Privacy is a very important concept. This rings especially true in the era of big data, where some data-rich companies have profiles so refined, they know us better than we know ourselves. In this light, it is only natural to be wary of our privacy and security (the two go hand-in-hand).
Although it might seem we are in the oversharing era of social media, there are things we don’t want others to know about us. Financial information or medical records are just some that come to mind. For this very reason there have been data privacy regulations in action for decades. Today the percentage of countries that have some form of data privacy regulations outweighs the ones that don’t.
As we’ve entered the era of big data it’s time to reflect that it firstly brings a lot of potential but also some threats. How to navigate the pitfalls and unlock the benefits of the big data era? We, as a company built on big data, know a thing or two about privacy and security. The question: “How do you achieve privacy with your big data monetization tools?” is often the first question we are asked.
General Data Protection Regulation (GDPR)
Instarea is a big data monetization company. As such, we take the issue of privacy very seriously. Yet, for full disclosure, it was never a burden for us. Our architecture has been designed and implemented with privacy and security in mind from the very beginning, and this was well before the adoption of GDPR. We never needed to change our infrastructure or operations as a result of GDPR.
That is not to say GDPR is without obstacles. It is one of the reasons why the issue of privacy and security came to a public view in the recent years. Not least because of the threat of “draconian”, and potentially disruptive, fines of up to €20 million or 4% of global turnover. Whichever is greater.
Even though the threat of fines and the risk of reputational damage can be menacing, GDPR should be perceived as an opportunity not a burden. Firstly, GDPR has brought the issue of privacy and data protection in Europe into public discourse. People are now more conscious about how their data is handled, which forces companies to also take it more seriously and put initiatives in place.
This has led to several massive data breaches. Hundreds of millions of people have had their data stolen around the world, every year. And there are few signs of this trend stopping. Companies really need to focus more on data privacy and cyber security, which is where GDPR comes in.
Mutually beneficial exchange of data for relevant services
One of the main perceived GDPR obstacles we routinely come across is the need to gather consents to use personal data. The reasoning here is straightforward: the customers have to realize and accept the benefit from sharing their data. Consents are granted on a voluntary basis as an exchange for relevant services.
That means, in our case, people will give consent to receive a refined marketing offer once per two weeks (the period depends on a telco), or to have their data used for location intelligence. However, a telco typically also motivates customers to provide consent with special promotions – for instance, once a month they raffle off an iPhone to all who have opted-in. This also motivates the customers to provide consent.
Additionally, telcos have a unique opportunity to gather consents, as customers usually extend their contract at least once per two years. That means in 6 months they can easily collect 25% of consents (in our experience typically 35%).
As mentioned, privacy in the big data era is a double-sided sword. Which is why, a big data monetization is about exchanges. A lot of people want to exchange part of their privacy for convenience.
For all data-rich companies, it is necessary to be transparent and upfront about their use of data. There is a responsibility to be straightforward with the customers and let them know about what data is used and for what purpose.
Why choose Instarea as a data monetization partner
At Instarea we take privacy seriously. We have recognized six main elements that can describe our effort:
- Security– We go to great lengths to assure the data we work with are used correctly and we take precautions to prevent misuse.
- Approval– Individuals have an option to opt out of our usage of their data. All individuals whose data we analyze/use have given consent.
- Correction– If there is an erroneous information an individual has the ability to correct it.
- Secondary usage– Information collected for one purpose are not used for another purpose without an explicit consent.
- Disclosure– We provide a way for individuals and customers to learn about our use of individual data.
- Openness– The system for collecting data has to be open and no part is kept secret.
What do we know?
We only know statistics. All the data we are working with is stored in our partner’s infrastructure behind their own firewall. We don’t have the access to our partners’ data (that includes personal information).
When a customer uses our platform and decides to create a population analytics report for a given area, our front-end sends a request to our partner’s back-end, which calculates the result and sends it back to the customer – almost instantaneously. So, we only work with anonymized and aggregated statistics. We only know the numbers and never the names. And because the lowest possible statistical number we are working with is 100, it would be impossible to infer anyone’s privacy, not that we would ever want to ;).