Forget About that Cloak of Invisibility – Part One

 Author: Deborah Matthews, debmatthews@jackhenry.com

There’s a meme that compares data to oil.  Just like oil, data is most valuable when it is refined.

As a former marketer, I understand the “Infonomics” imperative to harness customer data from multiple sources to create relevant offers and incentives that transform interest into purchases and “enhance the customer experience.”  Many businesses understand that information is an economic asset and are aggressively looking for ways to monetize it.

As a consumer, however, I am personally concerned about the ease in which businesses accumulate diverse snippets of information about me from a variety of sources.  I worry about my children’s generation’s cavalier attitude about posting to the digital world all sorts of information without consideration of the potential perils of oversharing. Given that many sites’ T&C stipulate they “own” whatever is posted, and assuming that everything remains online or in the cloud in perpetuity, what can be known about each of us has changed forever.  Everything from poor fashion choices, impetuous remarks to youthful indiscretions will live forever. Anonymity no longer exists, and society will become numb to the plethora of personal data.

Yet I must confess; I am often guilty of intentionally surrendering my personal information and privacy in exchange for greater convenience, discounts, coupons and access without contemplating if the recipient can or will protect my information.  

Are businesses entitled to know about us (beyond our transactional history) just because they can? The dividing line between personalized offers and offensive invasiveness is both ambiguous and fluid. We assume that data is analyzed in aggregate, but it appears that sensitive identifying information about individuals can be discerned.  Remember when Netflix sponsored a contest to improve its recommendation system?  Insufficiently anonymous customer viewing data was disclosed and researchers from the University of Texas successfully identified customers based on the information. Netflix was sued by a customer whose identity and sexual orientation was revealed.

Here’s another fascinating example: Target sent baby product coupons to a teenager, much to her father’s ire.  He withdrew his complaint when he discovered his daughter was, in fact, pregnant. Target’s statistician predicts, “Just wait. We’ll be sending you coupons for things you want before you even know you want them.”

In 1999, the CEO of Sun Microsystems declared consumer privacy DOA:  "You have zero privacy anyway. Get over it."

Today, however, there is mounting discontent over “unfair and deceptive practices” concerning the use and aggregation of personal information that have grown more pervasive, as online and mobile interactions become increasingly ubiquitous. The focus on privacy will become more intense, if these events are any indication:

• In February, the White House unveiled a Privacy Bill of Rights to protect online consumers.  Six pillars support the blueprint:
  1. Transparency,
  2. Respect for context,
  3. Security,
  4. Access,
  5. Accuracy focused collection, and
  6. Accountability.
• The FTC issued a voluminous report in March, calling for corporate self-regulation and proposing a framework which included three best  practices:
1. Privacy by design: Build in privacy at every stage of development,
2. Simplified choice: Allowing customers to make decisions about use of their data relative to context; and deployment of “Do Not Track” mechanism, and
3. Greater transparency.
• Sen. Al Franken, chairman of the Senate subcommittee on Privacy, Technology, and the Law, advocates more rigorous privacy legislation. “You are not their client, you are their product,” he stated, admonishing Google and Facebook.
• The FCC is soliciting public comments on telcom protection of data collected by smartphones.
• The House of Representatives recently passed the Cyber Intelligence Sharing and Protection Act, which grants government agencies authority to gather information in the name of cybersecurity. Opponents fear that this may diminish citizen’s privacy rights.
• Breaches such as the recent LinkedIn incident catalyze lack of confidence in the ability to secure data.

Stayed tuned for part two of my blog post, where we’ll look a few implications of the evolving privacy, security and trust issues for financial institutions. 

RESOURCES:

Privacy Rights Clearinghouse:
Privacy Basics and Opt-out Strategies
Online Information Brokers List

Network Advertising Initiative

The Future of Privacy Forum