Building trusted relationships
Businesses run on trust. No matter how you cut it, the wheels of commerce are greased by promises, good will, and the potential for legal consequences.
Our personal and work lives are surrounded by electronic gadgets that can automatically log, record, and preserve our actions for posterity.
Data collection and analysis is nothing new. Governments and large businesses have been widely using these tools for 30 years. What has changed recently is the sheer volume of retained data collected automatically, and the potential for extracting value from that data.
Retailers and financial services firms have turned client data analysis into a very profitable art form over the last few years. Customer rewards programs are often little more than data surveillance of clients, sugar coated in marketing fluff.
So called “big data” technologies, which analyse huge volumes of disparate corporate data to look for patterns and trends, are now becoming more widespread.
As Charles Duhigg covers in The Power of Habit and this New York Times article, major US retailers are already profiling and predicting customer behaviours to extraordinarily creepy levels. He outlines instances where retailers are routinely “concealing” the true extent of knowledge that the retailer has about their customer’s life situation, to avoid customers realising that they are under surveillance.
Within Australia, the federal government has 10 Privacy Principles which focus primarily on the collection and use of customer data.
While the privacy principles are clearly well intentioned, with a prime directive of “only collect information that is necessary”, it is easy to see why “big data” companies like Facebook and Google are based outside Australia.
I think we all know people who should be sharing less of their lives on Facebook. For many businesses, the ease with which employees can deliberately or inadvertently share confidential information is also an area of major concern.
While it is technically feasible to restrict access social media websites via work computers, and many large businesses certainly do block them, this approach can easily have unintended consequences. The most likely outcome is employee frustration, and attempts to find ways around restrictions. Employees can easily bring their own laptops and tablets into work, and connect to social networking sites via telco 3G services.
If anything, completely restricting corporate access to social networking sites is likely to encourage employees to work using their personal devices, and transfer corporate data onto fundamentally less secure systems – so that they can continue to work productively without constantly switching between systems.
Rather than rely on blunt website restrictions, it is far more productive to design business processes and IT systems to reduce the risk of data loss, and ensure employees are trained to understand the associated business risks and how to avoid problems.
Further complicating matters is the mess of laws that govern workplace privacy issues across Australia. Each state has their own legal regime covering workplace surveillance, which includes email and website monitoring.
In NSW, businesses need to clearly inform employees of policies around monitoring, and who will be able to access the data. In Victoria, businesses need to go further, and seek explicit consent from an employee.
The impact of the woeful legal mess is neatly summarised in this cute, interactive map of the legal quagmire of privacy legislation enacted around Australia.
Privacy issues essentially boil down to an issue of trust. Rebuilding shattered trust can be an expensive exercise. Business leaders should very carefully consider how their use of customer data will be perceived in the market, and how social media tools and cloud based web applications might be safely integrated into their employee’s work.
Sign up now »
This research paper presents findings on APT-related spear phishing from February to September 2012. We analysed APT-related spear-phishing emails collected throughout this period to understand and mitigate attacks. The information ...
"Suggesting that people's "purpose is to get information to flow through the ..."
Why change management doesn’t work
"Darn those pesky laws that get in the way of commercial exploitation ..."
Larry Page wants to see your medical records
"Instead of partitioning the device between corporate and personal data, another approach ..."
Dual-Persona Smartphones Not a BYOD Panacea
"Well that's a nice back-handed compliment isn't it? So now, finally, my ..."
After two-year hiatus, EFF accepts bitcoin donations again
"Actually, both Mobile App developers and CIOs should be blamed for it. ..."
CIOs struggle to deliver timely mobile business apps: survey
- AusCERT 2013: Introduction to Network Security Monitoring with Security Onion - AusCERT Presentation
- Auscert 2013: Perimeter protection has failed, encryption needs its day in the sun
- AusCERT 2013: Low-level analysis can find, map data deleted from Android phones
- Cybercrime Survey: Almost half of small business victims
- AusCERT 2013: Cloud-based scanner identifies new malware by its ancestry
- Lack of information, skills hinder finance-business partnering: Deloitte
- Rapid-growing mobile payments market is driving a financial fraud marketplace
- HP profit falls 32 per cent as PC and server sales decline
- Google launching new fund for later-stage tech investments
- Apple defends offshore decisions that result in low taxes