There’s no secret to quality data protection

Transparency is always at the heart of a good relationship. J Cromack, chief commercial officer at Consentric, explains how this applies in the personal data market and what organisations can do to ensure they benefit.

How do you put a value on trust? Last month, investors let their feelings be known about the Cambridge Analytica/Facebook revelations when they wiped $58bn off the latter’s market value within the day the news broke.

Facebook users were shocked, too, with #deletefacebook trending for days. Advertisers – Mozilla and Commerzbank, along with others including Tesla, SpaceX and Sonos – suspended Facebook activity; governments announced investigations. All told, the damage to trust is incalculable – and that’s potentially so for all organisations that collect data.

Personal data has become big business, with companies often treating it as a commodity to be bought and sold for profit. The problem is that individuals haven’t understood what happens to the information they supply and legislation to protect them hasn’t kept up with the market. As a result, the whole personal-data sector has been taken on trust… and now that trust has gone.

Organisations should understand that winning back trust starts with some basic housekeeping and transparency. Generally speaking, if people understand what you want and it’s in their interests to give it to you, they will be supportive.

Perhaps the biggest problem are terms and conditions. Companies appear to think that if they throw the kitchen sink at it, they will be fine. As a result, these important footnotes are full of legalese and too long – often by many thousands of words.

In 2012, Google was ridiculed for T&Cs running to 10,640 words for Google Chrome, Wallet and Books. The result is that no one reads them, ticking the box while assuming that everything’s going to be fine. But that’s all about to change.

Not only is there a backlash against data collection from a consumer point of view, but the new General Data Protection Regulation (GDPR) – enforceable from May 2018 – means companies have to show they have the right kind of consent for the uses of data they have in mind.

The Information Commissioner’s Office, the UK’s independent watchdog for information rights and data protection, sets out good and bad examples of terms and conditions, encouraging plain English, clear statements of consent and explanations as to why supplying information will be useful, Privacy notices, transparency and control. It practices what it preaches; its own T&Cs are a concise two pages of large type, with everything listed under four clear subheadings. It probably takes all of three minutes to read.

Another way to garner trust is to make sure people are able to accept only what they need. To date, consumers have had to put up with an all-or-nothing approach. If, for example, you buy a fitness-tracking device, when you come to sign into the analytics service, you might have to agree to allow your data to be aggregated – collected, in other words.

This is fine if you trust the company and get something back – your fitness ranking according to age, weight or sex. But if you are not interested in comparing yourself with others, you might not want to share your data. This is unfair – you’ve bought the device for your own benefit – and it’s contrary to GDPR.

Far better to separate out different agreements and explain exactly what the individual will get in return and how this might benefit them. In addition, organisations should allow consumers to see easily what information they are holding, what it’s used for and how long they will keep it.

Research shows that when all this happens, consumers are more willing to give up their data. A recent study by Boston Consulting Group found that consumers given the right information are at least five times more likely to provide their data, including a real phone number, address, sex, age, and profession.

The benefits of this increased trust are significant. The data sets are cleaner, allowing organisations to perform more accurate market and product research, improve the customer experience and create more effective marketing programmes.

For government and health organisations, the social benefit is huge because better data delivers better outcomes. Yet I estimate that some 90 percent of organisations have yet to work out this trust advantage and act on it.

The Facebook/Cambridge Analytica fallout, along with GDPR and other changes, will force remedies. I suspect, though, that many organisations will take a long time to adapt, believing the process to be too complex. As a result, they will lose out on potential competitive advantage. Transparency is neither too complex nor too difficult – and the trust it engenders is invaluable.

J Cromack, Chief Commercial Officer.

Click here to download a copy of this article.