said than done. Data must be mapped and classified, and have appropriate policy-based actions applied for deletion, de-duplication, and retention. Moreover, appropriate access privileges must be assigned, with particular data being quarantined. This requires ongoing information governance. … Governance and analytics initiatives should be made transparent, and consistent and practical policies must be applied. Ultimately, it is only when an organization has a definitive process for governing information that there can be true accountability. We are now at a crossroads: We have in our hands tools that could be unimaginably empowering; yet without governance, the boundless expansion of unstructured analytics will have devastating repercussions.”
What Leong is suggesting is a system of self-governance by businesses to protect individual privacy. While commendable, there are good reasons to believe businesses won’t always have the best interests of consumers in mind. One of the most recent examples is Vizio. The company was recently fined $2.2 million for spying on U.S. customers. “What made the breach of customer trust particularly egregious,” reports Joel Hruska, “was the fact that Vizio was doing this whether the end-user agreed to it or not. While the company patched that specific problem after it was publicly disclosed by third parties, the FTC opened an investigation into the company’s behavior more generally.”[4] Incidents like this have increased the calls for government involvement regulating how big data is gathered, stored, and used.
Government’s Role in Protecting Privacy
Nanalyze analysts report, “Stanford Law Review published a paper on big data privacy back in 2012 called “Privacy in the Age of Big Data” which warned that government needed to step in and address a potential problem. In May 2014, the White House published an 85-page report titled “Big Data: Seizing Opportunities, Preserving Values“. In February 2015, the White House released an interim progress report on its big data privacy initiative.”[5] They note the report proposed 6 key recommendations:
1. Advance the Consumer Privacy Bill of Rights because consumers deserve clear, understandable, reasonable standards for how their personal information is used in the big data era.
2. Pass National Data Breach Legislation that provides for a single national data breach standard, along the lines of the [Obama] Administration’s 2011 Cybersecurity legislative proposal.
3. Extend Privacy Protections to non-U.S. Persons because privacy is a worldwide value, and should be reflected in how the federal government handles personally identifiable information from non-U.S. citizens.
4. Ensure Data Collected on Students in School is used from Educational Purposes to protect students from having their data shared or used inappropriately.
5. Expand Technical Expertise to Stop Discrimination so that the federal government’s lead civil rights and consumer protection agencies can identify practices and outcomes facilitated by big data analytics that have a discriminatory impact on protected classes, and develop plans for investigating and resolving violations of law.
6. Amend the Electronics Communications Privacy Act to ensure the standard of protection for online, digital content is consistent with that afforded in the physical world — including by removing archaic distinctions between email left unread or over a certain age.
Whether those recommendations will be followed is problematic since they were developed under the past presidential administration. Nanalyze analysts conclude, “While a great deal of information you put out into the wide world of social media and the internet probably can’t be traced to you, a lot of it can. … People are going to become a lot more shy about expressing their opinions online when they know that everything they say will soon be scrutinized with a fine tooth comb. You should be as equally concerned about what other people are saying about you as well. … Tomorrow’s aspiring politicians are most certainly using social media today, and everything out there is now fair game forever. Big data privacy does not exist for anyone. You’ve been warned.”
Summary
Gary Eastwood writes, “When most of us think about protecting our privacy, we worry about shadowy agencies like the NSA or CIA watching our e-mails or social media posts. But while we may rightly worry about government intrusions into our privacy, we overlook how corporations can get access to data we place online.”[5] I believe Eastwood selected the word “overlook” very carefully. Most of us know we are generating data through our use of computers, smartphones, wearables, and other connected devices. We “overlook” those data collection efforts because we understand we also gain benefits from the analysis of that data. As a businessman I appreciate the benefits and insights that can be gained through data analysis. I am also aware that if businesses and governments use that data unethically there will likely be repercussions. That’s why governments and businesses need to collaborate to define rules and regulations that balance consumer privacy protections with the analytic needs of businesses, governments, scientists, and academics. For supporters of populist movements looking for fewer government regulations, government/business collaboration presents a conundrum since many populists are also privacy advocates. The issue of privacy is not going to go away regardless of which side of the political spectrum is in office and it’s too big of an issue to ignore.
Footnotes
[1] Staff, “Online security of personal data an increasing concern to consumers,” Centre for International Governance Innovation, 18 April 2016.
[2] Staff, “Big Data Privacy and Why You Should be Concerned,” Nanalyze, 6 November 2016.
[3] Kon Leong, “The Battle Between Data Analytics and Privacy,” Information Management, 3 October 2016.
[4] Joel Hruska, “Vizio to pay $2.2 million to the FTC for unprecedented spying on US customers,” ExtremeTech, 7 February 2017.
[5] Gary Eastwood, “Why the ‘smart’ employee trend should worry us,” CIO, 5 February 2017.