Last month, I wrote about some of the privacy issues associated with an era of Big Data. Are we prepared for the drawbacks of a world in which smartphones, sensors, cookies, social networks, search engines can generate a downright scary amount of information about us?
It turns out that I’m hardly the only one asking questions related to this topics. On his site, my friend Alan Berkson writes:
When it comes to anonymization, the challenge is in compliance—it’s easier to prove you are doing something than that you’re not doing something. Just because you can show you’re stripping out personal information doesn’t mean you aren’t keeping a second copy somewhere else. And even if you succeed in anonymizing the data, and can prove it, there’s no guarantee someone can’t de-anonymize it right back. Businesses need to get out in front of this issue. How they handle privacy and data will determine the level of regulation to which they may be subjected.
Berkson is absolutely right, and not just about the potential of future legislative sanctions related to privacy.
Can should never be confused with should.
Think about the potential brand and company damage that can take place if an organization violates privacy/data collection laws–or at least social norms. To be sure, it’s true that European regulators take privacy more seriously than we do in the US. Despite this legislative oversight, however, cultural and business norms dictate that organizations at least pay lip service to privacy.
It’s impossible to answer this question, but how much reputational damage have Facebook and Google incurred by failing at key points to take privacy seriously? More important, could your organization sustain a comparable hit to its brand? Are you willing to take that chance?
Ours is an era characterized by Big Data, cheap data storage, near-constant connectivity, and unprecedented technologies. I’d argue that legal institutions that can’t keep up with the tsunami of technologies changing our lives in ways that we’re only beginning to understand.
Ultimately, organizations need to deal with a thorny issue: Does the fact that they can track user or customer data mean that they should?
Remember to ask yourself that question as you tackle your business challenges. What might work in the short term may well cost you considerably in the long term.
What say you?
I wrote this post as part of the IBM for Midsize Business program
Photo courtesy of Thomas Tolkien via Compfight.