I had the opportunity to speak at the
Predictive Analytics World Conference in late October. The panel topic was “Predictive Analytics and Consumer Privacy.” The consumer privacy topic is one that comes up frequently for us and for our customers – especially in Washington, D.C. Some of our most important initiatives are in use by the federal government. They are used to combat terrorism or detect fraud rings or increase safety at our borders and for the citizens in general.
I see that the
top challenge on a citizen or consumer level is abuse. Abuse causes fear and uncertainty about how personal data will be used. The fear of abuse needs to be managed so it does not become a roadblock to improving the quality of life. Just think about it from your own standpoint. How do you feel about your own data being used? But if I would share with you that I could extend your life expectancy – or help develop a new drug your child needed because of access to your data – then you would be more likely to give me your consent. More so than if I wanted to use your data to drive a new marketing campaign to sell leftover cars in a parking lot.
So using analytics as an example. After 9/11 we were asked to help identify terrorist networks. A lot of personal data was screened globally to track down money transfers that were used to fund terrorist rings. This same technology and use of personal data was used to successfully track epidemics, such as the dengue fever in Singapore. And when the next generation of anti-fraud systems was deployed in the financial sector, the public cheered. Why? Because in this case, their data was used to keep their money safe. The public supports the use of their personal data when the technology is used in examples like these.
Let me suggest two ways to make sure that public support continues. First, let consumers have a clear view into how data is used and for what purpose; and second, protect consumer data. Make sure that businesses that collect data have robust data security measures in place so that consumer confidence is not shaken. The legislative and regulatory discussion should refocus on this issue.
And that leads in to a second challenge. When the quality of life can be improved, it is essential that we avoid legal roadblocks in the kinds of scenarios I just mentioned. You can’t regulate away the uses of personal data without reducing the quality of life and putting people at risk. Instead, how personal data can be used should be clearly defined in each industry sector; that is, how the FDA uses personal data will be different from the needs of commercial enterprises.
My final recommendation on this point is that the key for legislation is to resolve the ownership of personal data. Today it is vaguely owned by companies. A balance could be achieved if the public can own what’s for the better good of the people. The rest should be owned by the individual. There should be no grey zone in between. Hence, corporate use for commercial purposes should be based on the approval of the individual. It is up to businesses to demonstrate the added value associated with such consent, such as more relevant offers, etc. Unless it’s for the better good, a leader of a fraud ring should not be allowed to “opt out.”
In the State of North Carolina – where our global headquarters is located – there was a criminal case that brought this topic to the forefront last year. It was the case of Eve Carson, a University of North Carolina student leader who was murdered. It turns out that the men who allegedly robbed her and shot her to death were on probation with outstanding parole violations. They never should have been out of prison. It is believed that her death could have been prevented if data had been shared between the state courts and other agencies.
As I said, consent by the individual is preferred – unless it’s for the better good. With clear communication of how data is used, and for what end result (so that the question of abuse is taken away), public support is all but ensured.
In the final analysis, the issue of data privacy can be made simple: 1. Tell people clearly how their data is being used, and to what benefit for them; 2. Define the rules on who owns data and how it can be used, before the rules are imposed on us; and 3. Opt out versus consent must be an option – let no mean no.
What do you think? I encourage you to share your ideas in the comments section below.
Mikael Hagström, Executive Vice President, EMEA and Asia Pacific, SAS