At MEF’s Consumer Trust Summit in London much of the discussion focussed on the forthcoming General Data Protection Regulation (GDPR) which is set to change the rules around how personal data is collected and used. Anna Gudmundson, CEO of Fitbug and Consumer Trust Summit panelist, shares her thoughts on how the regulation will impact the health sector and how data-centric companies may need to radically re-think their policies on personal data…
The Mobile Ecosystem Forum held its seventh Consumer Trust Summit in London last week. I had the privilege of joining representatives from companies from across the ecosystem to talk about the future of data, with a particular focus on the new data protection act rolling out across Europe in May 2018.
The GDPR involves significant changes in the way companies deal with data; putting new privacy measures in place. Like many such regulatory changes, it may bring some challenges, but also opportunities to give consumers more meaningful choices and more control over the way their data is used and collected. So, businesses now need to ask themselves how they will put GDPR into practice, and what they have to do to change and comply.
Overall, I welcome the regulation and certainly the conversation it triggers, as I believe it will push the industry towards creating better products, where the user chooses to share personal data because they see value in doing so, versus being forced to or offered unintelligible privacy terms.
Policy making is a big issue and there’s no quick fix for those in charge. They’ll need to radically rethink their policies and how they are presented. Policies will need to be transparent and consumer-centric and businesses will need to be accountable.
As Kasey Chappelle, Chief Privacy Officer and VP of Commercial Compliance at American Express advised, “Don’t be the lawyer, be the strategist.” The debate needs to move beyond privacy policies to look at new data flows, consent, privacy by design and to explore how choice and control can be implemented. And I certainly believe this is going to be more successful if policy makers involve consumers in the process. Alan Duric, CTO at Wire commented, “Privacy policies should be written for us, by us, not by lawyers for lawyers.”
Perhaps GDPR will act as a driver for us to reconsider which data is collected, how much data we really need and how we use that data, without compromising consumer privacy rights.
Mozilla’s policy engineer, Gervase Markham, emphasised his organisation’s advocacy for lean data policies, which recommend that businesses take the very bare minimum of data and anonymise it. After all, data can be a liability as well as an asset.
GDPR is an especially important consideration for the ever growing number of data-centric companies, like Fitbug. We aim to empower employers to create a positive culture of health within their organisation to maximise performance, reduce absenteeism, decrease the risk of chronic illness, and lower healthcare and insurance costs. It is how we use technology and data intelligence that makes this scalable, effective and personalised.
In our case, we collect activity and sleep data, nutritional and mental health information, which is essential to providing customers with personalised health programmes and support as they go along their wellness journeys. Trust is part of our core values and we take privacy and security very seriously and have a number of measures to ensure our customers are protected.
Going forward, we’ll be looking closely at GDPR compliance and how we balance giving more control to our users while still maintaining the data integrity of our programmes.
Ultimately, earning customer trust is essential. Customers become uneasy when they feel that businesses know too much about them. Companies should, rather, offer customers meaningful consent, opaque transparency, anonymisation and a clearer understanding of how their data is used.
We’re looking forward to playing our part and helping move the industry towards better awareness and practices, and ultimately a better and safer experience for users.
Understanding the personal data economy
The personal data economy, also known as the Internet of Me, the API of Me, M2B, self data, the personal information economy and more, describes a powerful new idea: letting individuals take ownership of their information so they can share it with businesses on their terms.
Download this free white paper from Juniper Research, commissioned by MEF, outlining a brief history of the Personal Data Economy with case studies and examples as well as a wealth of guidance for individuals and enterprises.