LinkedIn recently announced changes to restrict access to its developer application programming interfaces (APIs), stating, “It’s a matter of members’ trust.” The new LinkedIn rules specify that, starting in May, the only actions you can take without being a vetted partner are signing in with LinkedIn and sharing your profile, publishing posts to LinkedIn, and publishing posts to your LinkedIn company page.
The privacy-related changes, which include restrictions on information access and information sharing, underscore the challenges of protecting user privacy while attempting to mine useful data for insights. Can both be done?
The massive explosion of human data, or human-generated big data — from texts and images to audio and video spinning around in social media, Facebook, Amazon, blogs, and data from the Internet of Things — offers potentially valuable intelligence. But there is a dark side to this 360-degree big-data view. Who could forget Target sending a personalized baby product coupon — based on prior purchasing patterns — to a pregnant teen’s home before the girl’s family knew she was pregnant?
Here are seven founding principles surrounding consumer privacy that organizations should consider as they process and analyze human data.
1) Nothing is more important than consumer trust
Companies must handle personal data responsibly, be transparent about what the organization is doing with social data and enable user control. As we become more connected, both socially and through Internet-connected devices, this imperative is growing.
2) Data ethics comes before big data technology
Trust is the hallmark of social data analytics, and organizations need to keep the consumers in mind as they analyze the data. Unethical use of consumer data can quickly break that trust, undermine customer relationships—and potentially expose the company to significant brand damage. Consider ride-sharing service Uber, for example, which endured criticism when an Uber executive was caught tracking a reporter’s movements on her way to a meeting.
4) Create data governance and retention controls
Every organization involved in human data analytics needs to adopt an active policy that defines data retention limits and periods. Call it the right to be forgotten, by design.
5) Market-level analysis — aggregate and anonymize for big insights
Human data analytics does not have to contain personally identifiable information (PII) in order to create valuable insights. However, Latanya Sweeney, director of the Data Privacy Lab at Harvard University, has demonstrated that 87 percent of people in the U.S. can be uniquely identified by the combination of just three facts about them — ZIP code, age, and sex. To prevent the re-identification of individuals, data must be aggregated and anonymized.
6) User analytics through opt-in for small insights
Social logins have become standard, with everyone from Airbnb to American Express allowing users to quickly register and log in with their existing social identities, such as Facebook, Google, or Twitter. The small insights that can be derived from this data enable better personalization, product recommendation, and a better user experience. The keyword here is permission. The consumer needs to be in control about whether they share their data.
7) Protect minors
The message is simple and clear: Human data analytics should never include those below the age to consent. The Children’s Internet Protection Act (CIPA) and other legislation prohibits unauthorized disclosure, use, and dissemination of PII regarding minors.
A privacy-first approach to human data analytics is good for everyone. By keeping consumer interests top-of-mind, offering strong privacy defaults and empowering user-friendly options, businesses can build trusted consumer relationships. In other words, a user-centric Human Data privacy approach ensures companies stay on the right side of the creepy line.
Tim Barker is chief product officer at DataSift.