While wandering the internet, I came across the website of SNIA, a global non-profit organization, made up of member companies spanning the storage market. They provide the following, very concise, definition of data privacy:
Data privacy, sometimes also referred to as information privacy, is an area of data protection that concerns the proper handling of sensitive data including, notably, personal data but also other confidential data, such as certain financial data and intellectual property data, to meet regulatory requirements as well as protecting the confidentiality and immutability of the data.
Roughly speaking, this means data privacy concerns how you collect, share and use data, not how you prevent external hackers from accessing your data. That is data security. As such data security is the fence you place around your party, data privacy is the ticket machine at the entrance.
Many companies create multi-year plans and they consist of strategic goals like: becoming (truly) data driven, data driven decisioning, … All statements indicating that the time to use data is now.
Becoming data driven is evolving from a competitive advantage towards being on par with your competitors.
As every company project, the project to increase your data driven maturity should be value driven. Far too often companies have started data projects from a technology perspective, or because using machine learning and AI sounds cool. Instead the aim should be to obtain insights backed by data, as opposed to gut-feeling, and act upon them. Doing this in an automated manner or using smart machine learning algorithms might later increase your data maturity.
You should not use machine learning for the sake of doing it.
Recently I was invited to ignite a discussion at a CIO networking panel. It struck me that almost every company was struggling to convince employees to use data themselves. Employees would rather rely on insights provided by a central data team, even though they do not necessarily understand their business and goals. In my opinion, taking this hurdle and convincing everyone to create and act upon their own insights will uplift your company’s data maturity to a state that you can call truly data driven.
Becoming data driven is about democratizing data. In order to become truly data driven, you should enable all your employees to get insights from data. And act upon them.
This means every employee should get a ticket to the party. Should then all data be accessible by anyone? No, that was the goal of data lakes, we are now moving beyond that. Companies should aim for:
Every employee should have access to all data he is allowed to and requires to excel in his job.
To enable employees with data, many companies take a compliance approach: restrict all data access and only grant when specifically asked for. Some however take an innovation approach: open up all data to foster innovation. One easily identifies that the compliance approach can slow you down. On the other hand, the innovation approach is risky: it introduces a financial risk, due to fines or customer dissatisfaction.
GDPR and other legislations provide you with a framework to handle data in a privacy compliant manner. Many companies have considered these regulations conflicting with their ambitions to become data driven. However data privacy and a data driven mindset can go hand in hand. Even more, these regulations can be a driver to improve the quality of your data, one of your main business assets.
Data privacy might even bring growth potential to the table. Data ethics is something a customer might be willing to pay for. Take Proton mail as an example. Proton mail is more expensive than Gmail, yet already over 70 million people chose to pay for the data privacy they offer. Many people find reassurance in the fact that your mails are yours. They are willing to pay to know that content they write or receive is not being used to personalize advertisements.
The same holds for a bunch of products out there. Every content platform — social networks, media companies and others — all need to choose how they handle data privacy. The depth of insights in a user profile due to what he writes or reads are immense. Such companies need to choose what to do with deducted insights, like political preferences. I believe ethically omitting them will increase your users’ trust and spend.
If your company has such user insightful data, like reading behavior, you need to think about who is able to access it and for which purpose. You might want to minimize data access to raw clickstream data, without getting in the way of those working on content personalization use-cases. When users see value in what you do with their data and trust you that you don’t abuse their data, your business will grow!
Data privacy by design can be an enabler to become data driven and can skyrocket your business performance.