Thanks to improvements in the scope and effectiveness of data digitisation, it’s a simple matter for organisations of all kinds to build personal profiles based on individuals’ captured data. And this goes beyond basic information such as name, age and address; today, nearly all forms of personal information exist digitally—from the seemingly innocuous (such as interests and hobbies, buying preferences, relationships, etc.) to the extremely private (such as social security numbers, credit information, health data, location and movements etc.).
In many cases, the information we share online, either knowingly or otherwise, is used by machines to make them smarter; the puppy photo we post on social media helps teach semi-intelligent algorithms to recognise a puppy when they see one. The searches we perform online teach machines how to better understand and replicate human language.
However, regardless of how the data is being used, the fact that it exists and is available to unknown users is becoming a major cause for alarm. Customers (not to mention legislators) around the world are beginning to demand that companies give the original data owners final say in how their data is collected and used.
As such, those organisations that establish and follow healthy data privacy policies are more able to establish trust with their customers. At the same time, they eliminate the legal risks associated with violating new and upcoming data privacy laws, standards and regulations. Facebook’s recent fine of $5 billion from the FTC is an example of just how steep the penalties for violating these laws can be.