Organisations Need A Data Ethics Strategy

A widespread, headline-grabbing problem often is an opportunity for savvy businesses. A case in point: personal data.

Consumers are increasingly concerned that companies are amassing enormous amounts of information about their activities, online and off, and using that data in unethical ways.

Politicians worldwide are increasingly leveraging that concern to get or stay elected by backing laws that limit how companies can use personal data.

Now it’s time for businesses to do more on their own, not just to head off additional, potentially heavy-handed regulations, but more so as a powerful new market differentiator.

“Data ethics” can give companies a competitive edge, especially when their target customers value social responsibility. Apple is one example of a household name that’s already using this strategy.

“Our privacy is being attacked on multiple fronts,” CEO Tim Cook said at a June 2015 Electronic Privacy Information Center dinner. “I'm speaking to you from Silicon Valley, where some of the most prominent and successful companies have built their businesses by lulling their customers into complacency about their personal information. We think that's wrong. And it's not the kind of company that Apple wants to be.”

Lip Service Won’t Do

Meanwhile, something else is growing: Consumer fears that their personal data will wind up in hackers’ hands or abused commercially and politically. That’s grounded in the reality of almost daily headlines about yet another retailer, bank, utility company or ISP getting hacked or using data in an unethical way.

Consumers are increasingly fighting back in a variety of ways. Some are technological, such as choosing encrypted services, private search engines, ad blockers and other “privacy tech.” Others are grass roots, such as lobbying politicians for new protections and boycotting businesses that they perceive as playing fast and loose with customer data.

Both types of responses create problems for businesses, but they don’t have to. In fact, when that many consumers are that concerned, it’s an enormous opportunity for companies to showcase why they’re the exception to the rule. For example, by giving customers complete control over which data is collected and how it’s used, a business has another effective way to attract and retain customers.

The catch? Those businesses have to deliver on that promise. Many don’t. Ashley Madison is an example of these privacy charlatans whose brand and bottom line suffered when they didn’t follow through.

To avoid that fate, and having a law nicknamed after their company, organisations should implement a privacy-by-design philosophy. To be effective, that philosophy has to be applied organisation-wide because so many departments have access to customer data. So it’s no surprise that Gartner predicts that by next year, half of business ethics violations will occur due to improper use of big data.
 
How to Get Started

When developing a privacy-by-design philosophy, one place to start is “Ethically Aligned Design: A Vision for Prioritising Human Wellbeing with Artificial Intelligence and Autonomous Systems.” Created by the IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems.

This free publication features a chapter, “Personal Data and Individual Access Control”, that’s a crash course in understanding the key concepts, major laws and potential options, as well as real-world examples of how organisations are turning this problem into an opportunity.

One example is IDNYC, free, government-issue ID card for all New York City residents. The program has strict limits on the amount of time physical application documents are held before destroying them and who can access the enrollment information and the ID database, including other government and security agencies. Those strategies are equally applicable to many businesses, such as banks.

The bottom line is that data ethics isn’t a fad. Twenty years ago, most organisations didn’t take environmental reporting seriously. The visionary ones saw growing consumer, investor and regulator concern about the environment and responded accordingly.

Data ethics is evolving the same way. The most visionary companies are highly aware of how data ethics fits into their general social corporate responsibility framework.

They don't just pay it lip service, either. Instead, they build their entire organisations around the data ethics. Sure, there will always be lots of privacy charlatans and other bad actors, but every headline they make means a bigger, positive spotlight on their ethical rivals.

Information-Management:

You Might Also Read:

88% Feel Vulnerable To Data Threats:

Data Threat: Your Ex-Employees:

 

« The “augmented human” Concept Becomes Reality
4 Steps Toward A GDPR Compliance Audit »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

Janusnet

Janusnet

Janusnet develops software and solutions for organisations to enforce and manage data security.

Progress Flowmon

Progress Flowmon

Progress Flowmon (formerly Flowmon Networks) provide high performance network monitoring technology and behavior analytics to enhance network performance and deal with cyber threats.

AFCON Control & Automation

AFCON Control & Automation

AFCON is a leading global provider of software solutions and services for the smart management of Control & Automation systems in the age of Digital Transformation.

Critifence

Critifence

Critifence provides unique Cyber Security solutions designed for Critical Infrastructure, SCADA and Industrial Control Systems.

Seric Systems

Seric Systems

Seric is a technology business specialising in security, infrastructure and data management.

Kocho

Kocho

Kocho (formerly TiG) is a provider of identity and access, cyber security, cloud transformation, and managed IT services.

Arqit Quantum

Arqit Quantum

Arqit's mission is to use transformational quantum encryption technology to keep safe the data of our governments, enterprises and citizens.

QuSecure

QuSecure

QuSecure provides a software-driven security architecture that overlays your current infrastructure and provides next-generation security to protect your entire network from quantum threats.

North East Business Resilience Centre (NEBRC)

North East Business Resilience Centre (NEBRC)

The North East Business Resilience Centre is a non-profit organisation here to support businesses in the North East of England in protecting themselves from cyber crimes and fraud.

SharkStriker

SharkStriker

SharkStriker is a US based managed security services provider with SOCs and offices across the globe.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

Rausch Advisory Services

Rausch Advisory Services

Rausch delivers solutions that address compliance, enterprise risk, information technology and human resource capital.

PagerDuty

PagerDuty

PagerDuty is the central nervous system for a company’s digital operations. We identify issues in real-time and bring together the right people to respond to problems faster.

Lab 1

Lab 1

Lab 1 turns criminal data breaches and attacks into insights. Get alerts of data breaches or ransomware attack incidents as they happen.

Trustack

Trustack

Trustack services cover connectivity, infrastructure services, security, unified comms, agile working and more. Our team of consultants deliver customised solutions tailored to your needs.