Click to learn more about Ian Rowlands.
There’s a legitimate concern about how data – and more specifically Big Data – is used. Powerful capabilities open the door to very sophisticated decision making that inadvertently strays into the realm of the unethical.
Although I recognize the concern, I must admit that the publication of a report by the Federal Trade Commission this month made chills run up and down my spine. “Big Data: A Tool For Inclusion or Exclusion”[1] puts businesses on notice that the “The Commission will continue to monitor areas where big data practices could violate existing laws,… and will bring enforcement actions where appropriate.”
The European Union has, so far, seemed to set the pace in regulating the ethical use of consumer data but it seems as though the FTC, with its identification of the FTC Act, the Fair Credit Reporting Act and equal opportunity legislation as particular areas of interest, is slowly moving to play a part in the process.
So what should you do about this? In the short term, make sure that your Big Data leaders have read the FTC report, and review carefully the “Questions for Legal Compliance” that it lays out.
More broadly, any data-dependent business (and what business isn’t data-dependent now?) should have a compliance ecosystem in place and should make sure that the ecosystem encompasses Big Data usage.
What bothers me about all this is that there is a fine line between protecting “low income and underserved populations” – the focus of the workshop held in September 2014 to discuss the same issues – and limiting (or driving) the use of data in ways that could hamper the legitimate activities of markets.
One thing is certain. The regulation train is stopping. That means that a “zero-gap” data management environment has to become part of the cost of doing business. It’s an interesting challenge, especially in an era when “self-service” analytics are increasingly becoming the norm. There was a time when the I.T. organization could feel, comfortably, that data was contained an environment over which it had total control. No data came in, and no data moved out, without I.T. being in control. Now three trends (at least) have eroded that security. Data that used to be accessed only in the Data Center is being used for those self-service analytics. Data is being stored in the cloud instead of on premise. More and more data is being “imported” from outside of the enterprise. Add to this the algorithmic complexity introduced by Big Data and asserting compliance becomes really hard. It’s time to build a comprehensive compliance framework before the problem gets out of hand. Traceability, security and ethical use all need to be clearly controlled and documented. If you don’t do it, Big Brother will do it for you!
[1] https–www.ftc.gov-system-files-documents-reports-big-data-tool-inclusion-or-exclusion-understanding-issues-160106big-data-rpt.pdf