Personal data will be an increasingly important aspect of many companies’ interactions with their customers and with each other. There are going to be an estimated 1 trillion devices connected to the internet within the next three year, and many of those are going to be mobile devices or part of the Internet of Things. Such devices create and rely on a constant stream of personal data about their users and the world around them. Soon it will be possible to capture the locations, preferences, and lifestyles of the vast majority of people in both developed and developing nations.
We’re all familiar with the recent security breaches in numerous online services: some companies are failing in their duty of trust to users with regard to personal data, and this will, in time, create an atmosphere of distrust, which may limit the possible benefits of personal-data-driven markets.
A recent report by the World Economic Forum considers these issues and makes a number of recommendations about how stakeholders, who will have to deal with the coming avalanche of personal data, can be best prepared to rebuild and maintain trust.
The report identifies three main groups of stakeholders: individuals, corporations, and governments, and suggests that a dialogue between them should focus on three major areas.
Firstly, how can data be protected. Those involved in holding personal data must devise and institute best practices that will ensure that personal data does not escape into the wild to be exploited by identity thieves and other bad actors. This seems like a no-brainer, but we hear time and again of companies and government organizations that have failed to incorporate even basic password security measures like salting and hashing, or accidentally leave thousands of people’s records on USB drives or laptops in public places.
Secondly, what rights do individuals have with regard to their personal data, and what responsibilities do organisations have with respect to individuals. The personal data industry exists to offer services that make a profit. But a balance must be struck between monetizing data and the privacy rights of individuals.
Thirdly, accountability and enforcement. How can incompetent or rogue organisations be brought to task for their misuse of personal data?
In the coming years this will be an essential dialogue, and it will need to be entered into in good faith by all stakeholders. The changes in the nature of privacy and personal identity that will occur at the juncture of mobile computing, the cloud, and Big Data analytics will have a significant effect on society.