data_privacy_day_775_x_330

Data Privacy Is Good For Business

Jon Prial | Security, Security First

Today is Data Privacy Day 2015 (#dpd2015), an annual event about “respecting privacy, safeguarding data and enabling trust.” Here at Georgian Partners we’ve gotten involved as champions this year since we’ve long believed that companies should take a proactive stance on privacy and data security issues.

Here’s why.

Analytics and the insights they enable require data — often other people’s data. In fact, in today’s connected world it’s highly unlikely that any organization could do interesting analytics without data from another party such as a supplier or user. That data might be generated and controlled by your platform (as in the case of application usage data) or it might be information you collect when new users sign up. In fact, legally speaking the data may even belong to you as a condition of using the platform.

Of course, no customer has to keep using your platform. Users can always choose to stop sharing their data or to no longer use your platform. That’s why in our view — whether consciously or unconsciously — organizations and individuals are constantly making a trade off. They’re effectively bartering their data in exchange for some kind of utility such as free or cheaper access or improved user experience in the form of recommendations.

Take a Proactive Stance

In our 11 Principles of Applied Analytics we recommend that companies take a proactive stance on privacy and treat information rights as something more akin to an ongoing discussion than a one-and-done legal contract. The right to use data is earned and is something that can be taken away. As a result, companies with applied analytics at the heart of their business strategy should take data privacy and governance seriously.

Not surprisingly, it’s also an issue that both consumers and governments are thinking about. One example is the alleged abuse of usage data at Uber via their “God View” program.

6 Pro Tips that Demonstrate Data Privacy Best Practices

So what are some of the things that you can do to move towards a proactive privacy approach? Below are six great tips from the team behind #dpd2015 that are worth thinking about along with our perspective about each:

1. If you collect it protect it. Make sure you are taking proactive steps to protect the data you are managing. Ask yourself what hackers (or simply unauthorized employees) will find when they break into your network. Is your data encrypted? What personally identifiable information (PII) do you really need to keep?

2. Be open and honest about how you collect, use and share customers’ personal information. It’s important to be transparent. The better your relationship with customers and their data, the more goodwill there is to make use of data to the benefit of all parties.

3. Build trust by doing what you say you will do. This is a simple one. It’s about setting expectations and making sure you deliver. While no one is perfect, everyone can be consistent.

4.  Create a culture of privacy in your organization. Privacy needs to be baked into product planning, engineering, marketing and sales, among other areas. It’s shouldn’t just be the concern of just one or two staff.

5. Don’t count on your privacy notice. It’s not enough to rely only on a document that many users won’t read. Make it easy for them to be reminded of how you are using data and why it’s of benefit to them.

6. Conduct due diligence and maintain oversight of partners and vendors. Make sure that third parties are not doing things that don’t fit with your policies and that, in many cases, you could be liable for.

To learn more, check out great infographic below from the National Cyber Security Alliance:

Privacy Is good For Business