Organisations Need A Data Ethics Strategy

Uploaded on 2017-08-24 in BUSINESS-Services-Consulting, BUSINESS-Services-IT & Telecoms, FREE TO VIEW, NEWS-Cybersecurity News

A widespread, headline-grabbing problem often is an opportunity for savvy businesses. A case in point: personal data.

Consumers are increasingly concerned that companies are amassing enormous amounts of information about their activities, online and off, and using that data in unethical ways.

Politicians worldwide are increasingly leveraging that concern to get or stay elected by backing laws that limit how companies can use personal data.

Now it’s time for businesses to do more on their own, not just to head off additional, potentially heavy-handed regulations, but more so as a powerful new market differentiator.

“Data ethics” can give companies a competitive edge, especially when their target customers value social responsibility. Apple is one example of a household name that’s already using this strategy.

“Our privacy is being attacked on multiple fronts,” CEO Tim Cook said at a June 2015 Electronic Privacy Information Center dinner. “I'm speaking to you from Silicon Valley, where some of the most prominent and successful companies have built their businesses by lulling their customers into complacency about their personal information. We think that's wrong. And it's not the kind of company that Apple wants to be.”

Lip Service Won’t Do

Meanwhile, something else is growing: Consumer fears that their personal data will wind up in hackers’ hands or abused commercially and politically. That’s grounded in the reality of almost daily headlines about yet another retailer, bank, utility company or ISP getting hacked or using data in an unethical way.

Consumers are increasingly fighting back in a variety of ways. Some are technological, such as choosing encrypted services, private search engines, ad blockers and other “privacy tech.” Others are grass roots, such as lobbying politicians for new protections and boycotting businesses that they perceive as playing fast and loose with customer data.

Both types of responses create problems for businesses, but they don’t have to. In fact, when that many consumers are that concerned, it’s an enormous opportunity for companies to showcase why they’re the exception to the rule. For example, by giving customers complete control over which data is collected and how it’s used, a business has another effective way to attract and retain customers.

The catch? Those businesses have to deliver on that promise. Many don’t. Ashley Madison is an example of these privacy charlatans whose brand and bottom line suffered when they didn’t follow through.

To avoid that fate, and having a law nicknamed after their company, organisations should implement a privacy-by-design philosophy. To be effective, that philosophy has to be applied organisation-wide because so many departments have access to customer data. So it’s no surprise that Gartner predicts that by next year, half of business ethics violations will occur due to improper use of big data.
 
How to Get Started

When developing a privacy-by-design philosophy, one place to start is “Ethically Aligned Design: A Vision for Prioritising Human Wellbeing with Artificial Intelligence and Autonomous Systems.” Created by the IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems.

This free publication features a chapter, “Personal Data and Individual Access Control”, that’s a crash course in understanding the key concepts, major laws and potential options, as well as real-world examples of how organisations are turning this problem into an opportunity.

One example is IDNYC, free, government-issue ID card for all New York City residents. The program has strict limits on the amount of time physical application documents are held before destroying them and who can access the enrollment information and the ID database, including other government and security agencies. Those strategies are equally applicable to many businesses, such as banks.

The bottom line is that data ethics isn’t a fad. Twenty years ago, most organisations didn’t take environmental reporting seriously. The visionary ones saw growing consumer, investor and regulator concern about the environment and responded accordingly.

Data ethics is evolving the same way. The most visionary companies are highly aware of how data ethics fits into their general social corporate responsibility framework.

They don't just pay it lip service, either. Instead, they build their entire organisations around the data ethics. Sure, there will always be lots of privacy charlatans and other bad actors, but every headline they make means a bigger, positive spotlight on their ethical rivals.

Information-Management:

You Might Also Read:

88% Feel Vulnerable To Data Threats:

Data Threat: Your Ex-Employees:

 

« The “augmented human” Concept Becomes Reality
4 Steps Toward A GDPR Compliance Audit »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BCS, The chartered Institute for IT

BCS, The chartered Institute for IT

BCS provides IT professionals with up to date and relevant certifications enabling them to manage IT security effectively within their budget.

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

AFCERT

AFCERT

AFCERT is the national Computer Emergency Response Team for Afghanistan.

ComTrue Technologies

ComTrue Technologies

ComTrue Technologies provides artificial intelligence solutions and information security solutions.

CLDigital

CLDigital

CLDigital's no-code risk and resilience platform, CL360, provides leaders with risk and resilience data to make strategic and tactical continuity decisions.

KeyXentic

KeyXentic

KeyXentic Inc. is a professional mobile and data security service provider. We are devoted to design convenient and strong security for user’s data protection and privacy without any compromise.

TechDemocracy

TechDemocracy

TechDemocracy are a trusted, global cyber risk assurance solutions provider whose DNA is rooted in cyber advisory, managed and implementation services.

Evina

Evina

Evina offers the most advanced cybersecurity and fraud protection for mobile payment.

Epiphany Systems

Epiphany Systems

Epiphany enhances your defensive security controls by providing you with an offensive perspective. We expose the most likely attack paths to your most critical IT assets and users.

Searchlight Cyber

Searchlight Cyber

Searchlight Cyber is a leading darknet intelligence company. Working with law enforcement, industry, and end users to help protect society against the threats of the darknet.

Orro Group

Orro Group

Orro create 'future now' solutions that make it faster, simpler and safer for you to access, store and share information. Wherever, whenever and with whomever you want.

Tarlogic

Tarlogic

Tarlogic works to protect and defend your security with the highest quality technical team with next generation solutions to achieve the best protection.

Sri Lanka CERT

Sri Lanka CERT

Sri Lanka CERT is the National Centre for Cyber Security, which has the national responsibility of protecting the nation’s cyberspace from cyber threats.

rThreat

rThreat

rThreat is a cloud-based SaaS solution that challenges your cyber defenses using real-world and custom threats in a secure environment, ensuring your readiness for attacks.

CYNC Secure

CYNC Secure

CYNC boosts cybersecurity remediation by consolidating fragmented data and optimizing operational processes.