Following last week’s decision by the Federal Trade Commission to fine Facebook $5 billion for breaches in user privacy, there’s plenty of debate on which party got the upper hand with the settlement. Along with the fine, the FTC is requiring a number of changes that will help Facebook with its privacy-first reinvention.
CEO Mark Zuckerberg
posted that Facebook would "set a completely new standard for our industry," and I suspect he’s right. It feels like we’re at an inflection point regarding privacy. Earlier this month, the U.K.'s Information Commissioner's Office (ICO) announced significant penalties for the mishandling of private data. The ICO fined Marriott International about $123 million for exposing the private data of 339 million guests in a 2014 breach at Starwood. And it fined British Airways about $229 million for leaking data on about 500,000 customers.
The BA fine is the largest issued to date, but we’re just getting started. Administrative fines spelled out in the EU’s General Data Protection Regulation, which took effect in May 2018, can go up to $24 million or 4% of annual global (note global) turnover. Several factors impact the penalties, including the severity of the data breach and the measures taken to be compliant.
Privacy concerns have (finally) risen to mainstream awareness. I just saw a prime-time ad for an HP laptop featuring a physical “webcam kill switch.” In its newest release of Chrome, Google closes a loophole that allows websites to detect (and block) use of incognito mode. Consider the viral moment with FaceApp earlier this month. The app adds years to portraits and (like many apps) requires access to personal photos.
Security concerns squashed the app’s momentum.
A privacy revolt is forming, and that’s generally a good thing. We’re inadvertently letting our information be used against us in many ways, from
weaponized advertising to
personalized price increases. But understanding, or even defining, personal data is difficult.
When navigating, Google Maps displays both the speed limit and the driver’s current speed. This data isn’t shared but derived. It can also be observed by someone just standing on the street. Does driving speed count as personal private data? You can be sure law enforcement and insurance companies are interested in that information.
Most of our personal data is information that we voluntarily share for specific benefits. Our personal data makes our applications smarter, more contextual. It’s important to note that Facebook wasn’t fined for using personal data, but rather for its failure to protect that data as promised.
Protecting data starts with the user, who needs to carefully evaluate what to share. That’s not as easy as it sounds. Our personal data fuels our modern apps. FaceApp is just pictures of old strangers without access to personal photos. Yes, we can deny the Uber app access to GPS, but then we need to enter our pickup location manually. But, can we assume that arranging a pickup is the only time Uber accesses our location information?
Personalized apps have become so common that the experience is awkward without user data. DuckDuckGo offers Web search without the use and collection of any personal data. When I use it to search for “Louisville restaurants,” it provides locations in Kentucky. Google, however, correctly knows that I intended Louisville, Colo. -- even when I’m not at home in Colorado.
I recently acquired a new
countertop oven that uses a camera and network connection to analyze my food. Image recognition means all I have to do is confirm “steak” and then select “medium-rare.” It’s a fantastic experience, but it requires sharing what’s for dinner -- information that until recently was restricted to a need-to-know basis.
These examples pertain to consumer apps, but AI is slowly and quietly transforming the enterprise, including communications and collaboration. When the contact center folks talk about delivering personalized customer experiences, they’re intending to leverage as much data as they can. Some of the data comes from within the enterprise (order and support history, quotes, etc.) and some of it comes from external sources -- all of it will need to be reexamined.
Natural language processing (NLP) provides a portal to our spoken conversations. There are obvious contact center applications, such as real-time sentiment processing, but NLP has broader capabilities. At Enterprise Connect 2019, the
Innovation Showcase featured Gong.io and Prodoscore for real-time conversational intelligence.
For example,
Prodoscore monitors and analyzes communications across voice calls, email (Gmail and Office 365), Salesforce entries, text messages, calendar appointments, and more. It can provide a sales manager a big picture with granular details on what is being said by who, when, and on what channel. In the future, this technology won’t be limited to the sales floor. The data in question belongs to the enterprise, but will the typical employee agree?
In some situations customers may prefer giving personal data to a bot rather than a human agent. I remember getting my first ATM card; doing so required that I tell the teller my desired PIN. Today we set our code with an IVR, but just recently I had to answer personal questions from a banking agent to verify my identity. I’d rather authenticate by speaking to a bot.
Our digital breadcrumbs are everywhere. Cisco Webex tracks who’s in meetings; Uberconference tracks how much each participant speaks; messaging apps measure not only how much we interact, but with whom and about what. All of this data is going to be machine-analyzed for patterns and other benefits. The current-day enterprise comms vendor landscape includes Amazon, Google, and Facebook -- pioneers and experts in both harvesting user information and developing AI-powered applications.
Our data is being used to radically change enterprise communications. At the recent
Fuze Flex event, an IBM spokesperson said the company is using Watson to monitor employee engagement. Supposedly, Watson can accurately predict if an employee is looking for another job.
This inflection point toward more privacy conflicts with the trend and need for personal data to make our systems, applications, and interactions better. The emerging challenge will be to obtain and leverage personal information properly -- with awareness, consent, and protections.
