Organizations, both in the insurance industry and out, realize that if consumers feel perturbed by the exposure of their financial information, they could be even more horrified to know that bytes and bytes of data regarding their web browsing habits, vehicle warranties, purchases, detailed health information, and more are being collected, stored and used. It’s become almost a cliché to comment, “So much of our lives are online nowadays.” It’s true, but few realize the extent of its truth. For every bit of information we are aware exists in the online world, there are likely 100 more data points we haven’t thought about. And if consumers stop to think about how their information is being used, they’re likely to kick up quite a ruckus.
For instance, I have found that buying one quilted cat-print bag (as a gift, to boot) landed me on some sort of epic crazy cat lady watchlist, with twice-weekly missives from all the official Feline Tchotchke Mail Order People. I don’t even have a cat, but I don’t doubt that my Great Marketing File in the Cloud has me down for caring for about 12. Big Data has its potential, but it also has a healthy dose of ick factor. I’m on the Fingerhut catalog mailing list now, for cripe’s sake. If that isn’t a reason to rein in Big Data, I don’t know what is.
There is certainly an element of consumer responsibility to this topic as well. Some consumers freely give away permission to apps and social media sites to track their online movements. Do consumers need to do so? Probably not, frankly, since they could easily do without taking one more online quiz or watching another episode of Pretty Little Liars, but online society has reached a point where users will click any permission, tab through any popup, all in a fervor to find out from Quizzy which Hogwarts house the Sorting Hat would place them. (Slytherin, haters!)
And they do this likely without even realizing the extent to which these companies eagerly and excitedly collect that data like precious online diamonds. The FTC’s report on data brokers reported that one such company maintains 3,000 discrete data items on each consumer in the U.S. Three THOUSAND. I consider myself to be one of the most interesting people in the world and I can’t even think of more than, say, 1,000 marketing-relevant tidbits about myself.
However, people don’t want to be reduced to data points. When they sit down, away from the laptop, away from eBay, Amazon, or Facebook, they don’t want to feel out of control of the information they put out into the world. Marketing use seems expected at this point, but Big Data can be applied to many more business decisions, some of them potentially inadvertently discriminatory.
The driving factor behind data breach litigation has been the righteous sense that consumers have been wronged by companies that maintain their information and subsequently lose track of it. What happens when the data at risk is not an easily changed credit card number, but an intimate snapshot of a personality? Not only the credit cards you carry, but who you are? Or, worse, who you aren’t, as the case may be?
As it happens, we may not have to wait too long on that last point. The much touted Spokeo v. Robins case coming before the US Supreme Court is at its heart a case that addresses the lack of control over data and the inability to change inaccurate information, as well as one that points a finger at data handlers. The case is causing some concern in the cyber world, that it could open the doors to more litigation over data collection and use. While data breaches now tend to be the focus for cyber insurance, the coverage is evolving, and more than a few industry observers feel that claims relating to Big Data are sure to be on the horizon.
Applying Big Data to business decisions goes beyond the considerations of “cyber risk” into the overall field of enterprise risk management. We aren’t simply discussing loss of data anymore; this marches right into the world of effective, socially conscious, and useful data practices. It calls upon organizations to use data as needed, to respect the privacy of consumers at all times, and to follow not only the legal tenets of Big Data, but the ethical ones as well.