Rolling out Big Data in your Enterprise? Don’t get Sued

In the sci-fi movie “Minority Report” starring Tom Cruise there is an unsettling and creepy scene where his character walks into a mall and a camera scans his eyes.

And immediately, he gets to see ads selling beer and tank tops, and other ads offering discounts, ads that say his name and customizes the pitch according to his history with the brand.

If you were a customer you would likely be very uncomfortable in such a situation.

But given how Big Data technologies are panning out this day is not far out into the future. Already, Facebook has started offering location data and ad engagement history to retailers which will let them customize ads even further.

Re-targeting ads that seem to follow users across the Internet are making a lot of people uncomfortable. And insights from Big Data is already diving people into cohorts, making some pay more for similar services.

From a Kaspersky blog post

Questionable clients who like to treat themselves with French fries are expected to receive higher life insurance rates, or even a denial….

… Banks readily join insurers in the rush for your data. Do you want a loan? Analytics will scan your spending behavior to see if you splurge on vacations or buy high-end brands…

These imposed relationships can lead to real financial consequences: when banks think you are inclined to overspending, you get ready for higher interest rates. People from ‘unreliable’ groups may never receive a certain loan or service just because they will never see these products advertised.

The extra-tech concerns around Big Data

These decisions can add up over long time and impact society in multiple ways- many people won’t get loans, a number of them won’t get access to affordable healthcare, and based on what an algorithm says a whole section might be denied jobs or promotions.

That is the reason why Big Data roll-out decisions should incorporate non-tech nuances as well.

Another Big Data concern is security.

All the terabytes of customer data and insights derived from analytics are sitting in some data warehouse are vulnerable to malicious hackers.  Hackers have repeatedly broken into entities like Home Depot, Target, JP Morgan, Barclays, UCLA Health etc. and stole millions of credit card numbers, social security numbers, patient health information records etc.

This infographic from HP Enterprise shows how many records were stolen in the biggest data breaches of 2014

Image courtesy HP Enterprise

A lot of companies still have lax attitudes to security, and what might have been a small campfire with few thousand records being stolen will now look like a massive wildfire in the context of Big Data.

Managing Big data’s legal and ethical challenges

Big Data is a competitive advantage for any company, let alone an enterprise.

In a previous blog post we wrote about how JP Morgan has been using Big Data and predictive analytics to catch rogue traders before they commit financial fraud, and how hospitals are analyzing patient behavior and past medical incidents to deliver optimal healthcare to maximum number of patients.

But all these advantages will be for naught if decision makers like CIOs fail to anticipate the real world implications of Big Data and don’t have adequate systems to deal with contingencies.

Here are some key points:

1. Data ownership- Who owns your structured and unstructured data? EU regulations mandate that the individual has the ultimate control over their data regardless of its economic value. Theoretically if a company is operating in Europe there is a chance that it could lose every byte of data stored in its databases because customers refused to share it. This scenario would be catastrophic. The situation in other jurisdictions is less clear, and data usage policies have to incorporate these facts. A due diligence of Big Data should be carried out to understand what data you own, what data third parties own and what data is out of your control.
2. Future privacy considerations: As user concerns over data privacy and data protections continue to mount regulatory bodies are constantly tweaking rules. Many data types which can now be collected normally might have to be anonymized in the future as legal rules change. There is a need to always revisit privacy issues.
3. Licensing and sharing: Companies have always bought, sold or licensed data. But as regulations get stringent there is a need to have well thought out processes at the point of collection of data so that the consumer doesn’t get a nasty surprise and the company is not blindsided by a legal challenge.

Safeguarding Big Data from misuse

Companies planning on Big Data initiatives need to set up a legal team to get clarity around these and many other issues.  For a robust Big Data superstructure these legal and policy issues need to be taken up in earnest even before the tech side of the problem gets tackled.