Maybe you told your favorite restaurant your birth date in the hopes of getting a freebie. Or your company uses cookies to better understand customers’ online browsing and buying habits.
Whether it’s something already being done or just a possibility in the future, businesses have the capability to collect an enormous amount of data on their customers. And with that ability comes a slew of ethical questions, like how much and what kind of data is right to collect in the first place.
“My consulting clients are frequently concerned with the data they collect and store about customers,” says Eric Dent, professor and Uncommon Friends endowed chair in ethics at Florida Gulf Coast University’s Lutgert College of Business.
Data can of course provide a lot of benefits for companies, like better-targeted marketing efforts. But it can also lead to just as many challenges for organizations.
“If I’m walking around my campus at FGCU, and we have security cameras all over, I haven’t signed any waiver, but my person is being visually captured,” says Dent. “There are some positive purposes to that kind of thing. But what are some of the downsides?”
If your company is collecting data on its customers—and let’s face it, what company isn’t these days?—here are some steps Dent says you should take to do it as ethically as possible.
Make the approval process more direct.
Sometimes customers are asked to provide information in a clear-cut way: Click here if you want to subscribe to our newsletter. Enter your mobile number to receive a 10% off coupon.
In other cases, the fact that a customer is opting in to share their information is buried in legalese. “You can’t make customers scroll through five screens of legal gibberish that none of us are going to read,” says Dent. “You have to make it easier for whoever the user is to know that this is what they’re waiving and that this data will be used for this purpose.”
Let your customers benefit from the info you’re collecting.
Make it a win-win for everyone with personalized marketing and other efforts that provide upsides for both parties. “Ensure that customers realize that data collection allows for their enhanced experience,” says Dent.
Think like a European company.
Many of your much-used websites probably notified you about the European Union’s General Data Protection Regulation, which went into effect in 2018 and aims to give individuals more control over their private data. And U.S. companies doing business in the European Union have already had to adapt to the new law. “It really is forcing companies to be very clear about exactly what data they collect from people,” says Dent.
But even if your firm hasn’t legally had to comply with GDPR yet, it would be wise to get ready to, especially since Dent expects the United States to eventually pass some regulations of its own. “I don’t know if we’ll go as far as Europe has gone,” he says. “But I think U.S. businesses will have to provide back to customers—for free—whatever they request in terms of what was collected about them. That’s very uncommon today in the United States, but I think that part is coming.”
Be aware of the potential problems created by large amounts of data.
The more data you collect, the more data you have to protect from harmful—and costly—breaches, especially if you’re gathering sensitive data like Social Security and credit card numbers.
And just because you can collect all kinds of data doesn’t mean you necessarily should. Knowing too much about your customers can raise all kinds of concerns. “Everyone is trying to pilot test the next level of interaction, and I’m working with an auto manufacturer who wonders what to do with the fact that they have access to data on every single inch their cars travel, where they stop, etc.” says Dent.
The drivers of those cars have agreed to participate in a test of an in-car, virtual-assistant type of device. “But what if one of the people testing this thing pulled up to the strip mall where they go to yoga class,” says Dent, “but maybe they parked in front of a triple-X movie theater two doors down. From the company’s database standpoint, it may look like they went to that location, not the yoga studio.” And unlike the right given to individuals in the EU under the GDPR, U.S. citizens don’t have the ability to correct inaccurate data collected about them.
Collect your data in an unbiased way.
That means you can’t leave it all up to technology. “Data algorithms can draw conclusions that enforce racial or sexist stereotypes,” says Dent. “So you can’t let the algorithms alone make these decisions, because they’re not sophisticated enough as they are. You also need human oversight.”
