“Brands taking data ethics seriously can secure competitive advantage as well as compliance”, according to Natasha Singh, Principal Consultant – Privacy and Data Protection at Gemserv.
The amount of data that each of us produces is growing day by day. From swiping left on social media to compiling our latest playlist on Spotify, the equivalent of 1.7MB of information from every human on the planet is being created each second.
The surge in data accompanied by mounting public concerns over how information is being used have made headlines, from the Facebook-Cambridge Analytica scandal through to the monitoring of Black Lives Matter protesters. Those concerns crystalised this year during the tackling of the coronavirus pandemic, with tracing apps highlighting just how complex data ethics can be. While most users will recognise the advantages of such apps, many will have concerns about who will have access to their data, how their data will be used and for how long it will be held.
Technology is advancing at a rapid rate, with the ability to analyse large amounts of information using artificial intelligence (AI) and machine learning, giving rise to the phenomenon of “big data”. Laws are playing catch up. Good examples designed to protect consumers’ personal data include the European Union’s General Data Protection Regulation (GDPR), the California Consumer Protection Act (CCPA), and recently, the Lei Geral de Proteçao de Dados (LGPD) in Brazil.
Yet data ethics precede data laws. Ethics is knowing the difference between what you have the right to do and what is right to do; ethics influence laws, with both being critical parts of democratic societies. As the Alan Turing Institute puts it: “Data ethics can be defined as the branch of ethics that studies and evaluates moral problems related to data, algorithms, and corresponding practices in order to formulate and support morally good solutions.”
Benefits and challenges
For businesses, the financial benefits of big data throw up many ethical challenges. Harnessing data can lead to personalisation and a better consumer experience; more informed decision optimisation, triggering increased revenues and reduced costs; and, ultimately, a competitive advantage.
Contrast those benefits with a host of challenges, including:
- persistency of data;
- lack of transparency;
- lack of control over personal data;
- unwanted interference;
- information asymmetry and control; and
- inaccuracy, data integrity, and data provenance issues leading to unfairness.
For instance, if an online retailer uses the personal information it collects to infer that a woman is pregnant and sends her a coupon for a discount on baby cots then many people would see this as a benefit to the woman, but others may see the inference as a privacy violation. And what if instead of a discount, that retailer raised the price of the baby cot based on the inference? While this may be “legal”, it’s unacceptable to many.
What if the woman was searching for information about babies for a friend or relative? What if the woman had a miscarriage early in her pregnancy and the discount coupon is a painful reminder?
The solution to balancing the benefits and the challenges for businesses and organisations is to identify overarching principles that should be followed throughout the lifecycle of big data projects, including data protection standards and the integration of privacy by design. Turning those principles into actions will guide architects through each phase of their project, from identifying the consumers’ needs and incorporating diverse viewpoints to avoid bias through to assessing the limitations in data sources and assessing the ethical and legislative context.
Being able to demonstrate to customers that a business takes data ethics seriously will not only keep organisations on the right side of the law but will also prove to be a selling point, giving them a commercial advantage against their rivals. As consumers become wiser about how their data is being collected and used, they will increasingly be attracted to brands with ethics that they trust.
Find out more?
The Data Protection, Security & Risk team at Gemserv help organisations build trust with their customers in data handling. Compliance with existing and future standards is achieved and maintained while organisations takes advantage of new opportunities. To find out more, visit https://www.gemserv.ie/capabilities/data-protection-security-risk/