5 Challenges of Ethical Data Stewardship

The pressure is mounting.

Data privacy regulations are constantly evolving, and customer preferences and expectations are high and on the move. That means businesses want to provide hyper-personalized experiences, but they also need to ensure they’re using, sharing, and protecting customer data with the utmost integrity.

And with the rising focus on environmental, social, and governance (ESG), businesses can no longer rely on quality products alone to win and maintain the support of customers, employees, and investors. All parties want more visibility into organizational commitments behind the scenes. They want to look at ethics.

I recently sat down with Ian Murphy of the Enterprise Times to chat about just that – the huge increase in demand for demonstrable ethics from organizations, and the resulting explosion of data-related job titles at the C-suite level (Chief Data Officer, Chief Privacy Officer, Chief Compliance Officer and Chief Ethics Officer, etc.).

Ultimately, these changes will help organizations satisfy ever-changing privacy regulations and customer preferences, but there are challenges to consider throughout the ethical data stewardship journey.

Let’s look at five of those challenges here – and for even more on this topic, be sure to read the full Enterprise Times article.

Learn more

Challenge #1: Defining “privacy”

From GDPR to CCPA and other pieces of legislation in between, there’s been a lot of effort on the technical end to answer the question of, “what is personally identifiable data?”

But privacy, on the other hand, isn’t quite as technical. It’s softer and affected by a range of other factors.

When we look at data from a privacy perspective, we have rules to follow and requirements to address. But then, we also need to think more about the holistic approach to privacy compliance and really understand, what’s the intention here? Why are we processing this data?

Privacy advocates have been asking that question of why for quite a while now – and for many organizations, it’s not easy to answer. They know data is key to the business, and personally identifiable information is key to engagement with customers. But nailing it down to specific use cases that can be codified gets tricky.

I often look at this from two angles:

• The legal angle: this is set out in legislation as well as the operational aspects of the program
• The privacy ethics angle: this is so important, and I’m very committed to it. Asking questions about, what is the intention of this process? Why are we collecting this data? How are we using it? Is it an ethical thing to do?

That ethics angle presents challenges of its own, which we’ll cover next.

Challenge #2: Approaching the ethics question

Ethics is a tough topic. We can’t code it, and every individual human can have a different interpretation. So how do we communicate and integrate that into organizational culture?

The difficult truth is that privacy and compliance are moving targets. I‘ve worked in a number of different spaces and the complexities of these rules and being able to manage a program across multiple jurisdictions. It’s tough, and it’s dynamic. There’s no finish line there.

In terms of Precisely, we’re a leader in data integrity – that is, data with accuracy, consistency, and context. To us, that leadership obligation extends to ethical data stewardship. Our program is aligned with meeting our legal requirements, but we continually look at ways we can improve and do more.

Part of that is thinking more broadly about the Precisely ecosystem. We don’t have direct relationships with individual data subjects, rather, we’re providing tools to support that data integrity vision.

Applying a privacy ethics lens to that, to me, means always evaluating and looking for areas of improvement, like: can we do something else more transparently? It’s also important to look at ways to plant that seed of thinking ethically about what we’re doing.

Challenge #3: Managing third-party data

Third-party data can be an invaluable enrichment tool that unlocks new possibilities for organizations. But extending ethical controls to that data can be difficult.

• How was that data gathered?
• How will partners use the data you’re providing?
• What about data that comes as part of the acquisition of a company?

At Precisely, quality data is part of our brand promise. It’s about data integrity, and having data you can trust to fuel powerful, confident decision-making. So in that alone, there’s an ethical piece – because on the other side, making decisions on erroneous data leads to bad decisions. We’re already aligned to trying to do the right thing and making sure that there’s high-integrity data out there to work with.

When it comes to managing third-party data, we have principles that we follow and compliance expectations:

• We do our due diligence in considering the suppliers of our data.
• We have contracts with obligations.
• When it comes to our mergers and acquisitions, governance and ESG practices are part of our consideration criteria.
• We’re not in the business of the linking of personal data. It’s really a different focus than perhaps other companies. We’re focused on trying to provide context for companies to understand their data, and to be able to make better, more confident, business decisions.

Challenge #4: The risk of data enhancement

Even with those principles in place, there’s still an interesting issue over data enhancement. While we provide data for customers to use when enhancing and enriching their data, we need to consider that the more data enhancement, the less privacy there may be.

That’s why our team at Precisely is actively engaged with empowering our customers to do the right thing. We’re constantly maturing and reevaluating our approaches and always looking at how we can positively impact the data enrichment ecosystem.

Customers are very focused on data integrity, and the interest in ESG across the data industry is aligning it with ethical activities. We have an ESG commission at Precisely, of which I’m a member, and privacy is part of that core set of strategic ESG initiatives.

Challenge #5: Framing data ethics for the business

Let’s talk about defining the ethical management of data – seemingly the biggest challenge for many businesses. Here are two steps to consider:

1. Provide prompts at various points throughout the data lifecycle – think privacy impact assessments and as part of privacy by design.

With a website, for example, there are checklist items like stopping information from being shared and ensuring that the targeting cookies are off, by default. But the question is: is our approach to collection of the data ethical when you look at the lifecycle of personal data from start to finish?

2. Incorporate multiple perspectives. Get all stakeholders thinking about data ethics. I’m thrilled to see that level of caring, commitment, and engagement around this at Precisely.

It’s an issue of cultural values and having a foundation for building an ethical perspective. I think it’s harder to achieve at some organizations because they don’t necessarily have the same kind of DNA in the company.

Ultimately, increased innovation means greater pressure to ensure you’re handling data ethically – there’s really no way around that.

Organizations rushing to fill those C-suite data roles are making great strides in gathering the new areas of expertise that they need, but it’s important to remember that the ethical data stewardship journey is a marathon, not a sprint.

Changing regulations and expectations on ESG related initiatives will continue to guide the way we work and make decisions. To move faster, remain compliant, and accurately demonstrate and quantify your commitment in this area, your data strategy needs to prioritize data integrity. Find out how our team at Precisely can help.

Over two virtual days, Trust ‘23 – the Data Integrity Summit, brought together global data leaders, analysts, and experts to share trends, challenges, and opportunities happening in the industry.  And great news, all of the content is now available on demand! Learn more.

Author’s note: this article about data integrity has been adapted from an article originally published in Enterprise Times UK.com.