Since the dawn of the dot-com era, more and more business models have come to rely on convincing customers that there is indeed such a thing as a free lunch.
Wise people know that isn't true. "Free" nowadays just means you don't pay with your money; you pay with your life. At least, that is, some of the details about yourself, your life, and your behavior, so that the data can be collected, analyzed, bought, sold, squeezed for intelligence, shaken for loose change, (stolen by cyberattackers), and fed into ever-more sophisticated technology to motor "data-driven" business initiatives. This isn't necessarily sinister; organizations may use personal data on customers to provide better service, more customized healthcare. And for some industries, trading data is the main way to sustain themselves, as people get out of the habit of spending actual money on things like music and news. Businesses are required to maintain some personal data on employees and may monitor those employees' behavior to improve productivity, and also worker safety, or employee wellness. Data is so helpful, that businesses collect it about everything.
The end result is a culture of surveillance.
Even when well-intentioned, data collection can be very dangerous -- both to the individual and to the business taking stewardship of it.
Consumers and employees alike are waking up to these realities and want their privacy back; regulators are stepping in with tighter oversight and steeper punishments. And many forward-thinking organizations and innovative IT leaders are taking privacy rights seriously, recognizing that protecting the privacy of their consumers and employees is an important part of maintaining their trust.
But where to start?
A look at most organizations' data stores would show a messy, tangle of poorly governed datasets growing out of control. Lots of the data your organization collects it probably doesn't need, never uses, doesn't even know that it has. It's eating up storage space, and is an accident waiting to happen. An appetizing target for a cyberattacker; a costly violation for a regulatory auditor; an uncomfortable situation when law enforcement brings a discovery request; a public relations embarrassment that causes the organization to lose the trust of customers or employees. All of the above, or worse.
Read the rest of this article on InformationWeek.
Other articles in the series: