May I Use Your Data?

Online Extra - Big Data Privacy- Laura Hartman

Laura Hartman, Vincent de Paul Professor of Business Ethics

By Denise Mattson

With big data comes big responsibility, but many users of personal information have done an inadequate job of ensuring consumer protection and privacy, leaving millions susceptible to data theft and other cybercrimes. The ever-increasing size of our digital footprint has created a growing number of traceable data points that can be exploited for everything from increasing sales to ferreting out potential terrorists to stealing one’s identity.

McKinsey & Company researchers called big data “the next frontier in innovation.” It found that large data sets create value by making information more usable, improving performance, enabling better product targeting, refining decision-making and improving service to customers.

That’s the case from a business point of view, but what about the consumer’s perspective? Is what some might consider an invasion of privacy an effective way to improve customer service?

Laura Pincus Hartman, a Vincent de Paul Professor of Business Ethics in the Driehaus College of Business, says that boundaries should exist between data holders and data owners, and that these boundaries can be negotiated through notifications and permissions.

“Figuring out which side of the bed you sleep on seems to be one of the hottest data points in the hotel business. That’s where the staff will place a water bottle and other amenities, which means a lot when you roll out of bed in the morning,” wrote consumer advocate Christopher Elliott in USA Today. Elliott says that staff collects such intelligence through spoken, written and online comments about preferences for storage in a database designed to customize customer experiences and increase brand loyalty.

But what additional information might a hotel learn or surmise about a guest by collecting such intimate information? Hartman suggests the question can be neutralized easily if the hotel simply were to tell its affinity cardholders “we’d like to delight you with the invisibility of our service,” and allow the cardholder to authorize the level of hospitality that meets their needs, or perhaps, most protects their privacy.

Facebook, the ubiquitous social media site, matches user demographics with advertisers’ products to deliver targeted ads that annoy some users. “Facebook is free because advertisers pay for it,” she says. By using Facebook, people gain access to a convenient method of communication and advertisers gain the opportunity to generate attention for their products.

“Facebook is a private company,” Hartman notes. “It is not a public service. If you don’t like what they do with your data, you don’t have to use it.”

Other countries have much stronger privacy protections than the United States. “Europe’s data protection directive does not allow data to be transferred to non-European Union countries unless there is an adequate level of protection in that country, or if the recipient can guarantee that they will uphold the same level of protection as the directive,” Hartman reports.

Despite the relative strength of its pro-consumer policies, the European Union is exploring even stronger information safeguards. “This proposed regulation includes a ‘right to be forgotten,’ which will help people better manage data protection risks online: people will be able to delete their data if there are no legitimate grounds for retaining it,” she says.

With the next big data breach inevitably right around the corner, Americans may wish they had the right to be forgotten.