Target Debacle Reminds of Need for Big Data Privacy Sensitivity
Last June, the Software & Industry Information Association urged policymakers to resist introducing a slew of punishing rules and regulations around data collection and analysis. The software industry trade group was anticipating government’s reaction to the troubling appearance of security breaches of sensitive information, and urging restraint lest big data’s power be stifled.
Fast forward to December, when as many as 70 million Target customers had personal details associated with their credit and debit cards exposed thanks to a pre-Christmas security SNAFU at the massive retailer. And so the concerns continue.
As such, it’s no surprise that wary corporate types are in equal parts charmed by the massive capabilities of big data and anxious about finding themselves in a similar public relations mess. But it’s important that those in a position to exploit the stuff keep big data — including its related risks and shortcomings — in perspective. Because at the end of the day, this still-emerging corporate tool is one to be embraced, and not to retreat from.
• Be upfront. Companies that are transparent about their plans for your information enjoy much better optics than those whose surreptitious use of your particulars is only revealed after the fact. It’s fine to own up to plans for limited disclosure of personal data — it’s 2014 after all — so long as you state your data-usage intentions clearly from the get-go.
• Speaking of intentions, make sure there’s something in them for the holders of the information in question. Ideally, big data revelations need to be beneficial to information collector and information provider, both. When consumers feel they’re getting a tangible benefit in exchange for their personal information, experience has demonstrated, their resistance to data collection diminishes.
• Full disclosure notwithstanding, there’s no denying the inherent trickiness of your ultimate plan to share customers’ personal deets. And you simply cannot answer for the privacy policies of those companies with whom you intend to communicate. The best release valve here might be an opt-out provision, in which customers get the opportunity to restrict their personal information’s dissemination.
So long as big data, in all its opportunity-expanding glory, is part of our revised life path, so too will concerns about privacy and information violations be. Governments and businesses interested in getting the most from its emerging promise would do well to step carefully and purposefully along it.