Beyond the Privacy Fine Print: Making Privacy More Transparent
Consumers have a growing sense of unease over loss of control when it comes to personal data.
Opinions expressed by Entrepreneur contributors are their own.
The past few weeks saw a series of news articles that focused consumer concern around personal data use (and misuse). Recently, it was revealed that email service Unroll.me anonymously used consumer email data to give companies like Uber visibility into subscriber spending habits. While there was nothing illegal in Unroll.me's use of data, seeing that its privacy agreement explicitly allowed such usage, it nevertheless surprised and alarmed consumers.
As it happens, this news came on the heels of the President and Congress reversing the previous administration's proposed FCC privacy protections. With the new law, service providers are now free to collect and sell customer data to advertiser's surrounding a customer's internet usage.
The internet data trade
A wider reality is that the consumer internet is built on the trade of personal data. On the internet, the term "free" is rarely without strings attached considering ad supported internet services are powered by trade for personal data. Now in most, if not all, cases the personal data is de-identified of unique individual identifiers. Nevertheless, the consumer internet is built on advertising and advertising depends on personal data for targeting. What's new is that now personal data value has decoupled from any dependency to advertisers. Personal data now has its own intrinsic value to data buyers, as the Unroll.me example revealed.
Related: 3 Reasons Why Privacy Matters to Your Business, Your Brand and Your Future
The big problem with small print
Generally speaking, consumers have some awareness that the internet services they use rely on advertising which in turn depends on their personal data. They may not always like it, but in general they assent to this quid pro quo in exchange for the services they value. The challenge for consumers, however, is that the scope of use around personal data is not always clear and often hidden behind legal terms and conditions or consent agreements that bury details in fine print. Moreover, the use of personal data beyond advertising remains less familiar to most consumers and more concerning.
Gold mine or coal pit?
For companies, personal data is in some ways the new gold mine. Even if companies rely on subscriber or transactional revenue, knowing their customer will invariably depend on knowing their customer data. For companies therefore collecting, processing and commercializing this data is a central function.
For consumers, this has created ever growing anxiety. For them, the gold mine is more like a murky coal pit. As most interactions with corporations shift online, there is a growing sense of unease over loss of control when it comes to personal data. This explains perhaps why every so often a chain letter like a meme suddenly overruns Facebook promising to block Facebook's use of personal data. People fear what they can't see and the use of personal data by companies is very rarely transparent.
Related: The Weirdest Things People Agree to in Terms of Service
Accounting and accountability
Despite privacy policies and elaborate consent agreements, consumers still fear the misuse and abuse of their personal data. They perhaps understand the value of their data but they still want accountability and therefore accounting for their data. Lack of transparency around personal data exacerbates worry over personal data misuse. Privacy policies written in legalese may indemnify corporations that collect and process the personal data, but they do little to provide consumers transparency or assurance around the use of their data.
This desire to see greater accounting for personal data is reflected in the passage of new privacy regulations around the world like the EU General Data Protection Regulation (GDPR), which enshrine new data accounting requirements for corporations under national penalties that can reach 10 percent of a company's annual revenue. Regulations like GDPR do two things. Firstly, they re-align corporate responsibility to their customers around personal data. They force companies to behave more like data custodians than data owners. Companies can use personal data but only within tight parameters while preserving a consumer's right to their data. Secondly, they force companies to account for every individual's data. And the accounting begets accountability: Knowing the data makes a company more responsible for the data while providing consumers greater transparency around their data.
Related: How to Get Google to Quit Tracking You
Going beyond words: Operationalizing privacy
As the Unroll.me news dramatized, legal fine print for privacy is often not enough for consumers. The terms may be there, but they are written by lawyers to protect their employers and not necessarily to provide transparency to consumers. The resulting frustration is reflected in both the popularity of news that underscores the consumer's vulnerability and also in the many new regulations proliferating around the world that aim to protect consumer data and provide them greater transparency.
For companies, the change in consumer outlook doesn't mean that they need to abandon the use of consumer data. However, they will need to explore ways to give consumers greater confidence that the data is both safeguarded and accounted for. Privacy policies will not go away, but consumers want greater transparency and their government representatives want greater accountability. For companies this will require new approaches to operationalize privacy with clear data accounting so that companies can actually know what customer data they collect and consumers can know what data they share with the companies.