Big Data Ethics: 4 Guidelines To Follow By Organisations
The possibilities of Big Data are enormous, but moving into the Big Data era carelessly will have massive ethical and privacy impacts. We should master the technology and not the other way around. The goal is to develop better ways how to use the unprecedented computing power to our advantage without intruding on our privacy or ethical standards. In this post I would like to make a first start with developing a set of principles that eventually organisations should adhere to. So please leave your comments and share this article so that together we can create these Big Data principles and start the discussion on Big Data privacy and ethical issues.
In the past we had to pay for software and quite often it did not come cheap. Nowadays we can get a lot of software or apps for free. But remember that nothing that is created by mankind is for free. So, you will have to pay in a different format: with data. Look at all the products that Google gives away to get all your data and show you targeted advertising. Or look at Facebook and how it shows you personalized tailor-made advertising based on all your data to pay for the software and make money. What about the attempt by Instagram last year to sell your photo’s to advertisers without notice. It looks like that as long as there are no strict guidelines, organisation will try to push the boundaries.
Ethics, however, is not the only aspect that we need to discuss and agree upon. According to Kord Davis, a former analyst at Cap Gemini and author of ownership and reputation of Big Data. Davis believes that it will be a long and evolutionary process and it will be by trial and error; Companies will push the boundaries (see the example of Target, Orbitz or Netflix) as well as governments will go too far (see the Dutch strict cookie-law, which recently was downsized again).
Additionally, there is the problem that each government will create its own laws regarding Big Data, some stricter than others, and organisations will try to push those limitations. Different regulations and privacy laws in different countries will be a hassle and expensive for organisations. Some countries have no restrictions, while others impose strict restrictions. Forrester has developed a heat map to understand country specific regulations governing privacy and data protection.
The best solution would be if countries would be able to come up with a broad-based, global set of privacy and ethical Big Data guidelines. But it will be a difficult and long process. So, together we will have to learn the limits and understand how much privacy we want to keep and how much we want to give-up for free stuff. Therefore, it might be easier to ‘crowd-source’ a set of Big Data privacy guidelines.
So, how could such guidelines look like? Here are some proposals of guidelines that should be included:
1. Radical Transparency
Tell your customers in real-time what sort of data you are collecting and for what you will use it. Users do understand that nothing is for free; they just want to be told. Otherwise it would be like receiving a free book from the local bookstore and finding out later that the store still charged your credit card for it. Always allow users to understand what data has been collected about them and allow them to delete it in case the data is not stored anonymously. In case you want to offer a service for free, be honest and transparent about it so that users know what they are up to when using the ‘free’ service. If possible, create also a paid version of the service that does not collect any data but still allows the user to use the service provided.
2. Simplicity by Design
Users should be able to simply adjust any privacy setting and they should be able to determine what they want to share or not. This process should be simple and understandable, also for the digital immigrants. Companies should not make it a difficult process to understand that changes on a regular basis. Privacy policies should be simple and understandable. A good example how not to do it is Facebook: they change their privacy policy every few weeks / months and although they allow any setting to be adjusted it is not always easy to find your way around it. In addition, their privacy policy contains more words (5.830) than the United States Constitution (4.543, not counting the amendments).
3. Preparation and Security are Key
Define what information and data you really need to do business and what information you can do without. With more data being collected and stored and your organisation becoming more valuable, more criminals want to have a share of it, the illegal way. Organisations should define upfront what information they really need to do business and what information they can do without. Develop a crisis strategy in case the company gets hacked and any data gets stolen, which happened quite regularly lately, looking at the hacks of Facebook, Evernote or Linkedin. Or even better, test your data scientists and IT personnel with fake hacks.
4. Make Privacy Part of the DNA
When you embrace transparency, simplicity and security, your customers will embrace you. Ignore these principles and your customers will eventually ignore you. It is a simple fact. So hire a Chief Privacy Officer or a Chief Data Officer that is also responsible for data privacy and ethics. Make this CPO accountable for whatever data you collect, store, share, sell or analyse as well as how you collect, store, share, sell or analyse it. Big data privacy and ethics are too important not to be discussed at C-level.
Proper usage of Big Data strategies, combining and analysing the correct datasets and using it in decision-making will help you grow your organisation. Doing it the correct way will help you sustain that growth for the long-term. So, when starting developing a Big Data strategy, devote a large part of your time and energy to these four principles and it will pay-off in the end.