The findings presented in an article by German magazine Computerwoche published on Feb 11, 2014, are a forceful reminder that messages about excessive data capture via mobile apps seem to have gone unheeded so far. As reported, tests by TÜV Trust IT established that “almost one in two mobile apps suck up data unnecessarily”.
What’s “unnecessary” of course depends on your viewpoint: it may seem unnecessary to me if my mobile email app captures my location; the provider of the app, on the other hand, could be capturing the information to provide me with a better service and/or to make money from selling such data to a third party. The trouble is that I don’t know, and I don’t have a choice if I want to use the app. From a consumer perspective, this is not a satisfactory situation; I’d even go as far as calling it unacceptable. Not that it matters what I feel; but privacy advocates and regulators are increasingly taking notice. Unless app providers take voluntary measures, they may see their data capture habits curtailed by regulation to a greater degree than would otherwise be the case.
Let’s step back a moment and consider why so many mobile apps capture more data than is strictly speaking necessary for the functioning of the app:
Mobility is becoming pervasive in the enterprise. Smart devices, including wearables, are appearing in all sectors, both in developed and emerging markets. Businesses that fail to prepare for the mobile mind shift risk losing their competitive edge. I hope this year’s Mobile World Congress, which kicks off on February 24, will emphasize the interaction between business processes and mobility — in addition to the traditional gadgets.
I focus primarily on themes relating to the connected business and social collaboration, and I will travel to the world’s leading mobile event in Barcelona to gain new insights into several questions in these areas:
This morning, as I was writing this blog post, I got an email from one of my colleagues, saying "Is it weird that since Google bought Nest, I no longer want one?" Her sentiment isn't that unusual because, as it turns out, plenty of people feel like Google + Nest = HAL. (It's hard to miss the resemblance)
My colleague Frank Gillett just published a post outlining a collection of ten key thoughts about the acquisition. As the privacy-identity-personal data wonk advising Forrester's marketing strategy clients, I thought I'd drill down on some of the more salient points for those issues.
Data Privacy Day is on January 28. But isn't all hope lost when it comes to the P-word? Interestingly, Daniel Solove is one key expert who doesn't think so: His recent Year in Privacy roundup sounds a number of positive notes, largely having to do with regulatory pressure driven by public pressure. In the age of the customer, we really can see "water wear away stone" when ordinary people demand change.
My colleague Fatemeh Khatibloo recently published some must-read research on contextual privacy: a framework for negotiating the collection and use of personal data that ensures a fair value exchange for both the customer and the business. Don't miss the blog post where she lays out some takeaways:
Privacy isn't dead, it just needs redefining.
Privacy will be a market differentiator.
Privacy technology will disrupt the marketing ecosystem.
As 2013 comes to a close, it's clear to me that much of the rhetoric about privacy's death was not only premature but downright wrong. Just in this past week, there have been several events that point to how very alive and critically important the topic of privacy is:
The US Senate Committee on Commerce, Science, and Transportation released a report (in advance of a public hearing) about the practices of the data brokerage industry, and how they impact consumers. The report claims that "data brokers operate behind a veil of secrecy, subject to limited statutory consumer protections." This certainly portends the possibility of new legislation being introduced by the committee in 2014.
US District Court Judge Richard Leon ruled that the bulk collection of millions of Americans' call records likely violates the Fourth Amendment of the Constitution. While conflating surveillance with marketing privacy is a dangerous thing, I suspect that this ruling will draw further attention to the volume, scale, and methods of data collection, irrespective of who's doing the collecting.
Yesterday, FTC Commissioner Julie Brill published an essay on AdAge.com that calls on data brokers to join -- or, rather, establish -- an initiative called "Reclaim Your Name." The goal of the program would be to provide a single portal where consumers could see what data the industry has collected about them, provide options to opt in and out, and to correct data that might be inaccurate.
While the commissioner's article is a bit heavy on the "big data" rhetoric, her point is well taken: We have entered an era where the volume of data that individuals make available about themselves -- often inadvertently -- is increasing daily. Unfortunately, guidelines for how marketers and the larger data industry collect and use personal data are in short supply. This conflict is one of the major challenges that our industry faces in the coming decade: How can brands excel in the age of the customer if they're constantly under scrutiny about their privacy and data practices?
Acxiom, one of the world's largest data brokers, recently launched its own version of the kind of portal Commissioner Brill calls for. AboutTheData.com lets individuals see a subset of the data Acxiom knows about them, provides correction and opt-out opportunities, and aims to provide consumers with education about the data industry as a whole.
Yesterday, Acxiom, one of the world's largest data brokers and a key player in the marketing services ecosystem, launched an important new consumer service (still in Beta) called "About The Data." It's an initiative to show consumers some of the data that Acxiom has compiled about them, to provide education around how certain types of data are sourced and used, and to let users correct and/or suppress the use of these datapoints for marketing purposes.
This is a big deal. Why? Because it's pushing Acxiom (and, frankly, the entire third-party data industry) way out of its comfort zone on a few levels.
First, this is not a company that is used to dealing with consumers on a mass scale. Acxiom's DNA is fundamentally B2B; learning how to communicate to, and design tools for, individual consumers is a massive undertaking, and it shows in the UI. For example, when I attempted to register my address with a "#" preceding my apartment number, the format was rejected without any indication that symbols were disallowed in that field. As a tech-savant, it only took me one more attempt to figure that out, but not all consumers are so savvy. Similarly, clicking the "Home" button on the navigation bar logs users out without any notice or warning.
It's that time of year again: Tomorrow, venture capitalists, entrepreneurs looking to raise funds, journalists, bloggers, geeks, and digital executives from all over the world will be gathering at LeWeb in Paris. For a couple of days, Paris will turn into the digital Mecca.
A lot of the media and investor attention will focus on the now-traditional startup competition, looking for the new Evernote, Instagram, Nest, or Withings. Here’s the list of the 16 semi-finalists. Emblematic of the entrepreneurial spirit of the conference, David Marcus, founder of startups like Punchd (acquired by Google) and Zong (acquired by eBay) and now CEO of PayPal, will be speaking at the event and will cross paths with a long list of digital visionaries and key executives, such as Pascal Cagni, former general manager and VP of Apple EMEA.
Here are some of my observations on this year's theme — The Internet of Things — as well as a summary of some of Forrester’s latest research on this quickly evolving space.
I recently attended Trend Micro’s Insight 2012 event for an update on corporate and product strategy from Trend executives, hear from partners and enterprise customers about their experiences working with Trend Micro, and sit down to 1:1's with business unit leaders. I met with Carol Carpenter, EVP of Consumer, who shared a bit about what Trend is doing for consumers and provided demos of their latest Android mobile apps out on the market and in development. Of the ones available now, they are the usual suspects – mobile security, backup and restore, and a password manager. And then, there’s a battery optimizer app. Random? No, not really.
Consumer security has come a long way from simply antivirus software for PCs. Mobile security is undoubtedly on everyone’s minds at this point (oh no! device loss, malware, my apps are spying on me!), but that’s only one factor (albeit a big one) contributing to the evolution of this consumer security market. We’re looking at protecting devices, data, identities, interactions, privacy, the consumer – in short, the online experience. That’s where the umbrella of consumer security expands, and I see apps like Trend’s battery optimizer fitting in. It’s not a “security” solution in the traditional sense, and more of a productivity tool. Consumers gain visibility into what the device and apps are doing (to the battery), and using that information to then make an informed decision (e.g., stop running that app, turn off Wi-Fi, etc) to preserve battery because it’s running too low for comfort.
Data security consistently tops the laundry list of security priorities because it must. Organizations are collecting data, creating data, using data, and storing data in some way or another. Mishandle data or disregard privacy, and you’ve got a public relations fiasco on your hands with the potential to disrupt business operations or hurt the bottom line.
So, we know that data security is a priority, but what does that mean? What are organizations actually doing here? How much are they spending, and where are they focusing their efforts? And what are they doing about privacy? I’ve dug into data from Forrester’s Forrsights Security Survey, Q2 2012 and data from the International Association of Privacy Professionals (IAPP) to answer these questions in a newly published benchmarks report for our Data Security and Privacy playbook. Note: This is not a shopping list, nor a check list, nor is it a “spend x% on data security because your peers are doing so!” manifesto. This report is meant to be a starting point for discussion for S&R pros within their organizations to take a closer look at their own data security and privacy strategy.