We used to talk a lot about sectors. When it comes to consumer data – in terms of both risk and opportunity – it is clear that segmenting the world into sectors has less and less meaning. Consider the long-time holy grail of the “Single Customer View” (SCV). Retail businesses have invested extensively in joining the dots and moving towards a meaningful SCV in order to meet customer expectations and improve ROI on marketing and advertising spend.
But what now for the ‘traditional’ cross-channel but retailer-specific SCV given that consumers order groceries through their fridges, park connected cars at supermarket charge points, pay for lunch with their phones, and consume media through connected devices?
To what extent does a truly singular SCV require open data access across the whole of the ‘information economy’, whether that’s energy supply, the development of ‘connected’ homes, smarter retail financial services, or media and publishing? Is that singular view of an individual still the holy grail, or would that instead be inviting a descent into an Orwellian dystopia?
If you follow privacy and data protection law at all, you will know that regulators across the world are grappling with some really big questions here. It’s not (always) about a technical application of legal principles and complex statutes. We increasingly see challenging, broad and fundamental questions about data ethics appearing front and centre of the debate.
Yes, consumers want seamless experiences, value and relevance. Yes, businesses want to differentiate themselves by truly knowing the customer being able to anticipate their needs and wants. But until the public and regulatory discourse on some of these ‘big ticket’ issues is a bit more settled, businesses pushing the boundaries in the information economy without asking themselves some of these challenging questions could be taking on considerable and unknown risk. A healthy risk appetite can be a great asset, but only when that ‘leap’ is taken from an informed position.
A connected world, in which consumers are (literally) plugged into more and more points within the broader information economy, creates massive opportunity for retailers. For example, we frequently see retailers wanting to ‘ingest’ or match datasets simply because they can, and because the insights can be incredible, and because the relevant partners or suppliers can seemingly give credible reassurances about what ‘everyone else is doing’.
When we advise businesses on managing data risk, we often come back to the concept of a ‘spectrum’ of privacy-intrusiveness, and the corresponding risk appetite within the business. Just because you can deliver (or think that everyone else is delivering) insights based on bigger, broader, cross-sector datasets, should you?
How would the consumer feel about it if they truly understood what was happening? If you had to spell it out in crystal clear language to your consumers, would you want to? Talking through a ‘worst case scenario’ from a privacy perspective can also be a great sense check. If we get this really wrong – if our predictions based on the data lead to wasted spend and unfairness at best, or discrimination and obvious distress at worst – then what?
The really good news is that there are lots of practical ways of identifying and managing data-related legal and regulatory risk, and lots of ways to manage the delivery of business strategies whose foundations are built on the information economy.
Often the first questions are the most difficult ones: are we aligned on risk appetite here? Do we really understand the risk that we are considering taking on? How would we feel about a ‘straight-faced conversation’ about the proposed activity with a consumer or a regulator? Only then should you start to look at the nuts and bolts of the arrangement.
The reality is that the earlier you look at these issues, the better (the very concept of privacy and data protection by design mandates this in any event). Not only do you stand a better chance of identifying and mitigating risk, but you get yourselves ready and ‘on the blocks’ to move quickly when the next compelling information-economy based opportunity comes your way. We can all be reasonably certain that it will.
Alexandra Leonidou, partner data, privacy and information security