A WORD ON PRIVACY

A WORD ON PRIVACY

‘With great power comes great responsibility’ - an often-coined phrase that in our industry would be more accurately termed as ‘with big data comes big responsibility’.

If yours is a business that is starting to explore the use of big data to compliment your existing offerings, then you should carefully consider the relationship with the entity that is generating the data, which in a lot of cases, is your customer.

The question ‘who is the data owner?’ should be simple to answer, however whilst your business may generate, collect and hold the data, it may not be the case that you own it. In many cases it has been generated as a result of an action by one of your customers as a by-product of using your core service offering.

Examples might be if you are a mobile network operator, an Internet service provider, a subscription TV provider or even a consumer equipment manufacturer, generating potentially interesting data sets through your services and products where essentially the data is a by-product of your core offering. You possess the data generated from your platforms, and your customers have signed terms and conditions that likely allow you to use this data for various commercial activities. Legally and regulatory this may suffice and you may assume as a business it is safe to use this data. However you may then need to consider the moral and ethical impacts and risks of exploiting this data, as a misunderstanding of this intent by your customers could have serious consequences on your customer relationships.

Take the case where the customer has not read your terms and conditions, which despite best efforts is a common occurrence. They are then informed through a third party such as a newspaper article (and often with exaggerated or politically-incensed language), that their data is being used to generate further commercial gain for your business. The customer in this case disagrees with the use of this data and responds by terminating their contract, impacting your core offering. If this happens on a large scale you are suddenly left without a customer base.

The scenario of the customer ending their association with your company may be an extreme outcome, and there will likely be many other contributing factors as to how the customer’s engagement may be retained or lost. However, regardless of how the customer’s relationship with you has been impacted, its origin is the same - a lack of information, a lack of trust and a lack of control, leading to negative sentiment towards your business.

“Customers should of course expect the businesses they use to get the legals right” says Richard Kemp, founder of Kemp IT Law (www.kempitlaw.com), solicitors and data law specialists. “That means businesses getting the formal things right – like the terms around data ownership and use in their Ts & Cs, and their privacy policies, Data Protection Act notifications and Big Data privacy impact assessments. But it also means going well beyond that to really start building trust. Businesses should be asking not just ‘can we do that within the law’ but ‘is that what our customers would reasonably expect from us’?”

If yours is a business who is using, or considering using, customer data beyond its traditional scope, we offer these points of advice:

  • Keep your customer informed through regular, timely and clear interactions. It is not enough to bury the details in the small print and forget about it. Your customer has the right to understand how their data is used and by whom.
  • Trust your customers. Trust works both ways and if you show your customers respect by trusting their judgement then they will in turn trust you.
  • Give your customers the choice and control over how their data is used. It is far better to allow a customer to opt-out of something than to lose their business entirely.

“It’s essential that you don’t just think of privacy as a compliance ‘tickbox’, handled with a page of lengthy terms”, says Neil Brown (http://neilzone.co.uk), Telecoms and Technology Lawyer. “You need to be thinking about privacy from the very beginning, as part of your product design. In particular, limit the data you collect to the bare minimum, build in safeguards and security, and maximise the opportunities for those whose data you process to exercise choice and control. Above all, don’t be beguiled by the horrible term ‘data subject’: remember that you are talking about real people, not a regulatory construct, and treat them as such.”

This consistent message is further reinforced in a recent video interview with the Director of Privacy at GSMA:

Now more than ever, consumers feel that they are being taken for granted. Governments, agencies and social media all seem to be out to snoop on or make a profit from their data. Trust is at an all-time low. But businesses and consumers can both benefit from the fantastic opportunities big data can offer, provided that the relationship between the two is maintained through trust and openness. Let’s make sure that this message doesn’t get lost in the rush to realise revenue.