There probably won’t be a TLC reality show about it anytime soon, but the concept of “data hoarding” is real, and it’s about to be declared illegal in South Africa, according to an article last week by ITWeb SA. The story concerns the imminent implementation of the Protection of Personal Information (POPI) Act, which stipulates that “data may only be processed for as long as there are clear and defined business purposes to do so” (italics mine).
If you haven’t heard the term before, here's how “data hoarding” is defined, according to Michiel Jonker, director of IT advisory at Grant Thornton:
“The gathering of data without a clear business reason or security strategy to protect the underlying information.”
Implication #1: Data hoarding legislation could spread to other countries
This is big news for organizations doing business in South Africa, as well as data-watchers outside the country: marketers, data scientists, strategists and anyone whose business depends on collecting, processing, using and storing data.
This means you.
“We are all data hoarders. Data is hoarded in electronic and non-electronic formats and, with the emergence of the Internet of Things, machines are also creating data. People also have a tendency to multiply data by sharing it, processing it and storing it, says Jonker. “The problem with data hoarding,” he says, “is it attracts flies. As data is being referred to as the new currency, big data also attracts criminals.”
I asked Judy Selby, Partner, Baker Hostetler and an expert in data privacy law, whether legislation such as POPI could ever be adopted in the United States. She believes that it could. “Some of our privacy laws have criminal penalties, so it’s not unheard of," says Selby. "In the context of data hoarding, especially involving a data broker, I suspect if there’s a big privacy or security incident associated with the data, some of the more active states in this space (such as California, for example) might make a move in that direction.”
Implication #2: Data hoarding legislation and risk avoidance put pressure on data strategy
This piece of legislation gets at a particularly thorny issue for data scientists, ethicists, and marketers—really anyone interested in balancing the twin imperatives of extracting insight and fostering trust. To extract the most useful insights, develop the most personalized services, run the most effective and efficient campaigns and organizations requires data—lots of it. It’s not always possible to anticipate what is needed, so the natural impulse is to store it until it comes in handy.
But to protect privacy, and reduce what Jonker refers to as a company’s “risk surface,” we actually need to collect as little data as is practically necessary, and only for uses that we can define today. POPI lays down the law for that decision in South Africa.
Implication #3: Organizations should address security and define use cases now
Organizations should look closely at the two main tenets of the POPI legislation--clear and defined business reasons, and security strategy—for leading indicators of issues that may crop up in other geographies.
Both tenets are challenging, partly because of the potential multitude of business cases for data, and because of the many and disparate data types available. While security strategy may be the most obvious (albeit challenging) first step, we would also recommend early thinking on future uses of big data, including IoT (sensor) data.
My colleague Jessica Groopman’s research report, entitled “Customer Experience in the Internet of Things,” published today, offers excellent examples of how organization are using IoT today, and how they may do so in the future. Reading this report is a terrific first step toward envisioning how such data might be used in the enterprise.
We’ll be watching this space closely for future developments, and suggest you do the same.
A new law banning the collection of personal information in South Africa could influence legislation in other countries as well.
This year’s results have troubling implications for the technology industry.
In this one-hour webinar, Susan Etlinger shares a framework on how to 1) extract insight from data and 2) in a way that engenders trust.
A look at what we give up and gain when we allow our lives to be turned into sources for data.
Here are five data questions about the Super Bowl that we’d like the answer to.
This document is just a first step toward setting context for the many disruptions of ubiquitous and complex data, but it includes preliminary frameworks to help us examine these issues in more detail.
In my last post, I discussed some themes for 2015, one of which was an imperative for us as an industry to get serious about digital ethics.
I’m not generally a fan of annual predictions; they always remind me of a carnival in which you’re encouraged to “pay no attention to the man behind the curtain”; you almost never win the giant teddy bear.
In a moving talk, she explains why, as we receive more and more data, we need to deepen our critical thinking skills.
We’re pleased to announce that Susan Etlinger, Brian Solis and Rebecca Lieb are each speaking at this year’s event.
In this one-hour webinar, analyst Susan Etlinger explores the phenomenon of “TV Everywhere” and shares findings from her recent report, Data Everywhere.
During the past several years, the television industry has changed dramatically, spurred by device proliferation, changing distribution methods, and the increasing popularity of social media.
By now, you’ve probably heard that data scientists at Facebook recently published a study in The Proceedings of the National Academy of Science…
To learn more about the state of social media command centers, Altimeter Group spoke with three organizations — MasterCard, eBay, and Wells Fargo Bank.
Late last year, I started wondering about social media command centers. Salesforce had launched one, as had Brandwatch, but I wondered: were they really still relevant? Were companies investing in command center deployments, or had interest subsided since their heyday in 2010?
In the past year, social data has continued to wend its way into organizations of all types, from large enterprise to small business to media and entertainment and the public sector. We’ve seen use cases far past marketing into product and service quality, entertainment programming, customer service, fraud detection and a host of other examples.
In this report, industry analyst Susan Etlinger demonstrates how leading organizations are deriving actionable intelligence from a holistic view of social and enterprise data.
I spend a lot of time reading and thinking about social data: what it is, what it isn’t, how to measure it, where it’s going.
The volatility of social data and the pace of change mean that tried-and-true measurement methods are no longer enough. Social data is different.
Everyone talks about the challenges of measuring the revenue impact of social media, but how are top brands actually doing it? And are they successfully measuring ROI?
Wherever I go, the question I hear most often is this: “What is the ROI of social media?” Even though most companies we’ve surveyed have a brand monitoring solution in place, few have yet to crack the measurement code. It remains one of the most stubborn challenges for the social business.