What’s the Price on ‘My Data’? Let the Marketplace Set the Rate

A bipartisan bill in Congress would assign the U.S. Securities and Exchange Commission with the task of determining what consumer data is worth; at least when it comes to Big Digital giants. So what’s my data worth?

A bipartisan bill in Congress would assign the U.S. Securities and Exchange Commission with the task of determining what consumer data is worth; at least when it comes to Big Digital giants. So what’s my data worth?

On the face of it, having the government mirror the private sector, and recognize that consumer data is a valuable asset, is actually quite wise. Data is worth something — and accounting rules, risk management, capitalism, and a reverence for asset protection — all point to a need to understand data’s worth and secure it accordingly. But should the government come up with the arithmetic? Really? And why limit this to Big Digital … data drives all economy sectors!

If this is about commerce and productivity, and facilitating next-generation accounting and capitalism, then I’d be all gung-ho. If it’s about setting the stage for just being punitive, then perhaps we can and must do better.

Take privacy. I’m already getting click fatigue — with permission notices on every site I want to visit, as well as the apps I use, it’s no wonder people are questioning if laws like GDPR and CCPA really afford any meaningful privacy protection at all, as well-intended as they may be. Privacy is personally defined — though universal principles need apply. Again, I think we can and must do better.

Recognizing data’s value — as the fuel for today’s economy — means recognizing data’s limitless beneficial uses (and encouraging such uses and further innovation), while putting a no-go ring around unreasonable uses (like throwing elections).

Business Efforts to Calculate Data’s Worth

“My data” is a misnomer. On the data valuation front, we from the direct marketing world — purveyors of personally identifiable information (PII) — have been putting a price on data for years … and understand data’s value, intrinsically. Big reveal: It’s not about me. (Sorry, Taylor Swift.)

Worldata, for example, has been tracking list prices for decades, and dutifully reporting on this. In the world of direct response, there’s “sweat equity” in both response and compiled lists. For response lists, some enterprise built a list of customers (or donors). The value of that list is derived from the shared attribute those customers have – and not, as some privacy advocates would have it, with the sum of one individual after another appearing on that list. With compiled lists, observable data is harnessed and staged also for marketing use – providing a more complete view of prospects and customers. Again, the value is derived from the attributes that data subjects share.

Even in digital data driving today’s media placement for advertising (more accurately, audience placement) — the algorithms deployed in search, social, and display — the values of these formulae are derived from affinities in these proprietary calculations, much of it anonymized from a traditional PII perspective. Yes, there are lots of data — nearly $21.2 billion in U.S. trade alone — but it’s not hoarding; it’s being put to productive use — in effect, 1:1 at mass scale.

With any innovations, there are bound to be mistakes by good companies, and some bad players, too. But it’s amazing to see how the marketplace weeds these out, over time. The marketplace, in time, weeds out the wheat from the chaff. The industry comes up with brand safety, privacy, security, chain-of-trust, and other initiatives to help facilitate more transparency and control. And testing shows which data sources are timely and reliable — and which ones where data quality is in question.

Predict This: Data Unleashed for Responsible Use Unleashes Consumer Benefits

Recently, I heard a current federal official say that data may be fuel — but it’s not like oil. Oil is finite. Data, on the other hand, is a limitless resource — like fusion. And it can be replicated. In fact, he went on to say, the more it is shared for responsible data use, the more consumers, citizens, commerce, and the economy benefit. This is correct. The commercialization of the Internet, indeed, gave us today’s global Digital Economy — giving billions access to information where they are able to derive limitless benefits.

That’s why potential breaches of data do need to be risk-assessed, prevented, understood for a likelihood of harm — with data governance and employee training thoroughly implemented. That’s also why government should investigate significant breaches to detect lax practices, and to instruct enterprises how to better protect themselves from bad actors. Here, I can see a viable SEC role, where all publicly held companies, and privately held too, are called into question – not just one type of company.

Where privacy is concerned … don’t just divide Big Digital revenue by the number of users with social accounts — and start menacing on what data about me online may be worth. That immediately starts off with a false assumption, fails to recognize information’s exponential value in the economy, and denies the incredible social benefits afforded by the digitization of information.

The Digital Advertising Alliance (a client) conducted a study in 2016, and found that consumers assign a value of nearly $1,200 a year to the “free” ad-financed content they access and rely upon via digital and mobile. However, if they were forced to pay that amount – most would not be willing (or able) to pay such a premium.

This research shows why we need to protect and facilitate ad-financed content. But it’s part of a larger discussion. It’s about why the commercialization of the Internet has been a 25-year success (happy birthday, October 24) and we must keep that moving forward. As consumers, we all have prospered! Let’s start our discussion on data valuation here.

 

Authentication Alliance Marks Data Privacy Day With Consumer Trust Best Practices

To mark World Data Privacy Day, Jan. 28, the Authentication and Online Trust Alliance published its top 10 list of privacy principles and business practices. These practices, many of which have been widely adopted by AOTA members, are calls to action for companies to help maximize consumer confidence and ultimately spur economic growth.

To mark World Data Privacy Day, Jan. 28, the Authentication and Online Trust Alliance published its top 10 list of privacy principles and business practices. These practices, many of which have been widely adopted by AOTA members, are calls to action for companies to help maximize consumer confidence and ultimately spur economic growth.

To me, it’s pretty simple: Adopt these principles or suffer the consequences of a consumer trust meltdown. And that could invite regulation, according to AOTA Founder/Chairman Criag Spiezel. Here’s what the group recommends you do, edited a bit:

1. Ensure all privacy policies are discoverable, transparent and written to ensure consumer comprehension, accessible from every page of a Web site and/or e-mail.

2. Periodically contact users and provide them with your company privacy policy upon any changes for their review; allow for provisions for consumer choice or their data usage.

3. Establish and publish procedures for data collection, transfer and retention; perform third-party or self-audits for compliance.

4. Support collaborative, global, public-privacy efforts to increase consumer awareness and education, as well as the adoption of fair information practices and privacy/security regimes (e.g., the appointment of a national chief privacy officer).

5. Support self-regulatory efforts to adopt standard data retention/use policies.

6. Set and publish standards of privacy, security and data retention policies with clear accountability between first-party sites and third-party content providers and advertisers.

7. Create response plans for accidental disclosure of personal information and data breaches, including notification to consumers and governmental agencies. Provide relevant remedies to consumers (e.g., no-charge credit record monitoring services to those affected, or other remedies as appropriate).

8. Commit to authenticating all outbound e-mail with Domain Keys Identified Mail and/or Sender ID Framework to combat forged e-mail and potential privacy exploits within six months.

9. Transactional sites should adopt Extended Validation Secure Sockets Layer Certificates within six months or upon existing certificate expiration.

10. All consumer-facing sites should obtain privacy certification and seals from third-party providers or other third-party consumer dispute resolution mechanisms.

More details can be found here.

Are you following these best practices? If not, why? Let’s start a dialogue on the subject. Post a comment now.