Risk
4/19/2013
01:11 PM
Connect Directly
RSS
E-Mail
50%
50%

Consumers Concerned About Online Data Privacy

Companies that collect personal data must reassure citizens or risk serious backlash, warns Market Research Society.

Earlier this week, the Economist Intelligence Unit reported that consumers worldwide are becoming increasingly concerned about the security of their data online.

According to Jane Frost, CEO of Britain's Market Research Society, a group representing companies working in market, social and opinion research, market analysis, customer insight and consultancy, they may have good reason.

"Innovative use of data for research and for big business is developing rapidly, but approaches to data privacy are not -- and this is creating an ethical gray area," she told Information Week. "Consumer trust in data sharing is taking a beating, and organizations need to commit to ethical data sharing that respects personal privacy or risk jeopardizing their relationship with consumers."

[ Do you worry about how companies are handling your personal information? Read Online Privacy Worries Increasing Worldwide. ]

Frost works closely with the U.K. watchdog group the Office of the Information Commissioner. She has also worked as a marketer for Shell, Her Majesty's Revenue and Customs (HMRC) and the BBC, where she managed big data strategies and helped inform commercial decisions.

She noted that a vast amount of data is now readily available to organizations. "In most cases, data is being used in a way that we as consumers accept and are happy with. However, there have been an increasing amount of incidents where data has been used for purposes it was not meant to be."

As a result, Frost said, "Consumer concern is growing and data protection is becoming a serious issue." At least 58% of inquiries to the Market Research Society's confidential advisory service were related to data collection, integrity and use in 2011/12 alone, up from 43% the previous year.

The Society recently launched an initiative called Fair Data a branding exercise meant to show worried British consumers that the commercial organization bearing the label is using and retaining their data properly and ethically. The initiative is intended to work alongside statutory regulations such as the U.K.'s Data Protection Act and the Office of the Information Commissioner to help suppliers not only adhere to the legislative requirements but "go beyond them in their corporate commitments to be transparent with consumers about how they data is used." The Fair Data logo can be used only when an applicant agrees to ten core principles.

But beyond the marketing and corporate social responsibility, Frost pointed out, technology leaders play a key role. "CIOs are often responsible for managing, accessing and handling the data a company has on its customers," she said. "On the majority of occasions, they get it right."

The real concern, Frost alleged, is when it comes to sharing this data with other departments within the business. "CIOs need to ensure that data protection is a priority across the business and that there is a clear strategy and set of guidelines for everyone who is given access to customers' personal data."

For example, data is increasingly being collected in real time and used by marketing departments to make key commercial decisions. The Society advises IT leaders to "ensure that there is a joined-up approach across the business and [that the] rules of compliance are being followed."

Echoing many of the recommendations of the earlier Economist report, Frost said, "With vast amounts of data now readily available, it is essential that organizations understand how it can be managed ethically and fairly. Ethical business is good business."

Risk is a factor in any enterprise, and managing that risk is always a challenge. In regulated industries, however, the challenge is heightened by goals that sometimes overlap but more often do not. In this Assessing Risk In Your Enterprise Compliance Initiative report, we examine the general considerations organizations must make when putting risk into a compliance context, as well as recommend specific strategies for leveraging organizational risk management work to achieve compliance goals. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
4/19/2013 | 9:31:07 PM
re: Consumers Concerned About Online Data Privacy
People are right to be concerned. It's almost impossible not to leave digital crumbs these days, which are being hoovered up for all sorts of purposes. That said, people may also want to consider their own actions: we voluntarily give away tons of data about ourselves on social networking sites.

I wonder if there's a business opportunity to be had for people to market and sell their own data (rather than give it away free, or leave traces unwittingly that companies can gather up for analysis). That is, anyone who wants to gather and use my data has to get a license from me to get access to it. Could be a tasty little app for a startup.

Drew Conry-Murray
Editor, Network Computing
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0985
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter.

CVE-2014-0986
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the GotoCmd parameter.

CVE-2014-0987
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter.

CVE-2014-0988
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.

CVE-2014-0989
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter.

Best of the Web
Dark Reading Radio