The Role of Providers in Free Flowing data

The Role of Providers in Free Flowing data
By Hanna Rocks | July 5, 2019

In the past year, we have all experienced an inundation of emails with the subject line, “We’ve updated our privacy policies”. Recent actions by the Federal Trade Commission [1] (FTC) and the European Union (does the acronym ‘GDPR’ [2] ring any bells?) have prompted companies to make significant changes to the way they manage user information.

Despite all these changes to policies and headlines about what they hold, the majority of users continue to scroll to the bottom, check “I accept”, and move on without taking any time to consider what they are agreeing to. In fact, a study published in 2016 and updated in 2018 [3] found that 97% of users agreed to the privacy policy of a fictitious social media site—glossing over the clause requiring provision of the user’s first-born child as payment for the service.

Why are we so willing to accept any terms to gain access to an online service? The answer likely lies within the value that users receive in exchange for clicking “I accept”. A Deloitte survey [4] of over 8,500 consumers across six countries found that 79% were willing to share their personal data, *so long as there was a clear benefit to the user.*

This stance aligns with many legal and ethical opinions on privacy protections. One of the earliest regulatory frameworks on privacy harms, the Belmont Report [5], clearly states that the organization should weigh the potential for harm against the possible benefits to the individual. However, because the perceived benefit will vary from user to user, this value is difficult to define or estimate.

Instagram, for example, may define “benefit” as providing specific, personalized ad content to each user. This has also led to a heated debate about whether or not Instagram (or any other app on your phone) is “listening” to us [6]. I often wonder about this, but my worries have weakened over the years as I consume of a growing number of products found while scrolling through my feed. The value I receive from these products is worth whatever information Instagram has been collected and analyzed. I don’t know the details, so it is easy not to care.

Which brings us back to regulatory bodies like the FTC. The FTC is tasked with protecting ignorant or lazy consumers from corporations who are after unreasonable amounts of personal data. However, the question of what is deemed “reasonable” will continue to change as companies differentiate themselves by providing the ultimate personalized customer experience. More and more consumers are coming to expect tailored recommendations from the services they use—whether that is the “perfect” new pair of shoes discovered on Instagram or a carefully calculated rate from your insurance company.

As we continue down the path of highly customized goods and services, it is critical that businesses appoint individuals, or even teams, to provide oversight of what data the organization collects from its consumers and how that data is used. Doing so will benefit both the consumer and the provider by monitoring policies and comparing those policies to existing or emerging regulatory frameworks. Businesses would do well to adopt a proactive approach…

such as the “opt in” requirement under GDPR [7] that clearly addresses how they use customer data, rather than expecting consumers to read thousands of words written in the dreaded “legal-ese”. If a business is willing to invest time and resources, it *can* provide ultimate customization with ultimate protection. In the end, a business that brands itself as a leader in the responsible use of consumer data will surely attract more customers—offering both a personalized experience and peace of mind.

References:
[1]: https://www.vox.com/2019/1/23/18193314/facebook-ftc-fine-investigation-explained-privacy-agreement
[2]: https://www.techrepublic.com/article/the-eu-general-data-protection-regulation-gdpr-the-smart-persons-guide/
[3]: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2757465
[4]: https://www2.deloitte.com/insights/us/en/industry/retail-distribution/sharing-personal-information-consumer-privacy-concerns.html
[5]: https://www.hhs.gov/ohrp/regulations-and-policy/belmont-report/read-the-belmont-report/index.html#xassess
[6]: https://www.vox.com/the-goods/2018/12/28/18158968/facebook-microphone-tapping-recording-instagram-ads
[7]: https://www.cooleygo.com/gdpr-do-i-need-consent-to-process-personal-data/

Leave a Reply