Privacy and Piracy: Who Owns Personal Data?
You wouldn’t steal personal data, would you?
Remember the anti-piracy ads that ran in movie theaters and on DVDs ten years ago? The message was, in part:
You wouldn’t steal a car.
You wouldn’t steal a handbag.
You wouldn’t steal a television.
Downloading pirated films is stealing.
Piracy. It’s a crime.
In those relatively early years of the internet and digitization, the entertainment conglomerates were struggling to keep consumers from making unauthorized copies. Ten years on, digitized music and film are available via functional, if far from perfect, business models – above all streaming services.
But now, the most prominent – or at least the loudest – battle is a mirror reflection of 2005, with consumers (and their regulator proxies) defending themselves against the unchecked collection, use, sharing, and sale of their personal data by brands and specialized data brokers.
The end of “maximum data”
Since recovering from the dot-com crash at the beginning of the millennium – and especially in the last ten years of big data excitement and hype – the economics of the internet and of digital business have followed Tim O’Reilly’s simple dictum: “The guy with the most data wins.”
This maxim drives the decisions of the internet platform giants. It has fueled the explosive growth of a massive ad-tech ecosystem. It has informed and shaped an entire industry dedicated to customer experience management (CEM), which primarily has meant data-driven digital marketing practices.
And it’s about to come to an end – or at least to be radically transformed. Social, economic, and regulatory dynamics are about to force and enforce a fundamental shift. From a free-for-all environment of data collection and exploitation, we are moving to a world in which protecting and respecting personal data and privacy is both a legal obligation and a winning competitive strategy.
The signs and symptoms of this shift are evident among all of the actors concerned with the use and abuse of personal data: individuals, companies, and governments. For example:
- Consumer awareness of and concern about data collection and abuse is growing. The exploding increase in the adoption of ad blockers is well known – and it obscures the fact that many people deploy the technology not to block ads (which are widely ignored anyway, with click-through rates of less than 2/10ths of one percent) but to avoid tracking and the collection of personal data. For example, a 2014 study by the Interactive Advertising Bureau (IAB) found that 77% of U.S. adults agreed that “ad tracking makes me uncomfortable.”
- Businesses discover the dark side of data. With big data comes big responsibility, beginning with the obligation to keep it secure – or suffer the consequences. Sales at Target fell 46% year-on-year in the quarter after their 2013 breach. In the UK, over 86% of surveyed consumers said they were unlikely to do business with a company that suffered a known loss of credit card data.
- Regulators insist on the primacy of privacy. The European Union’s new General Data Protection Regulation (GDPR), set to become law in May 2018, imposes significant new restrictions on the collection and processing of personal data by virtually any company that has anything to do with any EU resident. Violators can be fined up to 20 million euros — or 4% of their global annual revenue, whichever is greater. (For more on the GDPR, see our podcast and webinar.)
A new personal data economy
If “data is the new oil,” then (as we should have known all along) it is accompanied by significant collateral “environmental impacts” – resistance from consumers, regulatory restrictions, an increasing exposure to breaches, fines, government snooping – and a demonstrable failure to meaningfully improve customer experiences.
The alternative is to create for the first time a genuine personal data marketplace, in which individuals and companies can exchange data for goods and services in a series of transparent, equal, fully empowered, and mutually beneficial interactions. Data becomes a renewable resource that circulates between buyers and sellers to produce value for each. (One mature and sophisticated example of this approach is Doc Searls’ vendor relationship management [VRM] initiative.)
Our latest freely available report
My new report, “Get Ready For the New Personal Data Economy,” explores each of these drivers and dynamics in detail, provides more context on the GDPR and similar privacy legislation, and ponders the technical changes that will provide the foundation for compliance. (Compliance, that is, with both the governmental regulations and – more importantly – with evolving consumer resistance and expectations.)
Contact us to learn more about the GDPR and other aspects of the shift to the personal data economy. The movement is already underway and, I believe, irreversible. It’s accompanied by a driving beat soundtrack and a message for brands, the adtech industry, and sellers of all descriptions from consumers:
You wouldn’t steal my car.
You wouldn’t steal my wallet.
Why do you feel justified in stockpiling and selling my personal data, as if you owned it?
Privacy piracy is (quickly becoming) a crime.
Fact: The music for that anti-piracy ad was . . . pirated.