Showing data privacy in the cloud
From an organizational standpoint, personal data has become the equivalent of the TV show “Hoarders”. Companies see customer data as valuable and therefore choose to hoard all of it and decipher how to use it later on.

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

PII has become a version of a natural resource like oil that is monetized

According to the United Nations Conference on Trade and Development 66% of the 194 member countries have adopted some form of privacy related legislation. Surprisingly, for a country that espouses the personal liberties of its citizens, the United States ranks in the middle of the pack for privacy protections. 

What does this mean for businesses and consumers?  

From a business standpoint, I would refer to Randy Au’s excellent article focusing on the following key areas a business should understand about its collection of electronic artefacts and how this information is used.

 

As Randy points out in his article, this understanding can be applied to any data set in a business and is not a simple, easy to execute process.

For purposes of this article, we will focus on consumer data and the relationship with personally identifiable information (PII). 

 

From an organizational standpoint, personal data has become the equivalent of the TV show Hoarders. Companies see customer data as valuable and therefore choose to hoard all of it and decipher how to use it later on. Some organizations who are more efficient at monetizing the Personal Data Hoard (PDH [I just made that up so feel free to bandy it about in casual conversation]) have become wildly successful as a result, yet are now subject to numerous international investigations and regulatory penalties. As part of modern business practice, both private and public organizations may package and re-sell personal data to other interested parties who focus on specific consumer behaviors. Unfortunately, this practice of sharing does not provide a singular shift of the data from one organization to another, but instead doubles the PII as it now sits in two organizations. In other words, PII has become a version of a natural resource like oil that is monetized by private companies at multiple points in its lifecycle however unlike oil, personal data doesn’t eventually get fully repurposed and transitioned to a final product. 

 

So what is personal data? 

 

To most people it implies social security numbers, birthdate, and address yet in the age of mobile computing, personal data encompasses a much broader section of information and includes information that most people are unaware of providing and/or sharing. Unfortunately, in almost all cases privacy has not been used as a primary, or even secondary, consideration in the design of the vast majority of digital businesses. 

 

According to the recent California Data Protection Act (CCPA), all data included in the following example would be considered personal data: 

 

They wake up with a mobile phone notification in their apartment. They check the news feeds and go hit a coffee shop for breakfast. Then it’s off to their car where they use a navigation app to find the location of a new doctor. On the way to the doctor’s office, they listen to a satellite radio feed and fail to maintain the speed limit. When they arrive at the doctor’s office, they browse some websites on their mobile phone in the waiting room and buy a new healthcare supplement that pops up on the feed. They are then off to the grocery store and pharmacy, where they pick up new medications and use a loyalty card to purchase some cheese; all of which is posted via video detailing their recent diagnosis, the cheese and their cat, Festus. Finally, their day has come to an end and they launch Netflix on their smart TV (also linked to their social media account) and binge watch Peaky Blinders with sub-titles until falling asleep; all of which is conveniently logged and reported to multiple parties via their wearable health device and mobile phone. 

 

The recent Parler hack is a great example of how much user information was collected by the platform highlighting how minimal user information was secured, protected and anonymized. A much more tangible example of this practice is the website I Know Where Your Cat Lives that uses publicly available information from cat pictures showing where they, and their owners, live. Check it out, especially if you are a picture posting cat lover. 

 

Place a higher value on relationships with companies that put privacy on a pedestal and not in the corner.

People, and this means you reader types, should take a minute to learn a little more about the data they are currently sharing and the companies that use and sell the data collected. If you know your information is being shared and re-shared without your permission, make the company aware of your desire for that information to not be shared.

 

Finally, at a minimum, be aware of your phone privacy settings and restrict what you are sharing, your permissions with regard to whom your data is shared with; and, most importantly, place a higher value on relationships with companies that put privacy on a pedestal and not in the corner. 

About the Author

About the Author

David Maberry

David has over twenty-five years of experience in leading the application of emerging technologies while streamlining governance requirements and thereby creating sustainable, organizational change. 

Prior to joining Verif-y, David was a Managing Director for PwC where he was responsible for the risk assurance emerging technologies practice. He has also served as the Chief Risk Officer for a financial services organization and, finally he was a Principal at Deloitte where he focused on privacy and security initiatives. He is a frequent guest lecturer at national and local professional services conferences on subjects such as enterprise risk management, emerging technologies and organizational transformation.

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Showing data privacy in the cloud
Blog

Be Aware Of Your Data

From an organizational standpoint, personal data has become the equivalent of the TV show “Hoarders”. Companies see customer data as valuable and therefore choose to hoard all of it and decipher how to use it later on.

Do You Want To Boost Your Business?

Contact Us to Learn More

Let's Talk!

We’re Here To Assist You

Learn more about our best-in-class B2B identity verification services.

Contact us to schedule a call or demo to answer all of your questions.