I come from a country where transparency is an integral part of the social and cultural fabric of our lives. Norway is built on the transparent sharing of information (even our salaries are public), but we also understand and value our boundaries and privacy. As the CEO of a location data company, I work and evolve constantly to maintain those values of transparency and respect for privacy, both in my professional life and in my company. In fact, one of the five core Unacast values (which you can read more about in our handbook) is Trust through Transparency. We believe the honesty and openness creates the foundation of trust necessary for both companies and individuals to thrive.
The evolution of any industry follows a clear pattern of invention, innovation and sophistication. Location data is no different, but the sophistication level is two-fold: as the industry matures, not only is data collection becoming more sophisticated, but individuals - those who ultimately provide the data - are becoming more sophisticated as well. We as a general public understand that there are certain trade-offs for customization and personalization in our daily lives. When the data we offer is used well, it can improve our experiences and lead to new opportunities for us to dive deeper into interests, hobbies and products. But as incidents like the one surrounding Cambridge Analytica and Facebook have shown us, when our data is used without our permission, the result is an unwanted invasion of privacy.
This is something that I’ve thought a lot about in recent months.
So, what does this mean for a data company?
At Unacast, the data we collect from our suppliers is based on opt-in consent and/or legitimate interests. We intentionally dismiss any data that may contain sensitive personal information - such as location data surrounding hospitals, places of worship, and areas with known political affiliation or affiliation with any protected status. These policies are a no-brainer to me, and they will be enforced even more strictly as GDPR is rolled out. But those things are reactions to the data we receive.
And while reacting with integrity is good, being proactive with intention is better.
That’s why our engineering team is currently hard at work building out further GDPR-compliant processes in both Europe and the US that ensure we can promptly execute on any user request regarding data deletion, correction or the right to be forgotten. These processes, coupled with clear, easy-to-understand opt-in consent, will help ensure that control of any individual data remains where it belongs - in the hands of the individual. It’s our responsibility, and indeed the responsibility of every company that handles the data of individuals, to provide very clear consent and ensure there is a legitimate interest for the reason why we process this data. We must not just “strive for transparency in our data collection”. Striving implies attempting something with no guarantee of succeeding. We must provide complete transparency, together with our partners, into what data we are collecting, why we’re collecting it and how we’re using it. The decision of whether or not to share that data with us should always be clearly within the individual’s control.
The closer we get to GDPR activation, the more the words “transparency” and “privacy” will be on our minds and in the press. We need to take those words seriously and embrace this change as one more step in the sophistication of our industry. Any company frightened of individuals understanding their rights to data privacy and making informed decisions based on personal level of comfort is a company that has no place in our evolving ecosystem.
We can’t fully predict the results of GDPR, but I believe that the surest way to continue to thrive as an industry is to make clearer - not foggier - the ownership rights that individuals have over their own data. The result will lead to clarity for individuals, and a high-quality pool of data for our industry, even if we may see a decrease in size of that pool at the outset.
I urge all of my fellow leaders in the location data space to work toward transparency, respect of privacy and GDPR compliance with this same attitude, and to remember that we are indeed a service industry. While we all serve various clients and partners, our work is ultimately in service of creating a better world through innovations that are for the many, not the few.
Over the coming weeks and months, we’ll be digging deeper into the specifics of transparency, compliance and privacy - not just what those things mean in principle, but also what they mean in practice and process for Unacast.
You can expect in-depth content from us covering:
- GDPR compliance in Europe and carrying our policies through to the US
- Our Privacy Program
- The moral framework behind our business partnership decisions
- How long we keep data and why
- Education on best practices for privacy, compliance and transparency
Simultaneously, we’ll be working toward “big picture” goals as well, including:
- Aggregating data based on crowd movements
- Focusing on partnerships with direct owners of data for greater control and transparency
- Creating a platform where our insights can be accessed for free based on select use cases benefitting society as a whole
We’re excited for the innovations to come, and prepared to take on the necessary work to ensure our business reflects our “Trust through Transparency” cultural value.
So, let’s forget about “striving” for transparency and privacy. Let’s achieve them to the utmost best of our abilities.