blue purple graphic


Five questions about the misuse of consumer data

Improving efficiency and reducing risk

Recent headlines have shone a spotlight on the potential misuse of consumer data. At center stage are major aggregators of consumer data such as brands, retailers, social media companies, and even government agencies. However, the reality is that any organization collecting data about consumers—especially if they share the data with third parties—may be at risk of having their data misused.

Organizations that collect, maintain, share consumer data, five questions you should be asking:

What consumer data are we currently collecting?
Despite all the ink that’s been devoted to the subject of big data, it can be eye-opening to discover just how much consumer information flows through the typical organization. Part of the challenge is that there are so many places data can come in, and so many forms it can take.

Who do we share the data with?
Organizations often sell some of the consumer data they collect, such as to an ad network or data broker. Even if it doesn’t sell its data, the organization might make it available to trading partners, researchers, marketing firms, or other parties with whom they collaborate. Consumer data also can end up with government entities of various jurisdictions.

How can we determine how third parties are using or misusing the data?
Organization often rely on written terms of service to protect the consumer data they share. Whether this is enough to shield the organization—and its consumers—from excessive risk is debatable. Certainly, companies insist on more proactive security measures when it comes to protecting their trade secrets. A similar approach may be appropriate for consumer data, especially in the current climate.

What actions can we take if we suspect the data is being misused?
Once suspected misuse takes place, an organization’s options are often limited. A common response is to carry out an audit. Organizations should embed the right to a broad-based audit into the contract they use when selling consumer data to or otherwise sharing data with a third party. Otherwise, they may find themselves in the position of having to ask for the third party’s cooperation, and potentially being turned down.

How can we improve governance and controls around consumer data?
First, it’s worth asking whether your organization should even have some of the consumer data it collects. This may sound counterintuitive—after all, organizations are constantly urged to create a personalized experience for consumers, and data is a key to effective personalization.

Five questions about the misuse of consumer data
Did you find this useful?