Dutch bank ING planned to share the details of its customers’ debit and credit card transactions with third-party companies. The plan was simple. By providing access to transactional information, initially as an opt-in trial, the bank would enable its commercial partners to offer discounts based on spending information. In theory it was win-win, with ING’s customer’s enjoying cheaper deals and the participating companies benefitting from a highly targeted route to consumers.
Within hours of the announcement, privacy campaigners, members of the Dutch parliament had expressed concern, while Data Protection Authority chairman Wilbert Tomesen urged ING to show restraint when profiling customers.
There was a similar furore here in the UK when plans for the NHS Care Data initiative were made public. The benign aim was to analyse patient data from across England to identify problems and ultimately improve treatments. But the plan involved sensitive information. Privacy lobbyists and patient groups cried foul, forcing a delay.
So here’s the dilemma. On one hand, organisations of all kinds have the capacity to gather, process and analyse unprecedented amounts of information, representing a huge intellectual property (IP) asset, which in turn can be used to improve services, develop new products or target marketing much more effectively.
Thus, we’ve seen retailers amassing data and applying predictive modelling techniques, which enable them to target marketing on customers at the point at which they are likely to be most receptive. In theory, data can also be shared between companies along the ING model. “Banks are in a very strong position to do this,” says Alwin Magimay, head of digital and analytics at auditors and professional services company KPMG. “For instance, if a bank knows how much you spend on electricity, it can get you a better deal on that.”
On the other hand, there are real constraints. Julian Saunders, chief executive of Allfiled, a company that allows consumers to control their data, says the controversy over the NHS Care Data scheme reflects a broader unease. “The intention of the scheme was very good. I think much of the opposition was sparked by concerns over certain sorts of marketing and the issues raised by [NSA whistleblower] Edward Snowden,” says Mr Saunders. “People don’t like to feel they’re being snooped on.”
Companies have to draw a distinction between basic personal data and sensitive data such as medical history or criminal records
Meanwhile businesses must comply with a regulatory framework that is set to grow much more stringent. At the moment, the UK’s Data Protection Act is the prime piece of legislation governing how data can be used. However, this is set to be superseded by the EU’s General Data Protection Regulation, which will be enforced across all member states under the umbrella of a single regulator. Once it is in force – expected either next year or in 2016 – consumers will have more rights to see their personal data and order it to be deleted.
And as Vinod Bange, a partner specialising in data at law firm Taylor Wessing, explains the new regulations considerably up the ante in terms of penalties for data breaches and misuse. “Under the current UK law, the maximum fine is £500,000,” he says. “This will rise to €100 million.”
But KPMG’s Mr Magimay believes the potential of big data can’t be ignored and that large organisations will have to optimise the value of their information assets to stay competitive. “We have identified big data as one of the major disruptive forces in the digital space,” he says. In his view, those who use data effectively will reap huge benefits; those who fail to do so risk losing out to competitors.
A key question is whether or not an organisation has the right to use the information provided by customers. Alex Hazell, head of UK privacy and legal at digital marketing company Acxiom, says that, in IP terms, ownership of data essentially resides with the collector. “However, the Data Protection Act creates a kind of quasi-IP on behalf of individuals who provide the data. They have the right to put limits on how the data can be used,” he says.
“The data you collect must be used in accordance with the individual’s legitimate expectations,” says Sam Jardin, a partner specialising in data at law firm Watson Burton. “Companies also have to draw a distinction between basic personal data and sensitive data such as medical history or criminal records. Sensitive data can’t be passed to other parties without express consent.”
And as Vincent Bange adds, in order to be confident about using the data: “The organisation has to ask whether that purpose was fully explained, and did the customer understand what the purpose was.”
Remaining compliant will require more attention to the controls and mechanisms designed to protect and govern data usage within the organisation. Mr Hazell says the starting point for Acxiom is to design all its data processing products from a “privacy by design” standpoint to ensure compliance with current and future law.
But there is also the court of public opinion to consider. For instance, US Retailer Target used profiling and customer data to identify pregnant customers, even down to the due date. Its marketing hit the headlines when it targeted information at a 16-year-old girl who had yet to tell her parents.
And here’s the rub. At one level, consumers probably like to hear about special offers or products tailored to their data. However, some targeting can come across as intrusive. So how do you get it right?
One way forward is to let the consumer control the data. For instance, New York-based startup Datacoup allows consumers to sell their social media and card data for $8 a month. There are variations on this theme. In the UK, Allfiled is developing a way of enabling consumers to place selected data on a secure platform in return for discounts from partners.
Arguably the future for big data to some extent depends on customers and other stakeholders being given a clearly presented choice of when and how their data is used. This could be a simple opt-in, once the purpose of the data collection strategy has been explained, or specialist platforms on which consumers proactively pool their data.
CASE STUDIES
MORE SPEED WITH DRUGS TRIALS
Before new medicines are allowed on to the market, they must go through a trials process and this presents certain logistical problems for the pharmaceutical companies concerned, not least in terms of recruiting patients to take part.
As Graham Wylie of the Medical Research Network (MRN) explains, drugs companies need to get the trials up and running as quickly as possible to get the product on the market at the earliest possible date. This maximises the commercial potential of the drug when it’s under patent. “But recruitment for trials has to be cost effective,” he says. “Companies don’t want to spend too much as the trial may not be successful.”
The MRN specialises in recruitment for trials and is now using big data techniques to identify potential patients. Using a system known as Rapid, the MRN monitors social media for references to relevant medical conditions and analyses the conversations to identify patients most likely to take part in trials.
In addition to monitoring conversations, the MRN is also gathering information on location and the media sites the candidates use. Drug trials are then advertised to the candidates in a highly targeted way through their preferred media channels. “We don’t contact them directly. They see the advertising and opt into the trials,” says Mr Wylie.
It’s an approach that has already been used on one trial for a Hepatitis C treatment. Early indications suggest the approach cuts advertising costs, speeds up recruitment and, because it is based on public-domain material, is compliant with data laws.
PUTTING CUSTOMERS IN CONTROL
Allfiled is a UK-based company that aims to put consumers in control of their data while providing marketers with access to a highly targeted customer base. “We were founded about five years ago, by Steve Bennett,” says chief executive Julian Saunders, “But over the past two years, what we offer has really come into its own.”
The premise behind Allfiled is that consumers are concerned about how their data is being used. Meanwhile businesses are struggling with the complexities of managing and processing vast swathes of customer information. Under the Allfiled model, customers provide selected data that is of direct use to participating businesses. Armed with this information, these businesses can provide a better deal.
The model has been successfully tried out on the Moneysavingexpert.com website, operating as the Energy Savings Club. It’s a limited application with members providing details of energy usage. This in return allows utilities providers to look at the consumption information and, where possible, offer cheaper deals. More than one million people have signed up in a year.
Now Allfiled is developing an independent platform bringing together consumers and a range of trusted partner companies. “The key to our model is trust,” says Mr Saunders.
There are variations on the theme, for instance, sites that enable consumers to sell their data. Mr Saunders prefers the “trust coupled with the promise of a better deal” approach, believing consumers who have expressed an interest in a particular product group will be more interesting to marketers than those who simply sell data.