In my previous blog post I have described the tension between privacy and innovation. In this post I will discuss how to deal with this and transform challenges into opportunities.
The ingredients of privacy-friendly innovation
Having rules and ways to enforce those rules is key. What else do we need to innovate with data successfully?
First, we need a good engine. Analytics is the engine that drives innovation. Analytics generates the insights that enable organisations to innovate.
The analytics engine requires fuel to operate. That fuel is data. And data doesn’t magically appear; it requires a proactive and deliberate approach to extract, refine, transform, enrich, transport and deliver the data when it’s needed and where it’s needed. It requires technical capabilities. It requires an organisational framework. And it requires a strategy and specific processes.
Introducing data governance!
By establishing rules and standards for the way personal data should be collected, stored, protected and used, the GDPR brings new urgency in establishing a proactive data governance framework. Requirements include:
- The ability to map personal data flows and to build the inventory of personal data across departments and geographies.
- Obligations related to data accuracy, data access control and data retention.
- The collection and enforcement of individual consent for using personal data.
- The ability to respond to individuals’ rights to access, rectify, erase and transfer personal data. Both innovation and privacy are doomed without a strong data management and data governance foundation in place.
- Having this level of control on data is not a luxury anymore – it’s a regulatory imperative.
Boosting competitiveness in the data economy
Some might think that the GDPR was designed to prevent organisations from using personal data, but this is a misconception. In fact, the spirit and objective of the GDPR is to strike a balance between protecting individual fundamental rights for privacy and the need to “free” the data economy. The GDPR makes it easier for organisations to use, share and monetise data because those organisations now share the same standards and requirements for personal data protection.
Data-driven innovation is a key enabler of growth and jobs and has the potential to significantly boost European competitiveness in the global market. To make the most of the data and analytics economy, it is essential to enable data to flow across borders and to use data beyond national borders. The regulation removes some of the obstacles preventing the free movement of data within the EU for companies, public administrations and citizens.
- Removing data localisation restrictions is considered the principal factor for the data economy to unlock its full potential, and to grow up to €739 billion in 2020, doubling its value to 4 percent of GDP.
- Moreover, removing existing data localisation measures will drive down the costs of data services, providing companies greater flexibility in organising their data management and data analytics, while expanding their use and choice of providers. This could boost GDP by up to €8 billion per year.
- A single, one-stop-shop regulation for all organisations to comply with will not only save time and resources, but also make it easier to conduct business within the EU. According to EU figures, having a blanket law on data protection will save the market an estimated €2.3 billion annually.
Building a competitive edge with privacy-friendly analytics
Personal data is and remains a valuable asset, and those organisations that manage to innovate and use advanced analytics with personal data in a compliant fashion will build a significant competitive edge.
Privacy-friendly analytics requires the ability to manage and control the use of personal data across the analytical life cycle: from data discovery and visualisation to data preparation, model development, deployment and automated decisioning. Privacy must be included at every step of the cycle, by design and by default. To achieve this, organisations that are looking to leverage personal data as a source of insight and competitive advantage will need a complete and mature analytics platform.
Beyond the AI hype, the question is how data-driven innovation can be brought to life and put in action to resolve real business problems. What steps are needed to move AI out of the lab and into business operations to realize the desired outcomes? Join SAS experts at an event near you and be inspired to lead your team in the new age of analytics – from data wrangling – through to tangible business results.
Privacy as a competitive differentiator
Privacy is about to become another one of those labels that organisations use to promote their brand, differentiate from their competitors, and influence consumers to buy their products or services.
There are many of those labels to choose from: Fairtrade, Child Labour Free, Ecolabel, Bio, Green Seal, Animal Welfare Approved, WWF, Water Wise, Green IT, etc.
Meet the new kid on the block: GDPR!
Organisations that can demonstrate they are respectful of personal data and GDPR-compliant will be more likely to attract and retain customers. On the other side, those that get caught by the regulators will attract a lot of bad press and face the consequences of reputational damage.
Not only is privacy finding its way into the commercial pitch and branding, it also provides a unique opportunity for organisations to reinvent the customer relationship and finally put customers at the centre of their operations.
GDPR is about transparency and empowerment:
- Transparency about what personal data is collected, what it is used for and by whom, and for how long.
- Empowerment of individuals to control what data they share, why and how; to object for personal data to be used in automated processing; and to access, rectify and delete personal data.
If handled correctly, those regulatory requirements will provide new ways to engage with customers. Putting them in control will boost the trust between individuals and the organisation, and in turn will drive better customer retention.
Millennials know they are the product, and they understand that personal data is valuable and can be monetised. They are likely to let an organisation use their data – assuming they trust this organisation to handle personal data respectfully, and in the context of a mutually beneficial relationship, through additional services or discounted prices.
Organisations need to earn the right to derive value from personal data by demonstrating integrity, building trust through transparency, and proactively empowering customers to be in control of the data they share with them.Organisations that manage to innovate and use #AdvancedAnalytics with personal data in a compliant fashion will build a significant competitive edge. #GDPR #Road2AI Click To Tweet
Personal data protection regulations also drive privacy-centric innovations. New products and services are being developed constantly to help organisations use personal data without compromising the privacy of individuals. Startups are flourishing in that domain. The Harvard VRM project provides a long list of those privacy-driven innovators.
Some examples of innovations driven by privacy requirements:
- Synthetic data generation using machine learning systems to help data scientists access personal data anonymously (MIT article).
- Identity management fuelled by blockchain techniques, allowing verification of identities without exposing personal data (Forbes blog).
- Personal data monetisation, allowing individuals to get value from sharing their personal data (Project 2030 article).
Far from killing innovation, privacy requirements and regulations are designed to boost the data economy and provide organisations with innovative ways to engage with customers and build competitive advantage. The successful organisations will be those that can see beyond the regulatory constraint and use it as a catalyst for digital transformation.