In this special guest feature, Adam Towvim of TrustLayers examines how organizations that leverage big data have a “data use obligation” for the wise and responsible use of corporate data assets. Adam Towvim is President & CEO of TrustLayers. TrustLayers was born out of Accountable Systems research conducted at MIT by Daniel Weitzner. Daniel partnered up with Adam Towvim to found TrustLayers in 2013.
With the explosion in use of mobile and wearable devices, the Internet of Things (IoT), and social media, we are all increasingly sharing information about ourselves or divulging it to organizations, knowingly or unknowingly, willingly or unwillingly. We are more connected to the world, to our friends, and to issues and topics we care about. We are also more connected to corporate entities and law enforcement and other agencies that can learn more about us digitally than they ever could before.
Now, it is dawning on many people that the same life-centric information we are sharing is being collected by companies to help them market more successfully, develop new products, or potentially even determine our insurance rates. The information is also being used by government agencies such as law enforcement and the Department of Homeland Security.
Recently, a Virginia man sued the Fairfax County Police Department (FCPD) and its chief of police, alleging that the agency has been unlawfully collecting information about his license plate in violation of state law. The case alleges that the FCPD, through its passive collection and storage of massive amounts of data (license plate number, date, time and GPS location) contravenes the Virginia Data Act of 1976. The Act states that personal information cannot be collected, stored, or disseminated unless the need for collection has been clearly established in advance and the information is appropriate and relevant for the purpose for which it was collected. Passive collection is distinct from the FCPD’s active use of the data, when it scans an unknown plate against a hot list of wanted or stolen vehicles and determines that the unknown plate is part of an ongoing criminal investigation.
Like the Virginia man, many people are questioning how their information is being gathered and used, and whether or not the specific use of the data is violating their privacy. To complicate matters further, many people do not understand what is occurring to their data as it travels downstream. What if a credit card company sells information obtained from your transactions to a home mortgage lender that uses it as input to decline your loan? Or if data from your FitBit relays the fact that you have not been working out, resulting in questions about your insurance rates?
Data Use Obligation
These are all fair questions. And the burden lies on organizations that leverage big data. They have a data use obligation—and not just to preserve consumer or citizen trust. The future of big data and its ability to “raise all boats” across industries rides on the ability to use it responsibly. Wise and responsible use of big data is the cornerstone of current and future advantage. For most industries, big data is the lynchpin of innovation and of providing products and brand experiences that enable them to resonate with customers, prevent or solve crime and fraud, or bring lifesaving drugs to market faster.
At issue: the technologies and methods available for taking care of big data and using it responsibly—at the point of collection, and as data moves downstream—are, frankly, a mess. The upshot is that most organizations do not know how their data is being used and by whom.
Why? Organizations find it difficult to properly define data use rules. Rules are tightly coupled with data, so when a regulation or privacy policy changes, the existing rule has to be changed and the code that uses it revalidated to ensure compliance and avoid fines and PR incidents. Adding to the challenge, applying the correct rules to the right data sets becomes even harder when the rules are hard coded and the people who know how to apply them are not directly creating them. Adding to the challenge, much of data governance currently is about making sure only the right people have access to certain datasets, but businesses need a much more granular, flexible way of creating rules and then ensuring that they are followed, either through real-time monitoring dashboards or simple reports.
New solutions are required in a world where organizations have an obligation to treat data responsibly. Organizations first need to create and maintain a separate layer of usage rules for the data so changes and updates can automatically be applied to all linked data with no user intervention required. They also need to be able to monitor data use in real time and on demand.
With automated compliance monitoring and reporting, organizations no longer have to worry about whether teams are in compliance or not, and managers and data scientists spend less time worrying about and determining data use compliance. For example, TrustLayers customers have been able to achieve an 81% decrease in resources needed to manage big data uses and still gain a platform on which to run new marketing campaigns and release new data-driven products.
With so much data collected and available and so many rules and regulations to abide by, organizations need a solution that can determine and sustain optimal data use. Companies have to find ways to maximize the value of enterprise data while minimizing risk so they can reduce fears, adhere to rules, and test new ideas quickly. When more data gets used, data-driven products get to market faster and companies have more confidence. And we, as people who have shared our personal information, have more trust in the organizations that use our data.
Sign up for the free insideAI News newsletter.