We welcome noted tech journalist and observer Miya Knights to the Markets For Good conversation. We’re glad to have this brief opportunity to turn the journalism tables and interview Miya on the subject of data privacy. Let’s think of the social sector in the context of the broader business environment in which we operate. The speed of technological change isn’t much a respecter of clean lines drawn to mark sectors; whether for-profit or nonprofit, there are fundamental and fast movements that we need to examine as the dust is far from settled on this front.
Eric J. Henderson, Markets For Good (Eric): What do you see as the primary business risks with respect to privacy? How have they evolved over the past few years?
Miya Knights (Miya): Data security and governance has become a focus for businesses as far as privacy is concerned. With so much of any business’s day-to-day operations and communications conducted online or in ‘the cloud’ nowadays, the safety and curation of partner, employee and, most importantly, customer data should be of paramount importance at every level within any organisation.
The experience of T J Hughes in 2007 was a real wake up for anyone doing any kind of business online, when the American department store chain admitted to a data breach data back two years previously, where hackers had accessed details of its international customers’ credit and debit cards, exposing 45.7m of them to potential ID fraud and financial theft.
Some interesting research by the Ponemon Institute has since found that in 2011 the cost of data breach was $5.5m for an organisation, or $194 per record, where a record is defined as any data that identifies an individual whose information has has been compromised by a breach.
So I liken the T J Hughes debacle almost to the Enron scandal (think last year’s Sony hack too), in terms of its effect of issuing a wake up call that reached boardroom level. Organisations today must take the protection of sensitive and confidential data very seriously in order to avoid costly fines and remedial measures, as well as the inevitable loss of reputation and brand.
Eric: The range of social sector business types can generally be categorized as: the emerging class of those seeking to maximize returns, others that operate on a break-even basis, and the more familiar businesses that run as subsidized (e.g. donor-driven) businesses. Regardless of the targeted level of financial returns, each is concerned with maintaining constituent and/or client (consumer) data. What changes have you noted in the uses of consumer data, whether driven by technology or business practice?
Miya: Technology has made it much easier for us as both consumers and organisations to share potentially sensitive personal data. Think of Facebook, Twitter, Instagram, Pinterest and Foursquare – to name a few. And that’s without including registering for online purchases, product recommendation and reviews for example too. Consumer surveys have consistently shown we are happy to share our data with organisations; but only on the understanding that they will respect the privacy of that data and use it to improve the products or services they offer.
This has led to computing trends to develop IT systems that can mine ‘big data’ from diverse sources to, essentially, make the way organisations market and sell to us more effective. There’s a reason the likes of Tesco and Kroger have run successful loyalty or coupon schemes for years, connecting with over 30 million customers between them.
And the social sector is no different: using Facebook or Twitter, linked to traditional TV and print campaigns for example, to both broadcast their messages and engage with wider audiences. But just like every other organisation, this has led to an increased need for strong data governance and privacy safeguards too.
Eric: Collaboration and data sharing are topics gaining momentum in both the private sector (Collaboration Between Competitors to Attain Customer Goals) and the social sector (Collaboration Is The New Competition). They claim the same reason: It’s the only way to confront the large-scale complexity of the problems we face. To what extent are you seeing this really being executed? Any privacy-related pitfalls to watch out for based on what you’ve seen?
Miya: Given the security and privacy concerns already mentioned, and despite the advances in mobile and cloud computing, harnessing data collaboration and sharing between organisations is still relatively in its infancy. There are definite benefits to be had, as long the data has been obtained with relevant permissions and/or is shared in anonymised way. Some charities already rely on Facebook analytics to support campaign execution for instance. While global shipping data standards are providing greater traceability throughout global supply chains.
For me, the most interesting development around the way we use all of this new social data is being generated in the area of semantic web development, or part of ‘Web 3.0’ if you will. The development of ‘ontologies’ will help industries more easily identify and understand the interconnections between different types and sets of data.
But until this kind of development becomes mainstream, all businesses would do well to tread carefully when pursuing data sharing or collaboration strategies. They need to have a clear idea of what they are looking to achieve and weigh that with the cost of doing so in a way that balances the benefits of greater insight and more effective execution on offer with safeguards around the data and the privacy of its owners.