What happens to your personal data after you share it and why you should care
“Data is the new oil” is the metaphor of the moment. Data powers our business models and technology to deliver personalised, real-time customer experience. Data has become the most valuable resource for businesses. As we are glued to our smartphones, laptops, tablets and other connected devices, communicating and transacting across global platforms and marketplaces, the flow and processing of personal data is constant and increasingly complex.
When I was starting out in my career, I was asked to give a presentation on whether marketing is an art or science. Having grown up in Silicon Valley immersed in an environment where disruptive technology and innovation were challenging and reimagining the world, I argued it was both — a delicate balance between inspired creativity and robust, data-driven evidence informing targeting and personalisation strategies to enhance the customer experience. Little did I know how prophetic this was. Consumer-centric platforms now dominate the global landscape and leverage data to provide real-time personalisation, omnichannel awareness and unparalleled efficiency. A staggering 90% of the data in the world had been created in the last two years at the rate of 2.5 quintillion bytes of data a day according to Forbes.
Data is actually the new crude oil
A very wise data specialist told me that data needs processing just as oil needs separating and refining, so data is actually the new crude oil. He argues that data must be refined before it has any value.
Data sharing is transactional and incentivised. People are willing to share their data in exchange for free products and services and enhanced efficiency. However, the issue is that many people don’t fully appreciate what’s happening to their data after they share it.
Now, people are starting to learn about online tracking and data mining, especially in light of recent privacy concerns about Facebook (with the latest Pew Research survey results released last week showing that US Facebook users are worried about privacy) and high-profile data breaches.
The US, the place of origin I share with the world’s visionary tech and ecommerce giants, has no single, comprehensive law regulating the collection and use of personal data. The rules that exist were largely established by companies that processed consumer data at scale with consent from privacy policies and end-user agreements most people never actually read.
For the sake of convenience, the masses have consented to data processing without challenging the fundamental model or examining its potential long-term impact or ethical implications.
Why consent is so crucial
People are finally starting to question how their data is processed. As the data specialist explains, many providers refine data by deploying a “notice and choice” consent model. Companies present the terms of service in a “notice” (usually a privacy policy or terms of use agreement) and give consumers a “choice” to either grant or decline consent.
As awareness of privacy and customer consent grows, people are beginning to argue that data processing isn’t fair to customers because it is impossible for a notice to contain enough information for them to provide “informed” consent.
In order to provide informed consent, a person needs sufficient knowledge of the service provider’s data refining practices to evaluate the risks and benefits. The notice and choice model claims that sufficient information can be presented to the consumer in a notice.
However, achieving informed consent is challenging since data refining practices are extremely complex. For example, online retailers feed information to a complex ecosystem that tracks consumers’ online activities to deliver tailored advertising. Advertising exchanges deliver ads to the websites that display them. When a visitor arrives at a website, an advertising exchange combines the visitor’s profile with information about the visitor’s current website activity in order to target ads.
Within fractions of a second, the exchange conducts an auction in which businesses bid for the opportunity to present their targeted ads. The complexity and constant movement of advertisers and analytics makes it practically impossible to convey to the website user what processes are followed and what constraints are respected.
Your data: collected once and used in different ways
Data refining operations can collect information on one occasion for one purpose and then retain, analyse and distribute it for other purposes. A customer may share specific data in different contexts. However, the data can be aggregated and potentially compromise personal privacy.
This reminds me of an article I read in the New York Times years ago by Steve Lohr on the power and pitfalls of data aggregation and how an alarmingly clear picture can be gleaned of an individual’s behaviour, habits, linguistic patterns, locations and network from deep analysis of data. I was an early adopter of Twitter, but this article is the reason why I deleted my account.
The fundamental issue is that in each instance of data sharing, customers will not have enough facts to make a truly informed decision. The future refinements of that data are too complex and unknown. Perhaps companies should consider that it’s impossible for a notice to cover future unknown data processing arrangements or explain this to a consumer.
Why context is important
Like other aspects of daily life, context is critical. Companies should specify how they intend to use your data and manage your expectations.
What you tell your bank, you might not tell your doctor. What you tell your friends, you might not share on LinkedIn. These subtle differences reflect societal norms which rely upon context. If you share privileged information with the wrong people, you can destroy trust. This can be damaging for an individual but arguably more so for a brand, both in terms of customer loyalty and reputation.
What businesses need to do to build trust
Companies should make people aware when they want to use their data in new ways. This sounds simple, but companies need technology that will enable them to do this.
This is where granular consent comes in and why Priviti’s mission is to set the global standard for consent for data sharing. Since the data refining process is complex, companies need to augment their “notice and choice” consent model with granular consent, transaction by transaction, when required.
This will enable businesses to provide consumers with that crucial context and clarity they need in order to give informed consent. If businesses can clearly communicate to consumers how their data is being used and what the benefits are, then they can build long-term trust and a reciprocal data-sharing relationship that adds value for both parties.
You could argue that granular consent will add friction to the user journey and might mean some consumers will abandon the process altogether. While this might be true, businesses could risk losing more for the sake of short-term gain. When trust is broken, loyalty and reputation will suffer.
As the digital economy flourishes and consumers recognise the value of their personal data which is fuelling this growth, businesses now have an opportunity to lead by example and empower consumers with choice, transparency and control over how their data is shared.
Like the visionaries who have inspired positive, transformative change, we can challenge and reimagine the world with technology. Businesses and consumers collaborating and sharing data with trust will make this possible.
