A few months ago, Danish researchers used data-scraping software to collect the personal information of nearly 70,000 users of a major online dating site as part of a study they were conducting. The researchers then published their results on an open scientific forum. Their report included the usernames, political leanings, drug usage, and other intimate details of each account.
A firestorm ensued. Although the data gathered and subsequently released was already publicly available, many questioned whether collecting, bundling, and broadcasting the data crossed serious ethical and legal boundaries.
In today’s digital age, data is the primary form of currency. Simply put: Data equals information equals insights equals power.
Technology is advancing at an unprecedented rate — along with data creation and collection. But where should the line be drawn? Where do basic principles come into play to consider the potential harm from data’s use?
Just Because You Can, Doesn’t Mean You Should
While digital advancements enable new opportunities for businesses to compete and thrive, they also create increased exposure to systemic risks. Digital trust — identified as a key trend in the Accenture Technology Vision 2016 report — is very difficult for businesses to build with customers, but very easy to lose.
These risks are recognized in an accompanying Accenture survey of more than 3,100 business and IT executives worldwide. The survey found that 81% of respondents agreed that as the business value of data grows, the risks companies face from improper handling of data increase exponentially. This has resulted in increased security investments across all industries, with global information security spending set to exceed $100 billion by 2019, according to Gartner.
Even so, a singular focus on security is not enough. While data ethics is a new area for most businesses, it must be a key consideration as organizations evaluate starting or continuing their digital transformation journeys.
Some companies are already addressing the need for data ethics to be a central component in their overall business approach. Facebook, for example, recently published a paper that provides a detailed overview of how the company conducts research using the personal data of its users. Facebook announced the creation of an internal review board composed of legal and ethical experts to formulate privacy and ethical standards for corporate research involving human data.
Pivoting to Trust
Accenture’s study found that 83% of executives believe that trust is the cornerstone of the digital economy. But how to achieve that trust remains an open question for most. Here are some recommendations that organizations should consider to establish a code of data ethics:
Focus on data ethics throughout the supply chain. Businesses must handle data in an ethical way throughout their data supply chains — from collection, aggregation, sharing, and analysis to monetization, storage, and disposal. In doing so, organizations can create an environment of trust and accountability with every stakeholder relationship they have. Additionally, by focusing on ethics, organizations will improve the trust their customers have in them. This is a requirement for those that have undergone digital transformations and have become publishers of, or participants in, digital platforms and ecosystems.
For example, Everledger, a permanent ledger for diamond certification and related transaction history, set out to minimize fraud and the prevalence of conflict gems in the diamond industry. To attract investors and realize its goals, the company knew its process would have to be completely transparent, auditable, and immutable. To achieve this, Everledger uses a blockchain architecture that delivers on all of these requirements. Everledger also aggregates data from law enforcement and insurance companies, which in turn use the technology as a verification system, reducing fraud and its associated costs.
Fundamentally change how data is viewed within your business. While a focus on security (is the confidentiality, integrity, and availability of data adequately protected?) and privacy (do controls on data satisfy regulatory requirements?) remains relevant, it’s critical to add lenses for ethics and trust related to data collection, manipulation, and use. To do so, organizations should change their perception of data as just information to one that recognizes data as sensitive and personal. Organizations must recognize the potential for negative use of data if clear standards of ethics and trust are not implemented throughout each business process.
Develop a set of best practices. With best practices, businesses can embed ethical considerations at each stage of product development, service delivery, and the data supply chain. Establishing a companywide code of ethics helps define the types of questions and concerns managers should be raising at each stage of project management and the service delivery lifecycle. Companies should design and implement a data ethics review process, similar to how processes exist for code reviews in software development. With this approach, organizations can be certain that trust is baked in and reinforced with all new offerings, engendering loyalty and confidence among consumers and partners.
Create a universal ethics language. A collectively recognized and accepted taxonomy around data ethics is needed. A common language can provide clarity to all parties involved in the exchange of data. This will prove increasingly valuable as regulatory and insurance industry standards evolve, and will also help practitioners to effectively make sound decisions about data. For example, companies already have policies and procedures in place to address the behavioral risk vectors exploited by cyberattackers. However, as insurance markets (and regulators) begin to recognize internal versus external threats, policies focused on ethical considerations throughout the data supply chain will become as commonplace as a strategy for managing risk.
In today’s digital marketplace, the value of trust is measured by the bottom line. Companies with high trust quotients will gain brand loyalty that allows them to thrive. Those that commit breaches of trust will find themselves encumbered with brand discrimination that can be all but impossible to shed. Leading companies understand the true value of trust and the work it takes to achieve it. The next step is ensuring it is retained by actively including ethical practices into every facet of the organization.
Source: MIT Sloan Management Review
About the Author
Paul Daugherty is the chief technology officer at Accenture, a global company that provides services and solutions in strategy, consulting, digital, technology, and operations.
MIT Sloan Management Review leads the discourse among academic researchers, business executives and other influential thought leaders about advances in management practice, particularly those shaped by technology, that are transforming how people lead and innovate. MIT SMR disseminates new management research and innovative ideas so that thoughtful executives can capitalize on the opportunities generated by rapid organizational, technological and societal change.