Organisations Need A Data Ethics Strategy

Uploaded on 2017-08-24 in BUSINESS-Services-Consulting, BUSINESS-Services-IT & Telecoms, FREE TO VIEW, NEWS-Cybersecurity News

A widespread, headline-grabbing problem often is an opportunity for savvy businesses. A case in point: personal data.

Consumers are increasingly concerned that companies are amassing enormous amounts of information about their activities, online and off, and using that data in unethical ways.

Politicians worldwide are increasingly leveraging that concern to get or stay elected by backing laws that limit how companies can use personal data.

Now it’s time for businesses to do more on their own, not just to head off additional, potentially heavy-handed regulations, but more so as a powerful new market differentiator.

“Data ethics” can give companies a competitive edge, especially when their target customers value social responsibility. Apple is one example of a household name that’s already using this strategy.

“Our privacy is being attacked on multiple fronts,” CEO Tim Cook said at a June 2015 Electronic Privacy Information Center dinner. “I'm speaking to you from Silicon Valley, where some of the most prominent and successful companies have built their businesses by lulling their customers into complacency about their personal information. We think that's wrong. And it's not the kind of company that Apple wants to be.”

Lip Service Won’t Do

Meanwhile, something else is growing: Consumer fears that their personal data will wind up in hackers’ hands or abused commercially and politically. That’s grounded in the reality of almost daily headlines about yet another retailer, bank, utility company or ISP getting hacked or using data in an unethical way.

Consumers are increasingly fighting back in a variety of ways. Some are technological, such as choosing encrypted services, private search engines, ad blockers and other “privacy tech.” Others are grass roots, such as lobbying politicians for new protections and boycotting businesses that they perceive as playing fast and loose with customer data.

Both types of responses create problems for businesses, but they don’t have to. In fact, when that many consumers are that concerned, it’s an enormous opportunity for companies to showcase why they’re the exception to the rule. For example, by giving customers complete control over which data is collected and how it’s used, a business has another effective way to attract and retain customers.

The catch? Those businesses have to deliver on that promise. Many don’t. Ashley Madison is an example of these privacy charlatans whose brand and bottom line suffered when they didn’t follow through.

To avoid that fate, and having a law nicknamed after their company, organisations should implement a privacy-by-design philosophy. To be effective, that philosophy has to be applied organisation-wide because so many departments have access to customer data. So it’s no surprise that Gartner predicts that by next year, half of business ethics violations will occur due to improper use of big data.
 
How to Get Started

When developing a privacy-by-design philosophy, one place to start is “Ethically Aligned Design: A Vision for Prioritising Human Wellbeing with Artificial Intelligence and Autonomous Systems.” Created by the IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems.

This free publication features a chapter, “Personal Data and Individual Access Control”, that’s a crash course in understanding the key concepts, major laws and potential options, as well as real-world examples of how organisations are turning this problem into an opportunity.

One example is IDNYC, free, government-issue ID card for all New York City residents. The program has strict limits on the amount of time physical application documents are held before destroying them and who can access the enrollment information and the ID database, including other government and security agencies. Those strategies are equally applicable to many businesses, such as banks.

The bottom line is that data ethics isn’t a fad. Twenty years ago, most organisations didn’t take environmental reporting seriously. The visionary ones saw growing consumer, investor and regulator concern about the environment and responded accordingly.

Data ethics is evolving the same way. The most visionary companies are highly aware of how data ethics fits into their general social corporate responsibility framework.

They don't just pay it lip service, either. Instead, they build their entire organisations around the data ethics. Sure, there will always be lots of privacy charlatans and other bad actors, but every headline they make means a bigger, positive spotlight on their ethical rivals.

Information-Management:

You Might Also Read:

88% Feel Vulnerable To Data Threats:

Data Threat: Your Ex-Employees:

 

« The “augmented human” Concept Becomes Reality
4 Steps Toward A GDPR Compliance Audit »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Foregenix

Foregenix

Foregenix are global specialists in Digital Forensics and information security including Penetration testing and Website Security.

Maverick Technologies

Maverick Technologies

Maverick is an industrial automation, enterprise integration and operational consulting company. Services include industrial cyber security.

e-Governance Academy (eGA)

e-Governance Academy (eGA)

eGA is a think tank and consultancy founded for the transfer of knowledge and best practice in e-governance, e-democracy and national cyber security.

Honeynet Project

Honeynet Project

The Honeynet Project is a leading international non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools.

BankVault

BankVault

BankVault is a new type of cyber technology (called remote isolation) which sidesteps your local machine and any possible malware.

Leadcomm

Leadcomm

Leadcomm is a Brazilian company focused on the distribution and integration of IT systems and security solutions for large companies.

Apozy

Apozy

Apozy replaces a secure web gateway to nullify phishing, malware and impersonation attacks.

DataCloak

DataCloak

DataCloak is an innovation company that focus on providing enterprise data-in-motion security solutions based on zero-trust security technology.

Hyperwise Ventures

Hyperwise Ventures

Hyperwise Ventures lead seed investments in startups in the cyber security and enterprise software spaces.

Sollensys

Sollensys

Sollensys is a leader in commercial blockchain applications. Our flagship product, The Blockchain Archive Server™ is the best defense against the devastating financial loss that ransomware causes.

Polestar Industrial IT

Polestar Industrial IT

Polestar work on both sides of the IT & OT divide. Network, Data & Asset Security is our priority. Polestar installations are robust and resilient and comply with the appropriate security.

Kirk ISS

Kirk ISS

Kirk ISS are the leading provider of IT services in the Cayman Islands. We offer best-in class hardware, software, communications and cloud computing, all backed by professional services support.

WheelHouse IT

WheelHouse IT

WheelHouse IT secures, manages, and advances businesses with innovative, cost-effective IT solutions.

Mitigo Group

Mitigo Group

Mitigo offers a well considered and effective approach to keeping businesses completely secure from any digital attacks.

Edge Security

Edge Security

Edge Security is an information security research and consulting firm of expert hackers.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.