Deputy Data Protection Commissioner, and James Bond fan, Rachel Masterton explains how data protection can be beneficial to lasting innovation.
It has often been said that data is the new oil, fuelling the development and diversification of the twenty first century economy in much the same way as oil did in the eighteenth century. And there are aspects of that comparison that are true.
Data, including data about people, is being used in innovative ways to support and enhance the economy, providing products and services we would not have thought possible only a few years ago.
Data is, for many, an asset that when put to work can drive success, sustaining and growing the Bailiwick’s economy.
However, the oil analogy falls down when it is recognised that data is a renewable asset rather thana resource that can be used only once and is then lost. The dot com bubble can be seen as an example of an unsustainable business model – an approach to business development that looked more at making money quickly than seeking ongoing, stable growth.
Some prominent people, including the President of the Centre for Information Policy Leadership, have re-evaluated the oil analogy and, in this world of sustainability, have instead likened data to sunshine – something that is everywhere and when harnessed well can produce results that endure. And if we want to take that analogy and run with it, if the sun was to be extinguished suddenly, it would take eight and a half minutes for us on Earth to realise and for panic to ensue.
How long would it take before chaos reigned if the global telecommunications network was snuffed out?
So how do organisations make the most of the personal data they have in a way that enables them to endure? Let me propose data protection as a means of driving innovation. I realise that that may not be the universal belief and that data protection is often cited as blocker to innovation but bear with me - I will explain.
Data protection is about knowing what data you have, what you are doing with it and why. The same factors you need to think about when putting together your business model. You don’t want to hold more information than you need. That just leads to more that can go wrong if you have a breach and costs more financially, logistically and environmentally than if you worked with a lean, focussed dataset.
Data protection requires you to explain to customers and potential customers what you do with their personal data. Cisco’s 2024 Customer Privacy Survey* found that 75% of consumers would not purchase from organisations they do not trust with their data.
By providing timely, clear information to customers and potential customers you are building their confidence in your organisation and fostering the trust so many need to have when their data is at stake.
Data protection legislation also lays out the concept of data protection by design and default. In essence, thinking about data protection from the outset of a project rather than at the end - baking good data governance in from the beginning. I have heard organisations claim that finding someone’s information in response to a data subject access request is too tricky, that it is spread too widely.
Data protection by design and default helps you structure your data in a way that makes complying with such requests easier.
And, if you can’t find the information when someone makes an access request, are you making the best use of it for your business? You cannot leverage opportunities if they are lost in a myriad of different systems.
It is a legal requirement to comply with data protection legislation. That much is true however you view it. But with a change in approach, you can see how data protection can underpin the success of your business, providing a firm foundation on which to innovate and develop further.
A licence to innovate, if you will.
* https://www.cisco.com/c/en/us/about/trust-center/consumer-privacy-survey.html#~key-findings