Data mining is a widespread but controversial practice. For many, the phrase stirs up memories of the Cambridge Analytica scandal or fears of a surveillance state. At the same time, it can improve many crucial services like fraud detection and personalized health care.
Ethical data mining seeks to gather and use information to help consumers while protecting their privacy as much as possible. That typically involves collecting less data, obfuscating it, being transparent about collection policies and requiring user consent. It’s an important step forward in analytics but a challenging one.
Here are five significant obstacles to ethical data mining we must overcome.
1. Convenience vs. Privacy
The biggest issue in ethical data mining is the battle between privacy and effective analytics. Artificial intelligence (AI) and other technologies typically work better with larger data sets, but that means potentially putting more information at risk. Consequently, businesses often face a choice between making a service convenient and respecting users’ privacy.
Personalized health care is a prime example of this issue. Medical organizations can offer more personal services, ensuring better patient outcomes, if they gather more data on patients to understand their unique situations. However, health care data breaches are becoming larger and more common as information technologies in the sector grow.
If collecting more data would mean better services for the customer but a possible breach of privacy, which path do companies choose? Which is better for the end user? Striking a balance between these two sides is far from easy.
How to Overcome It
Balancing these seemingly contradictory sides begins with understanding what data an organization actually needs. Hospitals may require patients’ medical history to offer personalized care, but they don’t need to store names, addresses, web browsing behavior or financial information.
Consequently, they can protect patients’ privacy by only collecting the data they need and replacing identifiers like names with other identifiers. That way, they can keep track of records within the hospital, but the information would be meaningless to an outsider. Other organizations can follow similar practices. Only collecting essential data and obfuscating personally identifiable information (PII) will ensure privacy while enabling effective analytics.
2. Legality vs. User Expectations
Another dynamic complicating ethical data mining is what’s legal and what users think is fair. Some companies may think their information collection policies are moral because they meet regulatory guidelines, but their customers could think otherwise.
TikTok asks for users’ permission to collect and use their data, but it asks for more than it needs, according to some inside sources. Consequently, while its practices may be legally safe because they have user consent, some people may feel the company has misled them. That clash can create a public backlash and reduce consumer trust.
Laws like Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) provide a baseline for privacy in data mining but aren’t complete. Many use language like “sufficient protections” and “reasonable privacy,” but those are highly subjective terms, so they don’t offer much guidance. Businesses that use these as their sole measure of ethical data mining may still unintentionally breach users’ trust.
How to Overcome It
The first step to addressing this ethical data mining challenge is to be upfront about what a company collects and why. Businesses shouldn’t hide this information behind long blocks of text in a user agreement, either. Apps can give users a brief overview of what information is gathered and why, linking to a page with in-depth explanations if users want to know more.
Organizations should also pay attention to user opinions. Businesses must watch for what similar companies face backlash over and survey customers about what kinds of data mining they believe are reasonable and fair.
More than half of all consumers are willing to exchange data with businesses as long as there’s a clear benefit, but 77% say transparency around how it’s used is important to that decision. Involving them in the process by collecting feedback will help establish more trust.
3. Third-Party Risks
Third-party practices also pose a challenge to ethical data mining. A company may be fully transparent in its own data practices but pass information to a less secure or moral third party. Businesses have little control over their partners’ policies, so ensuring an entire data ecosystem meets these standards can be difficult.
Take marketing, one of the biggest uses of data mining, for example. An agency may only analyze the minimum information necessary to create relevant ads, ask users for their consent, obfuscate data as much as possible and meet all regulatory guidelines. However, if the social media platforms it gathers this information from or any other tools it uses don’t adhere to similar principles, it may contribute to privacy breaches.
Data mining practices must consider all involved parties to be truly ethical. More than half of organizations are experiencing a data breach from a third-party vulnerability, so these concerns are more prevalent than ever.
How to Overcome It
Rising regulations will help provide a minimum standard for fair data usage. Only five states have comprehensive data privacy laws, but 39 have considered them since 2018. As this legislation grows, it’ll hold more businesses to a higher standard, establishing more trust in third parties. However, companies must also remember to go beyond and consider consumer expectations, not just the letter of the law.
Companies should also inform customers about any data-sharing with other parties, as 70% of consumers today say sharing information with other vendors without consent is unacceptable.
Higher security measures will also help minimize these risks. Implementing the principle of least privilege, which only allows each party, device or app access to what it needs to do its job, will ensure third parties can’t access too much. Consequently, third-party breaches will be less likely and less impactful.
4. Transparency
Similarly, data mining practices need more transparency to become ethical. The first step to this goal is being upfront about what information a company collects and what it uses it for. However, many organizations lack visibility in their internal processes, making these permission requests misleading.
As many as 54% of IT decision-makers don’t know where they store all their sensitive data. Many businesses don’t use everything they collect, making it easier to misplace or overlook some information. Organizations that lack this insight can’t reasonably secure users’ data or be fully transparent about how they manage it, hindering trust with consumers.
A business can only be upfront about what it’s aware of. Consequently, visibility must improve for data mining operations to achieve the level of trust and openness they need to be ethical.
How to Overcome It
Automation can provide the insight many organizations lack. Automated data discovery tools can scan companies’ networks to find potential security risks and reveal what information the business really uses and how. Once they have that information, organizations can stop collecting what they don’t use, apply necessary security fixes and inform users about their data mining policies.
Similarly, companies should use data mapping tools to understand how their systems use each piece of information. Creating, updating and auditing these maps will keep businesses current in their data practices, giving them the transparency they need to explain more to customers.
5. Unclear Governance Roles
A lack of clarity over information governance roles and responsibilities also holds ethical data mining back. An organization may have rules about appropriate storage and usage, but it must also have clear enforcement mechanisms and outlined roles for them to be useful.
Many data governance structures leave too much room for human error, which accounts for 88% of all breaches, according to some experts. A company can’t reasonably expect workers to adhere to best practices if it’s unclear what every employee should do to protect sensitive data. Similarly, unsafe and malicious practices can quickly slip between the cracks without a formal process for enforcing policies.
How to Overcome It
It’s easy to miss the organizational side of ethical data mining, but technical defenses alone are insufficient. Businesses must outline formal, clearly communicated roles and responsibilities to maintain high standards.
Similarly, companies must create a detailed enforcement policy. That could look like regular audits to review how each team and employee adheres to data governance policies and specific actions to take for each infraction type. These actions can span from temporary loss of privileges for small or first-time offenses to termination for more extreme cases. Communicating these consequences with employees will encourage more compliance with these guidelines.
The Way Forward
These challenges are concerning, but they don’t mean ethical data mining is impossible. Rather, they highlight where and how organizations must improve to balance analysis and privacy.
Finally, businesses must recognize that ensuring ethical data mining will take a cultural change. Practices and policies should focus on what’s best for the end user at all times, so teams should ask themselves how each decision impacts them at each step in development. Regularly surveying customers about data collection, personalized services and related issues will clarify these choices’ impacts.
The very organizational structure of the company should ensure accountability and transparency. Instead of adding security measures and data discovery after implementing a new service, companies should review their cybersecurity and privacy measures throughout the development cycle. It’ll be easier to meet rising standards as companies focus on providing privacy and visibility from the beginning.
Ethical Data Mining Is Challenging but Crucial
Ethical data mining may seem like an oxymoron to some, but it’s possible. Organizations that recognize these challenges can work to overcome them. As they do that, they’ll create a safer, more comfortable online environment for their users.
Ethical data mining becomes increasingly important as businesses rely more on data and cybercrime grows. Achieving that is a challenging but essential goal.
The post Top 5 Challenges in Ethical Data Mining We Need to Overcome appeared first on Datafloq.