Organisations Need A Data Ethics Strategy

A widespread, headline-grabbing problem often is an opportunity for savvy businesses. A case in point: personal data.

Consumers are increasingly concerned that companies are amassing enormous amounts of information about their activities, online and off, and using that data in unethical ways.

Politicians worldwide are increasingly leveraging that concern to get or stay elected by backing laws that limit how companies can use personal data.

Now it’s time for businesses to do more on their own, not just to head off additional, potentially heavy-handed regulations, but more so as a powerful new market differentiator.

“Data ethics” can give companies a competitive edge, especially when their target customers value social responsibility. Apple is one example of a household name that’s already using this strategy.

“Our privacy is being attacked on multiple fronts,” CEO Tim Cook said at a June 2015 Electronic Privacy Information Center dinner. “I'm speaking to you from Silicon Valley, where some of the most prominent and successful companies have built their businesses by lulling their customers into complacency about their personal information. We think that's wrong. And it's not the kind of company that Apple wants to be.”

Lip Service Won’t Do

Meanwhile, something else is growing: Consumer fears that their personal data will wind up in hackers’ hands or abused commercially and politically. That’s grounded in the reality of almost daily headlines about yet another retailer, bank, utility company or ISP getting hacked or using data in an unethical way.

Consumers are increasingly fighting back in a variety of ways. Some are technological, such as choosing encrypted services, private search engines, ad blockers and other “privacy tech.” Others are grass roots, such as lobbying politicians for new protections and boycotting businesses that they perceive as playing fast and loose with customer data.

Both types of responses create problems for businesses, but they don’t have to. In fact, when that many consumers are that concerned, it’s an enormous opportunity for companies to showcase why they’re the exception to the rule. For example, by giving customers complete control over which data is collected and how it’s used, a business has another effective way to attract and retain customers.

The catch? Those businesses have to deliver on that promise. Many don’t. Ashley Madison is an example of these privacy charlatans whose brand and bottom line suffered when they didn’t follow through.

To avoid that fate, and having a law nicknamed after their company, organisations should implement a privacy-by-design philosophy. To be effective, that philosophy has to be applied organisation-wide because so many departments have access to customer data. So it’s no surprise that Gartner predicts that by next year, half of business ethics violations will occur due to improper use of big data.
 
How to Get Started

When developing a privacy-by-design philosophy, one place to start is “Ethically Aligned Design: A Vision for Prioritising Human Wellbeing with Artificial Intelligence and Autonomous Systems.” Created by the IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems.

This free publication features a chapter, “Personal Data and Individual Access Control”, that’s a crash course in understanding the key concepts, major laws and potential options, as well as real-world examples of how organisations are turning this problem into an opportunity.

One example is IDNYC, free, government-issue ID card for all New York City residents. The program has strict limits on the amount of time physical application documents are held before destroying them and who can access the enrollment information and the ID database, including other government and security agencies. Those strategies are equally applicable to many businesses, such as banks.

The bottom line is that data ethics isn’t a fad. Twenty years ago, most organisations didn’t take environmental reporting seriously. The visionary ones saw growing consumer, investor and regulator concern about the environment and responded accordingly.

Data ethics is evolving the same way. The most visionary companies are highly aware of how data ethics fits into their general social corporate responsibility framework.

They don't just pay it lip service, either. Instead, they build their entire organisations around the data ethics. Sure, there will always be lots of privacy charlatans and other bad actors, but every headline they make means a bigger, positive spotlight on their ethical rivals.

Information-Management:

You Might Also Read:

88% Feel Vulnerable To Data Threats:

Data Threat: Your Ex-Employees:

 

« The “augmented human” Concept Becomes Reality
4 Steps Toward A GDPR Compliance Audit »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Secure Innovations

Secure Innovations

Secure Innovations is a cybersecurity firm dedicated to providing top-tier cyber security solutions for the Defense and the Intelligence Community.

Cask Government Services

Cask Government Services

Cask Government Services focuses on program management, cybersecurity, logistics, business analysis and engineering services for Federal, State and Local Government.

Perch Security

Perch Security

Perch is a co-managed threat detection and response platform backed by an in-house Security Operations Center (SOC).

Sharktech

Sharktech

Sharktech designs, develops, and supports advanced DDoS protection and web technologies.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

ThreatLocker

ThreatLocker

The ThreatLocker Platform provides a Zero Trust security solution that offers a unified approach to protecting users, devices, and networks against the exploitation of zero day vulnerabilities.

Tenet3

Tenet3

Tenet3's vision is to make optimal cyber strategy development tractable, data driven, with concrete success metrics. The result is cost effective cyber resilience for our customers.

SideChannel

SideChannel

At SideChannel, we match companies with an expert virtual CISO (vCISO), so your organization can assess cyber risk and ensure cybersecurity compliance.

Timus Networks

Timus Networks

Timus Networks enables today's work from anywhere organizations to secure their networks very easily and cost effectively.

SecureTeam

SecureTeam

SecureTeam are a UK-based information security practice, specialising in all areas of cybersecurity.

SIEM Xpert

SIEM Xpert

SIEM Xpert is a leader in Cyber Security Trainings and services since 2015.

The Cyber Scheme

The Cyber Scheme

The Cyber Scheme provides NCSC certified and assured assessments, training and career support for security testers & technical cyber professionals.

Seal Security

Seal Security

Seal Security revolutionizes software supply chain security operations, empowering organizations to automate and scale their open source vulnerability remediation and patch management.

Gleam Cloud Security Solutions (GCSS)

Gleam Cloud Security Solutions (GCSS)

GCSS Security is an information security firm providing cyber security protection with a highly skilled and experienced team focused on technology that creates best-in-class customer experiences.

Cakewalk

Cakewalk

Cakewalk is the new standard in easy Access Control. Trusted by IT & Security teams. Loved by employees.

Forthright Technology Partners

Forthright Technology Partners

Forthright Technology Partners (Forthright) is a next-generation cloud and managed IT services provider serving a global clientele.