Helpful or Creepy? Avoid Crossing The Line With Big Data
By Bill Franks, May 07, 2013
One of the most discussed concerns surrounding big data today is privacy. While many powerful analytics are possible with the detailed data that is now collected on each of us, the sensitive nature of much of that data requires rethinking data practices and applications. This can include everything from how data is stored, to the nature of privacy policies, to the legal ramifications of the storage and use of data.
When it comes to deciding how your organization will develop privacy policies for big data, there are at least three distinct sets of guidelines to consider. Without consideration for all three of these areas, you will put your organization at risk:
- What is legal?
- What is ethical?
- What will the public find acceptable?
In an ideal world, these three considerations would lead to the same result. In practice, however, the three are often not in sync and can in fact, point to totally different decisions. It will be important for your organization to decide how you want to balance the results to guide your actions when the three criteria diverge.
For example, it may not be expressly illegal to use big data in certain ways. At the same time, it may not be ethical to do so. Often, laws and industry standards haven’t caught up with our data collection and analytic capabilities. So, it is important to consider what is right and ethical, not just what is legal. If you’re the first to ponder a new type of analysis, you need to think through these considerations before you even start down the path. Maybe there is a loophole that would make it legal to sell my historical location information to a 3rd party, such as an investigator, who is interested in studying my whereabouts over time. However, most people would agree that it certainly isn’t ethical to do so without my knowledge and consent.
What the public finds acceptable can often be even more stringent than what is legal and ethical. It is both completely legal and ethical to analyze my shopping patterns when I sign up for a loyalty program. However, the public only wants it to go so far. For an example, consider the trouble a major US retailer got into for crossing the line from helpful to creepy when predicting who was in the early months of pregnancy based on purchase history. The retailer learned the hard way that the public has its own lines in the sand to watch for. These lines may not always be clear or easy to identify. However, you cross them at your own peril. That makes it necessary to look for them up front.
My belief is that an organization will be well served to routinely sit down and explicitly discuss the legal, ethical, and consumer perception of its analytic policies in detail. After examining the legal, ethical, and consumer perspectives, I recommend defaulting to pursuing strategies that fall within bounds of the most restrictive of the three considerations. Given the rapid change of the legal environment and consumer acceptance of the use of their data, you can expect your decisions to be fluid and changing over time. What seems ok today may not be ok a year from now. While it may not be the most exciting process, keeping on top of your privacy policies will help avoid much bigger issues, such as legal problems and PR fiascos, down the road.
Of course, all of the above points to the need to have analytic systems and processes in place that are flexible enough to adjust as required. Building highly rigid environments will make every adjustment much more painful than it needs to be. Focus must be on a flexible privacy framework rather than a rigid set of specific privacy rules.
None of us wants to be the person behind an analytic initiative that garners a lot of negative public attention for his or her organization. Being proactive in addressing privacy issues is one way to stop you from becoming that person in the news.
To see a video version of this blog, visit my YouTube channel.
About the author
Bill Franks is IIA’s Chief Analytics Officer, where he provides perspective on trends in the analytics and big data space and helps clients understand how IIA can support their efforts and improve analytics performance. His focus is on translating complex analytics into terms that business users can understand and working with organizations to implement their analytics effectively. His work has spanned many industries for companies ranging from Fortune 100 companies to small non-profits.
Franks is the author of the book Taming The Big Data Tidal Wave (John Wiley & Sons, Inc., April, 2012). In the book, he applies his two decades of experience working with clients on large-scale analytics initiatives to outline what it takes to succeed in today’s world of big data and analytics. Franks’ second book The Analytics Revolution (John Wiley & Sons, Inc., September, 2014) lays out how to move beyond using analytics to find important insights in data (both big and small) and into operationalizing those insights at scale to truly impact a business. He is an active speaker who has presented at dozens of events in recent years. His blog, Analytics Matters, addresses the transformation required to make analytics a core component of business decisions.
Franks earned a Bachelor’s degree in Applied Statistics from Virginia Tech and a Master’s degree in Applied Statistics from North Carolina State University. More information is available at www.bill-franks.com.