Alex Calic (alex@themediatrust.com) is Chief Business and Technology Development Officer for The Media Trust in Washington, DC, USA.
In 2018 alone, some of the world’s most recognized brands in air travel, hotels, social media, entertainment, retail, restaurants, and credit reporting (and this is by no means an exhaustive list) made the headlines because of data abuses and breaches involving their digital third parties. All told, more than one billion consumers around the world were affected.
Data is money…and under more and more regulation
Data is money. These companies were attacked or exploited because they process a trove of data on consumers through their sites and mobile apps, some of the most efficient tools for gathering behavioral and personal information. But how much of that data do users knowingly part with? And, how much of that data do companies knowingly collect? As the movement for data privacy laws picks up steam, companies should know what happens to users when they visit their websites or use their apps. They should know what information is collected, how, and why. Because if companies violate a law like the EU’s General Data Protection Regulation (GDPR) or the landmark California Consumer Privacy Act (CCPA), costs could soar—to the tune of 2%–4% of your total worldwide annual revenue under GDPR and, in the case of a breach, $7,500 per user under CCPA. Whether the result of hacking or the misuse of consumer information, a data scandal that hits the headlines and damages consumer trust would cost even more.
From an ethics standpoint, companies should not only know but care about what happens to their users. As regulations grow in numbers, the companies that do well will be those that do right by the people they serve face to face and online. Compliance professionals are on the hook to stay on top of how the fast-changing digital ecosystem works and how it helps and hurts people.
