Practically every company today depends on data to help drive their business. We may be living in the age of Big Data, but with the Facebook scandal in the news, and the European General Data Protection Regulation (GDPR) about to go into effect, many companies are left wondering, what happens now?
And the rumbling of this question is only going to get louder as the Internet of Things becomes more pervasive. The amount of data in the IoT era that communications service providers (CSPs) will need to manage and protect is about to skyrocket and puts CSPs in the thick of this debate. A report by the US Federal Tradition Commission (FTC) found that fewer than 10,000 households can generate 150 million discrete data points every day, creating more entry points for hackers and leaving sensitive information vulnerable.
Gone are the days where data captures simply included a name and address. Today, data collected and transmitted by smart devices goes beyond personally identifying information and creates a detailed pattern of our personal lives in real time. There is now enough information available for an insurance company to gather information about your driving habits through a connected car when calculating your insurance rate or determine your health risk from the data extracted from your fitness tracker. In the wrong hands, fraudsters could use this data to virtually invade your home.
Up until this point, consumers have provided ‘consent’ for their data to be collected when they accepted the terms of service, but increasingly they have done so without truly understanding what they are agreeing to. In fact, a recent research paper states that only 0.11% of users click on a link to an e-commerce site's terms of service, about one in a thousand. The Facebook scandal demonstrated the outrage by consumers and regulatory authorities when their data was used to potentially influence the U.S. presidential election.
The European Union has made steps, through the GDPR, to increase consumer privacy by putting the onus on the ‘data controller’ and ‘data processor’. Whereby the ‘data controller’ is the entity that determines the purposes and means of the processing of personal data; and the ‘data processor’ is the entity that processes personal data on behalf of the controller. In an IoT world, a CSP can be both.
While GDPR is set to be implemented on the 25th of May in EU nations, in the wake of the Facebook scandal, communications service providers across the world should consider how they can become a ‘trusted data steward’.
So, what exactly is a ‘trusted data steward’? According to a recent report by Boston Consulting Group (BCG) and global law firm DLA Piper, for a person or organization to earn this title, “they must go beyond meeting GDPR compliance regulations and work to earn a greater level of trust with those whose data they are tasked with managing.”
But before the work of building trust can begin, you must first understand how your customers feel about their data, because as the BCG study shows, it’s not all the same. For instance, across Europe, banking and credit card data is considered off limits. Most people do not want this type of data shared in any way. While information about brand preferences, name, age, hobbies, and gender seems to matter less.
Another factor in being a good data steward is transparency. Your customers will be more willing to share information if they know what you are doing with it. For instance, targeted offers and internal improvements, such as fighting fraud and improving products and services, are completely fine. Yet BCG research shows most companies are actually overly cautious when it comes to customer data. Customers are generally willing to accept tradeoffs for companies using their information, so long as they are given the opportunity to decide this for themselves.
In addition, different types of businesses garner different levels of trust and expectations. For those living in the U.K., research shows that credit card companies, along with search engines and social media sites, are at the bottom of the heap in terms of consumer trustworthiness when it comes to respecting data privacy. While wireless and cable companies are seen as more trustworthy. It is important that carriers work to maintain that level of trust by protecting their customers from potential data theft or misuse.
Protecting and improving the trust factor is critical for doing business in today’s digital world, and communications companies must take heed. Communications service providers that become a data steward will earn the trust of well-informed customers, garner greater value out of their customer data, and in turn will position them to obtain the consent of their customers for future use cases. If they do not – their competitors will only be too happy to take the privilege of consumer trust from them.
For more information about WeDo Technologies, where we are and how we can support your business with, please contact us.