Visiting The Glass Room pop-up exhibition (from Tactical Tech and supported by Mozilla) is a disconcerting experience. Laid out purposefully like the white, angular, super-cool retail space of a leading tech brand, the exhibit throws the visitor into a world of harsh demonstrations showing the true value of their custom to a tech company, advertisers, and anyone with the money to pay for access to them.
Having spent a lot of time at a Cybersecurity conference last week (my client ISACA's CSX Europe), and generally being concerned about these things, the exhibit raised a lot of issues for me personally. Am I at risk? Should I even care if advertisers know who I am? A post for a different time, perhaps.
This post is not about whether mass data collection and analysis itself is right or wrong, just how it's done. The communications and brand challenges arising from (mis)use and poor collection of data will be absolutely fascinating.
Looking over the next 12 months, there are clear indications the population at large will wake up to the reality of data privacy, security, and the amount of information held by an incredible amount of companies. Concerns about whether companies are acting ethically as far as data is concerned, not just legally, will, I believe, take on the same importance as companies ensuring they are environmentally friendly, or no-longer test on animals.
Anyone looking at the news knows companies connected to data in a way currently alien and undefinable to the gen-pop*. For businesses in that ecosystem, relying on gathering info under tortuously long T&C documents, bulk buying or selling data sets with questionable consumer opt-ins, or confusingly worded marketing agreements, it presents a risk. Honestly now - with only a handful of extremely rare exceptions - what company out there can claim to have a fully customer friendly data consent form?
There's a massive market for data to help online targeting - which feeds this behaviour. It's gathered in a multitude of ways - some ethical and above board, of course, but a lot of which are currently almost completely hidden. The phone manufacturer OnePlus wasrecently revealed to be sucking out very detailed, very personally identifiable data for years - until a security researcher discovered it. Does that sound like informed consent from the users? And what about this alarming example from fellow Glass Door visitor Reuben Binns? (see attached tweet)
With GDPR hitting in May, and informed consent a key part of gathering and sharing personal data (for EU citizens at least), there will be some very interesting changes coming in the way companies and consumers interact. Will a company get away with a 75,000 word terms and conditions contract (allowing a vast array of hidden activities with personal data) before selling a widget online? Hopefully not.
The reality of a data-driven economy is that every company with aspirations of digital success now has to be in the data game. There's nothing wrong with responsible, safe use of consumer data - paying strict attention to how it's collected, for what purpose, and how long it's kept.
When an organisation isn't acting in the best interests of the consumer though, or society at large, we're back with a well-worn narrative in the communications business. A company is disregarding the best interests of the consumer to maximise business returns? SHOCK.
Comms pros should dust off those playbooks for clients who went through the ringer for CFCs, non-recyclable plastic, animal-testing or any number of harmful practices. It's not illegal and companies meet regulatory requirements to operate (though really, a lot of sharp practice soon will be thanks to the aforementioned GDPR), but let's see how good any company looks when they trot out that line.
Consumers don't care about what they don't know is hurting them - until they do. Certain CEOs need to start practising the lines "We have heard the message from our customers - and as a result, we have begun restructuring our entire data governance policy."
(The Glass Room is on in London until the 12th of November)
* There is a very good interview with the CEO of Cambridge Analytica recently published on TechCrunch. It's a long read, but addresses a lot of the big questions on data analytics, collection, sharing and impact to the individual and society. Well worth a read - remembering to be critical, not cynical.
I really hope that people like the ICO [Information Commissioner’s Office in the UK which rules on data privacy for individuals], who are suddenly trying to catch up on the last five years of data. I hope that they understand that the regulation needs to be there to protect consumers, but not to stump the growth of an industry that could really do a lot of good. Not just in communications, [but] across all corporate sectors.