The Principles of Data Ethics
And there are five of these principles:
- Ownership: The individual, himself/ herself/ themself, possesses the ownership of the data related to the person. A firm cannot take that data without the consent of the person lest it be deemed stealing.
- Transparency: The individual, aka data subject, has the right to know how a particular enterprise intends to collect, store and utilise the data concerned with the person.
- Privacy: Any bit of Personally Identifiable Information (PII) should not be made publicly available unless otherwise consented to. This includes the name, address, phone number etc.
- Intention: If the firm is collecting data on the individuals to fulfill unstated malicious intentions, it goes against the spirit of ethics.
- Outcome: If the collected data, despite the right intentions, come to have an unwanted outcome vis-a-vis the owner of the data, thanks to an algorithmic bias or any other reason, then the data ethics stand violated.
Characteristics of Data Ethics
Largely there are four characteristics that portray data ethics.
- Vouching for and ensuring data security and protecting customer info: When you handle customer data, as an enterprise, you are bound to protect it, prevent breaches, and ensure data never gets compromised. This is easier said than done. IBM India, in a report, outlines that “data breach average cost increased 2.6% from USD 4.24 million in 2021 to USD 4.35 million in 2022.”
- Offering clear benefits: It is a kind of social contract clause. You give your consumers greater speed, convenience, value and savings, and they (users, patients, clients, employees, customers and partners) will not be hesitant to part with their data as long as they are guaranteed and followed on the guarantee of data in safe hands not prone to misuse.
- Provision for consumer agency: Look at this scenario from a McKinsey report: “If a customer receives an offer and says, ‘I think I got this because of how you’re using my data, and that makes me uncomfortable. I don’t think I ever agreed to this,’ another company might say, ‘On page 41, down in the footnote in the four-point font, you did actually agree to this.’ Here, the customer has no agency. Worse than that, he feels he has been duped by the company. Game over! Remember, your reputation as an enterprise and the trust that you painstakingly cultivated over the years with customers can vanish in as much time as it takes for the customer to hit the post button on social media.
- Doing what you promise: The company should do what it has promised it will do or risk credibility and reputation.
In short, companies that adhere to the principles of fairness, privacy, transparency, and accountability in data matters can earn and retain the trust of their customers or clients. Trust is one power of attorney. It empowers a firm to not only ensure better customer service and experience by exercising the power of data it has been granted but also preserve and enhance its reputation.
Regulations and Data Ethics
Regulatory requirements and ethical obligations are mutually related and complementing. The European Union’s General Data Protection Regulation (GDPR) went into effect (only) in May 2018. But the Internet and data collection using the Internet predate it. Does it mean that companies could have done whatever they wanted to do with data prior to GDPR? Negative.
Ethics is your enterprise’s shadow. It is born with it as its twin. Regulation or law is the caretaker that comes afterwards.
“The bar here is not regulation. The bar here is setting an expectation with consumers and then meeting that expectation—and doing it in a way that’s additive to your brand,” an expert noted.
No wonder you are obliged to build company-specific data usage rules rather than await the regulators and legislators to chip in with guidelines and laws which could be too late or sometimes too little. Ascertain what are the no-go areas; areas where you cannot take the data to.
Once it is done, it is important that you communicate the data values internally and externally so that everyone is on the same page. You also need to set up an agency (e.g. Data Ethics Board) and institutionalise and propagate the values that you designed. C-suite should also be made a part of this ethics board or should be kept posted on the developments in the board.
Back
