Data privacy: Your attention please (but not too much)

2021 will be remembered for a lot of things; not least, as one of the more prominent of the tech sector’s ‘good guys’ recently put it, the year privacy went mainstream.

From the backlash against the data-sharing practices of messaging platform WhatsApp and its beleaguered parent, Facebook, to Apple’s hotly debated drive to limit tracking by advertisers, a torrent of controversial news on the data policies of some of the world’s biggest companies has made the issue top of mind for many consumers, who are flocking en masse to more privacy-conscious alternatives.

The other noticeable shift is that privacy is no longer exclusively, or even primarily, a problem for tech companies. Partly because of the accelerated technology adoption prompted by the pandemic, serious concerns about privacy and digital surveillance are surfacing everywhere, from public health to education and insurance. And nowhere, perhaps, more than in the workplace, which is still in the midst of a reinvention that’s rendering it equal parts virtual and physical.

For all the warm rhetoric about wanting to empower people to work anywhere, it seems a lot of companies don’t trust their employees to do that. The rise of remote working has been accompanied by a shocking spike in possible privacy breaches by employers. In one recent study around three-quarters of employers admitted to using software to track employees’ activities or record communications, even though they agreed such activities were ethically questionable. Employees, meanwhile, are increasingly upset by what they perceive as invasions of privacy, with a solid majority seeing monitoring as a source of stress and anxiety, and willing to quit over stepped-up surveillance measures.

At the same time, there are indications that picture isn’t quite as clear cut as ‘monitoring bad, privacy good.’ There’s a strong argument for companies to have some kind of visibility over their workers’ online activity, not least for security reasons. Remote workers, too, have concerns their contributions can go unseen and under-celebrated, and may welcome the kind of monitoring that logs and rewards outperformance.

Trying to have it all

Here we get to the heart of a privacy dilemma that every organisation will have to navigate in one way or another: everybody wants to be noticed, but nobody wants to be watched. Perhaps the only thing worse than misusing the personal data of customers is not using their data at all, and failing to learn about and respond to their goals and desires as a result. Ensuring information presented to an audience is relevant inevitably involves a certain amount of profiling - a delicate balance that we've noted can be difficult to strike. Privacy compromises are also at times essential to advance important causes like sustainability; optimising the energy use of an office or building for example, may involve tracking the whereabouts or activities of its inhabitants at any given time.

Use of data and definitions of privacy are constant works in progress and companies can’t necessarily be expected to always get them right, particularly if these issues aren’t part of their core business. But at the very least current trends point to the need to develop a deliberate approach to privacy that’s consistent, and communicated to employees as well as customers.

Thankfully for a relatively new field there are already a number of promising frameworks and best practices to turn to for inspiration; the Responsible Tech Playbook developed by our client and a leading advocate of ethical technology practice, Thoughtworks, is one excellent starting point for companies grappling with the privacy implications of the technology they deploy. But even before digging into the details, there are a few basic principles that are relatively simple to adopt and can underpin a healthy approach to the issue.

Keeping an open door

First and foremost is transparency. Research demonstrates conclusively that most people aren’t inherently opposed to sharing their personal data provided they have some kind of say in the process, are confident the information is being collected and stored safely, and know how it’s being used. Being upfront about how your organisation interacts with personal data, and frank in discussing permissions and consent, provides a much better basis for customers to learn about your practices than a breach or scandal that suddenly thrusts those practices under the microscope.

Privacy is also a realm of tradeoffs. Not surprisingly people are much more inclined to consent to the use of their information if they gain something in return, whether it’s new insights or discounts, In marketing, this is why campaigns that deliver bona-fide intelligence on an industry or topic drive far more engagement than material that’s nakedly promotional; and why again and again, we see that the busiest decision-makers are often perfectly willing to slow down and share their personal details to gain access to research or a report that presents a genuine learning opportunity.

Sometimes the motivation for giving out data can be nothing more warm feeling of contributing to a greater good. The increased sharing of personal health information that has accompanied the pandemic has given rise to a remarkable (and encouraging) phenomenon that consultancy EY has dubbed the ‘altruism economy,’ where people freely contribute personal data to help improve the lives of others they don’t even know. Developments like these prove data sharing has uses far beyond the commercial (or criminal), and that conversations on privacy don’t always need to be tense. But as privacy issues grow more prominent, they are conversations that all organisations, not just super-apps or social media giants, must have. Like it or not, this is an area where enterprises of all stripes will be scrutinised - and measured.