who owns the customer?privacy in the connected age

James Harrisonokcompare

technology can we keep up?

• technology finds new ways to erode privacy

• balance between individual/vendor/ data aggregator

• The law has to keep up• Why is this important? http://youtu.be/xFAWR6hzZek① Our data has a value

② companies want our data ③ we must regain control of our data④ our lawmakers must set guidelines and regulations

① The customer② Personal Identifiable

Information – the PDS③ The legal right to Privacy④ Data Protection⑤ Data Owner⑥ Data Processor or Aggregator⑦ Anonymous Data⑧ Big Data

definitions

technology progresses we all have to keep up

Data in the 80’s

The birth of the internet

The birth of social media

Where next? Who

will own the customer?

we hand over data every dayunintentionally or intentionally

① Cookies - IP addresses are tracked

② Google Street View ③ Location based privacy ④ Search Engines ⑤ You want to use our service –

agree to these t’s and c’s⑥ Personal data traded for

convenience can result in spam and unwanted advertising

⑦ Facebook and social media

"Privacy is dead – get over it

Total anonymity is our only option just keep off the internet Everything on the internet is PERMANENT

stage 1 - data in the 80’scustomer’s point of view

• Data in the 80’s • Recent family who lived in

‘86• Who owned your data?①the government②the doctor③the post office④the insurance company⑤yellow pages and ⑥the telephone directory.

http://www.euronews.com/2013/09/10/turning-back-the-clock-life-in-1980s-canada/

stage 1 - data in the 80’sbusiness point of view

• Direct Marketing – buy data from post office

• Direct Marketing – credit cards in the 1980’s

• Telephone – cold callers use directory

• Businesses - anyone who had your data felt that they owned you.

• Renewals on insurance were near 80%

stage 1 - data in the 80’sregulators point of view

Very clear definition

the customer has given the data to the company in return for a service

Little requirement for regulation

Stage 2 - the birth of the internetthe customer’s point of view

• Complete anonymity• The chat room

• Simple browsers• Few ads

Stage 3 - internet in the ‘00the customer’s point of view

• Inter-connected life• Much more than just

your email address• Data Protection and

the Privacy Policy• Cookies

stage 3 – internet in the ‘00the business point of view

• Businesses remained in the past, writing contracts with each other determining who owns the customer.

• The proliferation of information meant that little by little no one really owned the customer.

• Customer data was being recorded in many places around the internet.

• Email marketing takes off• Databases being created of great power. Tricks to get

people to give away more data by entering prize draws/offer sites and more.

• Cookies – guided advertising

Stage 3 - the internet in the ‘00the regulator’s point of view

the doctor, the government, the post office etc

and now

every website you have visited whose terms and conditions you have agreed to.

Stage 3 - the internet in the ‘00the regulator’s point of view

USAConcerning privacy laws of the United States, privacy is not guaranteed per se by the Constitution of the United States.

It is purely a ‘voluntary’ process. Obama has recently instructed to have an online Bill of Rights.

EUFor Europe Article 8 of the European Convention of Human Rights guarantees the right to respect for private and family life, one’s home and correspondence. The European Court of Human Rights in Strasbourg has developed a large body of jurisprudence defining this fundamental right to privacy. The citizen has a right to privacy through 1995 directive. It is regulated in UK by Data Protection Act of 1998 and in France by CNIL

Stage 3 - the internet in the ‘00the regulator’s point of view

USA• Google reached a deal with the Federal Trade Commission (FTC) and

agreed to pay $22.5 million in penalties after the agency found that the Internet search giant had made erroneous statements in its online privacy statement.

• Repeated offender – Google Buzz fell foul, without a fine - Google "automatically enrolled Gmail users in Buzz, and that Buzz publicly exposed data, including users' most frequent Gmail contacts, without enough user consent."

EU• Germany in 2008 that discount supermarket chain Lidl had been

systematically spying on its employees with the use of private detectives, the company was forced to pay a fine of only €1.5 million.

• UK – max is 500,000 and mostly to public bodies not private.

Stage 3 - the internet in the ‘00the company’s point of view

Stage 3 - the internet in the ‘00the regulator’s point of view

EU regulations now ensure that all sites that use cookies have to explain this to the customer before they continue to use the site.

There is no such regulation in USA.

Stage 4 - the birth of social mediathe customer point of view

• The handing over of data that was not just an address, a phone number or an email address

• Personal data revealed• Habits revealed• Everything recorded• From a closed garden to personalised websites

Stage 4 - the birth of social mediathe customer point of view

• Sharing of personal data between sites to enable new apps, easy to use and very

• One click ‘agree to access data’

Stage 4 - the birth of social mediathe company point of view

• Even better advertising• More targeted• Apps• Social search• Mobile• Terms and conditions and

privacy policies become so long that no one reads them

• One click data• The birth of big data

industry

Stage 4 - the birth of social mediathe regulator’s point of view

USA• Facebook has tripped up many

times on the issue of clarity to its customers on privacy.It makes numerous changes without informing the customer.

The FTC is currently investigating a new complaint

EU• There are continuous complaints but

no regulation……yet

pushing the boundariesthe customer reaction

• Google and Gmail reading your email

• Facebook and Beacon• Facebook and privacy

policy• Google street view • wi-fi sniffing

pushing the boundariesthe customer reaction

• We keep giving up our data• The companies keep making

money from us• They continue to believe they

own us• The aggregators break the

rules and believe they own the data

• The regulators are toothless

NSA – Prism – the public reaction

pushing the boundariesthe customer reaction

NSA/Prism and Ed Snowden• We know the

government spy, why do they lie?

• We know that companies use our data, why do they lie?

the future(or one view of the future)

• SUN MICROSYSTEMS – 1999 Stephen Mcneally - "Privacy is dead – get over it”

• Eric Schmidt, GOOGLE – 2010 told us that anyone concerned about online privacy "had something to hide”

• If Mark Zuckerburg were to create FACEBOOK again today, user information would by default be public, not private as it was for years until the company changed dramatically in December 2010.

the alternate futurepersonal data store (1)

• World Economic Forum's 'rethinking personal data' project, by the EU with its new proposals for data protection.

• by a growing range of entrepreneurs and innovators -- that personal data is a personal asset.

• Customers own and be able to protect their own PDS

personal data storeswho owns the customer?

• You do!!!!• You need to learn to

manage it like money in your bank account

• Can you make money from your data?

• companies get it for free, so why bother paying

• PDS market could explode to a $2 billion market by 2016

• Personal/singly/evernote/handshake etc.

the alternate futurevendor relationship management

• Governments must set guidelines to protect anonymous data from being made into PII without the customer’s knowledge.

• Lawmakers must have sufficient teeth to be able to prosecute and protect the individual’s right to their own PII.

vendor relationship managementwho owns the customer?• Customers give their PDS to those

companies who they trust and revoke that when that trust is lost.

• If you as a company do not do what you say you are going to do, you lose that customer.

• It does not matter how much you protest that you own that customer, they will no longer want to deal with you.

• You choose who you want to do business with

• They add value, you give them access to your data

• If they do not, you revoke this

who owns the customer?

• The balance between the individual’s right to privacy first discussed 120 years ago to the company’s requirement to provide better service.

• As individuals we must be aware of these changes• As entrepreneurs we must be aware of the

potential opportunities• As businesses, ask a simple question – do I add

value?• As lawmakers we must keep up with technology

and provide organisations and enforce the law.

THANK YOU!

James Harrisonjh@okcompare