Information Ethics and How to Instill Them at Your Company


The enactment (or update) of data privacy regulations like the Australian Data Privacy Act, European Union General Data Protection Regulation (GDPR), and the California Consumer Privacy Act of 2018 clearly demonstrates that consumers around the world are concerned with how companies use their data.

It’s gotten to the point where the concept of data and information ethics is now on the minds of organizations’ most senior executives. When someone like Apple CEO Tim Cook claims “Our own information … is being weaponized against us with military efficiency,” we should pause for a moment and take notice. Obviously, something serious is going on, but what does it mean?

What They Mean by Data Ethics

Ethical behavior simply means doing the right thing. With data, there are several implications and ways you can look at that requirement.

  • Are you using personal information in the manner which you told the owners you would?
  • How are the insights you are gleaning from the information being used? Is it in any way illegal or improper?
  • Are you protecting the information from misuse, damage, or theft?
  • Is the data accurate, up to date, and compliant with regulations?

Data privacy rules exist for many reasons. Companies rely on data more than ever to conduct business. Data holds monetary value if hackers, insiders, or other thieves get their hands on it. That data can also be used for unintended purposes by organizations, as we poignantly learned in the case of Cambridge Analytica and the company’s use of more than 50 million Facebook users’ data.

Equally as important, data owners—your customers—have caught on to the fact that their information was being used for far more than they are comfortable with. It’s no surprise that 2018 has been a year of blooming data privacy laws, and that trend stands to continue into 2019.

Socrates and Wisdom
The ethics of Socrates and other ancient philosophers have a place even in the New Information Age. Photo by: Carlo Raso

Getting Ethical

Complying with these regulations is powerful incentive to take a formal data ethics approach at your organization, but it shouldn’t be your primary driver. Treating people’s data seriously and only using it for your stated business purposes shouldn’t require a data privacy regulation. It just makes good business sense to protect your customers.

But how do you apply data ethics at your organizations?

We will be speaking November 14th at the Culture & Governance in Financial Services conference on the topic. The session, “Implementing technologies to address regulation and compliance,” will dive deeper into practical application and attainable outcomes, but we wanted to share a few ways Nuix can help you be good data stewards ahead of time.

Build Ethics by Design

Information ethics begin by creating programs, activities, systems, and information structures with the goal to minimize harm and maximize value. This requires the technology and processes to handle data throughout the organization consistently, securely, and efficiently.

Involve the C-Suite

Executive leadership must buy-in and be willing to step in to negotiate between different business functions or workgroups that might have different values, standards for ethical behavior, or even use different frameworks for dealing with sensitive data.

Understand Your Data Landscape

Take a structured, formal approach to discover, investigate, and govern your unstructured data to reduce cost and risk, and add value by using a repeatable, documented process. Understanding what data you store, where it is, how it’s used, and who is responsible for it goes a long way toward establishing a viable ethical framework that the whole organization can abide by.

Red Team Your Use of Data

Figure out how someone might exploit your data by employing (or creating) a ‘red team’ to apply a critical eye to you approach and explore potential misuse of that data. As business people, we often get so focused on the positive outcomes that we don't stop and take that cynical look. It isn't until one person asks the basic "doh" question that you see it. You can have the best business model and the most sincere intentions, but the type of data you’re collecting or sharing could be used for unintended and completely unforeseen reasons.

Build on a Proven Platform

Developing data ethics isn’t a simple matter of buying and installing a piece of software. However, Nuix is a platform that you can build on to start down your pathway to better information management, data privacy, and efficient data handling.

Data privacy laws are going to continue evolving, and the cost for non-compliance—or, worse yet, data loss or damage—can be measured in more than just fines or penalties. Find out more about how Nuix can form the foundation of our new data ethics approach. Come hear our discussion at the Culture & Governance in Financial Services conference in Sydney, Australia, or contact us to schedule a demo today.

Investigation
Information Governance
Posted on November 8, 2018 by Stephen Stewart, Brian Tuemmler