The recent hacking of user data from the match-making site, Ashley Madison has brought into focus a few important lessons that we should consider about how Big Data and our digital trails that are now incessantly monitored.
Privacy is a Lost Privilege
The users of Ashley Madison expected privacy and presumably were promised it. However, being hacked is now commonplace. One might imagine that users could sue Ashley Madison for breach of contract. But does money or a court order put the horse back in the barn? No! Privacy, in our digital world, is lost. When we snap photos on our iPhones, the location and time are captured. Faces are recognized with software that learns from our labels. The data and photos go to the cloud. Who else might have access to the photos and what is the impact of these being made public. In the case of Ashley Madison, people shared details and actions that they wanted to keep private. Expecting privacy with the use of anything digital is just not realistic. It reminds me of a Soprano’s episode when Tony removes the GPS from recently stolen automobiles. Yes, our cars, phones, apps, wearables, sensors, and even those of others are tracking us. In many ways, privacy will be for those that can pay to achieve it or can avoid being tracked.
Erasing in the Digital World is Not Really, Anymore
A recent court ruling in Spain required Google to remove online information about a person because “he had the right to be forgotten.” It sounds great, maybe even noble and pedestrian all at the same time. However, who gets to decide what is forgotten? A court? That is expensive. The owner and publisher of data are really in charge and now the people that can get to the data can decide to do even more with it. For example, Ancestry.com has brought back the past and digitized it. Did those people have a right to be forgotten? The use of Ancestry.com data is taking a more serious turn, too. Google’s Calico is now mining the data for identification of individuals with longevity genes (and presumably without those). So, our digital records now even include our ancestry and what is says about our future! It is hard to forget or to be forgotten in a digital world when your ancestors are not forgotten. If the data is digital, expect it to be essentially permanent.
Promises to Handle Data are Taken Seriously by Customers
The fact that Ashley Madison offered a “delete forever” service that really did not delete the data shows that the treatment and management of data is a real concern for firm’s and will surely be at the forefront of a firm’s reputation. We expect banks to protect our financial data and hotels to not share our travel patterns with others. We expect health care providers to honor our privacy, and when offered a promise about data, it is expected to be real. Firms that manage data should take note. If you promise something to your customers, be sure you can deliver.
Your Data Can be Valuable to a Seemingly Disinterested Party but Not because of You
In the case of Ashley Madison, it appears that the hackers were agitated by a less than perfect promise made by Ashley Madison to “erase” personal data. The erase function created some great revenue, but as the hackers desired to point out, the data was never fully (or truly) erased. Sounds like fraud and the hackers were right to call out Ashley Madison. The hackers might not be specifically interested in the data of any specific individual in the user base. They might see an economic opportunity to extract payment or actions (such as the shut down of the site) from Ashley Madison. This can pose challenging risks to the many millions involved. The decision to make public any specific information from the breach is not about an individual or their relationship with the hackers. When someone controls your data and does not have a direct interest or economic relationship with you, what happens to that data can be very hard to control or influence. We can imagine the exact same challenges arising in other data that is now public. When Zillow puts a price on a house, it indirectly says something about that person’s wealth and debt. It is a matter of opinion, of course, but often it is rooted in very good analysis and is quite directionally correct. The publication of a home price and further use of it cannot be controlled by the homeowner. Imagine a tax assessor that uses Zillow data or photos for pricing real estate. The data shared by Zillow is not used to target any one person, but it does create negative consequences for many individuals. In such a ploy, homeowners might now be able to control or influence what Zillow says about a property or how the tax assessor uses that data. Similarly, Ashley Madison users might not be able to influence the hackers and the decision to publish that data is less about an individual but about a whole market. In reality, the hackers of Ashley Madison might be indifferent or disinterested in the impact to any specific person. Such economic relationships are hard to manage and might not even be controllable by payment of money.
Your Data is Even More Valuable to an Interested Party
When an adversary can exploit information about you or your doings, the data is even more valuable. Imagine the thousands of divorce attorneys that can be make a lifetime of earnings by mining the Ashley Madison data! Wow, now the data can be turned on a specific person and causes for separation documented. Economic targets can be identified. The data is now tied to the value of keeping it private or in pursuing a court case. Consider the businesses of various firms that publish mug shots and then allow people to pay to remove the photos from their roster of mug shots. It is clever use of data and one in which the payment for not publishing is the monetization. In such cases, the data is made valuable by focusing it on the economic interests of the counterparty. Although dangerous, such conflicts are generally resolved by an exchange or money, provided they really, really promise to never ever publish the data in the future (triple promise with cherries on top). With such a promise and trust in place, the price for the data can be high or at least commensurate with the damages avoided
So, what’s the Ashley Madison data worth? It can be valuable to many parties. It is worth a lot to divorce attorneys and to tabloids. It may even prove useful and critical to the likes of Ancestry.com in confirming true paternity.
More Big Data Lessons
These important implications in monetizing Big Data in the digital economy and more are developed in my recent book, From Big Data to Big Profits: Success with Data and Analytics. The book examines the evolving nature of Big Data and how businesses can leverage it to create new monetization opportunities. Using case studies on Apple, Netflix, Google, LinkedIn, Zillow, Amazon, and other leading-edge users of Big Data, the book also explores how digital platforms, including mobile apps and social networks, are changing customer interactions and expectations, as well as the way Big Data is created and managed by companies. Companies looking to develop a Big Data strategy will find great value in the SIGMA framework, which assesses companies for Big Data readiness and provides direction on the steps necessary to get the most from Big Data.
Professor Walker provides keynote talks, seminars presentations, executive training programs, and executive briefings.
Recent talk topics enjoyed by clients have included:
“From Big Data to Big Profits: Getting the Most from Your Data and Analytics”
“Leveraging Artificial Intelligence and Automation at Work”
“Winner Take All – Digital Strategy: From Data to Dominance”
“Success with an Inter-Generational Workforce: From Boomers to Millennials”
“FinTech, Payments, and Economic Trends and Outlooks in Consumer Lending”
“The World in 2050: Risks and Opportunities Ahead”
Exceptional executive training programs have included:
“Digital Disruption, Automation, Analytics, Data Science, the IoT, and the Big Data Wave”
“Master Course on Operational Risk: Measurement, Management, Leadership”
“Complete Course in Risk Management: Credit, Market, Operational, and Enterprise Risk”
“Cyber-security Training: Prevention, Preparation, and Post-Analysis”
“Managing Your Brand and Reputation in a Crisis.”
“Strategic Data-Driven Marketing”
“Enterprise Risk Management and the CRO”