Big Data Requires Big Privacy
February 12, 2015
Everything new is old…everything old is new, including data collection.
The Babylonians took the first known census in 3800 B.C. In the US, the first Federal Population Census was taken in 1790. We are used to having our data collected, analyzed and assumptions extracted. What we aren’t used to is the increased pace at which data is collected. Did you know that ninety percent of the world’s data was created/collected in the last five years?
Along with mobile devices, the Internet of Things is accelerating a number of interactions with the internet, and the data created during those interactions. Roughly 50 billion smart devices are expected to connect to the internet by 2020!
As our interactions with technology deepen, brands and organizations are more aggressively trying to harness that data. What devices do we search from? How much time do we spend on certain websites? How much money do we spend on e-/mobile commerce? Are we using technology to find information about our health? What medical conditions might we have based on electronic medical records? What products do we use based on the social posts we publish?
New algorithms have been written in an attempt to make sense of this data – to learn more about the behaviors that data collectors observe, and then make predictions based on those observations that will drive business or brand value.
Data collection provides us with some really unique opportunities. It allows companies to provide consumers with better brand interactions, customer experiences, information gathering, etc. Knowledge is power, right?
In a report entitled Privacy by Design in the Era of Big Data, published on June 8, 2012, by Jeff Jonas, IBM Fellow and Chief Scientist, IBM Entity Analytics, and Ann Cavoukian, Information and Privacy Commissioner, Ontario, Canada, the authors detailed:
“This new technology, something that might be characterized as a ‘big data analytic sensemaking’ engine, is designed to make sense of new observations as they happen, fast enough to do something about it, while the transaction is still happening.”
Google and Facebook are masters at this. Most of their money is made off of analyzing and anticipating consumer behavior. Google collects more data than…well, ANY other organization, right? And due to having some of the most brilliant engineers on staff, they’ve developed tools over the years to help them understand it.
The Challenges of Data Collection
So yes, data is collected to give us a greater understanding of behavior, but of huge concern is how to do that without (hopefully) violating our privacy rights or civil liberties.
Some consumers of technology are completely unconcerned with the amount of personal information they put out into the world via an internet connection. “I don’t have anything to hide,” or “What does it matter if my toilet paper purchasing decisions get in the hands of data analysts or marketers?”
Millennials are the least concerned of all – despite being more informed about the implications of breached data, they are flocking to the latest and greatest new and next mobile apps, creating headaches for any IT manager thinking about employee device management as it relates to Millennial workforces. In Will Millennials be the Death of Data Security, Chris Rouland, Founder & CEO, Bastille, further explores how businesses need to think about cyber security as Millennials enter the workforce en masse.
Despite some users’ apathy toward data security, there are just as many people who are protective of what information they share on social channels, on websites, on e-/mobile commerce sites. Perhaps they don’t know all of the implications, but they believe that for some reason, they should keep as much personal information as possible off of the internet.
Though many companies say that data belongs to the user, many are rather unscrupulous about using that data with or without the permission of the user to further their business goals. There is a loud dialog happening now among consumer advocates, marketers and other members of the industry about how individuals can and should take control over their own data.
Marissa Mayer, CEO of Yahoo, has said:
“A personalized internet is a better internet. To get here we need to have transparency and afford the individual control. It comes down to being able to make a statement that users own their data, which they can examine, take it with them to other sites and vendors that they trust more in a market that helps people make these trade-offs and decisions.”
While users wrestle with how much information to share or not share, the industry has put the burden of privacy protection in the hands of business. In Privacy by Design, Jonas and Cavoukian also assert: “While organizations have practical incentives to make the most of their ever growing observation space (the data they have access to), they also have a pressing need to embed in these systems enhanced privacy protections.”
Hackers are certainly bringing light to this issue. Breaches at major companies like Anthem, Target, The Home Depot and Sony remind us that sensitive information is always vulnerable in the hands of those who wish to do us harm. Further, revelations about how the government collects data from citizens have more of us thinking about how and why our information is collected and used.
In his book, Big Data at Work: Dispelling the Myths, Uncovering the Opportunities, Tom Davenport summarizes, “It’s not how much data you have, but what you do with it that counts.” That certainly points the finger of responsibility at the organizations collecting the data. A company’s motives are hardly in question – they want to use our information to get us to purchase something or to improve their product performance. A health organization, on the other hand, might use our data to affect public health policies. A government may try to predict behavior as part of its efforts to end terrorism. (Note: I am not going to dive into the topic of governmental data collection as that is a wormhole of opinions best left to others for debate.)
Jonas and Cavoukian argue:
“[Privacy by Design] prescribes that privacy be built directly into the design and operation, not only of technology, but also how a system is operationalized…we strongly encourage technologists engaged in the design and deployment of advanced analytics to embrace [Privacy by Design] as a way to deliver responsible innovation.”
Big Data and Cyber Legislation
In his State of the Union address, President Obama called on lawmakers to create a policy that encourages businesses to work with the federal government to share cyber threat information and potentially thwart hackers from subsequent attacks.
Currently, lawmakers on Capitol Hill are working with the Obama administration to protect information shared by students within educational apps. This is one of the many areas President Obama is focused on to strengthen cyber laws and so far, he has the support of both parties. The initiative also has the support of more than 100 companies, including Google and Microsoft. These organizations have signed a voluntary pledge, committing to the prevention of student data protection.
Today, leaders in the tech, retail and banking industries are gathered together at Stanford University, along with consumer advocates and law enforcement, to discuss growing cyber security issues. The summit has been organized by the White House as part of Obama’s efforts to shed light on this important issue. President Obama will deliver a speech during the summit.
During a press briefing on January 13, President Obama stated:
“(S)ince this is a challenge that we can only meet together, I’m announcing that next month we’ll convene a White House summit on cyber security and consumer protection. It’s a White House summit where we’re not going to do it at the White House; we’re going to go to Stanford University. And it’s going to bring everybody together — industry, tech companies, law enforcement, consumer and privacy advocates, law professors who are specialists in the field, as well as students — to make sure that we work through these issues in a public, transparent fashion.”
For details about webcasting portions of the event, visit here.
What are developers doing to enhance privacy protection?
Developer advocacy groups such as Open Mobile Alliance, App Developers Alliance and AllSeen Alliance are currently developing new standards to support developers focused on issues surrounding creating protections within middleware that reduce cyber threats to consumer data.
This is important as apps will increasingly move from smartphones and tablets to connected home and cars, and wearables. Even though consumers should be thinking about data protection, the truth is many don’t want to have to. That’s where developers can really make an impact on the industry to ensure greater privacy protection against both simple data exploitation for profit’s sake and malicious cyber crimes.
Published February 12, 2015