Data Justice

A two edged sword

 

Overview

It is fun and rewarding to find the meaning in a bunch of data.  Some people say "let the data speak."  In my experience, data do not speak.  Data help answer questions but we develop the questions and draw conclusions - that is what makes it interesting for the analyst.  Over my years in marketing research, I worked on hundreds of projects.    For the vast majority of my projects, we gathered data through surveys.  Respondents knew they were being interviewed and their responses were confidential and anonymous.  Sometimes we augmented surveys with secondary data such as financial transactions or  pharmaceutical prescriptions. 

In the current world of "big data" and social media, many times a person does not even know they are a "respondent" or that behavioral data are being gathered about them.  Data gathering has become pervasive through Facebook, Amazon, and Google, plus entities such as Equifax, Experian, and TransUnion.  The velocity and volume of data may allow companies to move from consumer "insights" to consumer "manipulation." Plus now companies use algorithms and artificial intelligence to determine who should get a loan, should get this job, on and on. Issues are well laid out in Weapons of Math Destruction How Big Data Increases Inequality and Threatens Democracy. 

 

A good example of how the use of data and analysis has changed an industry is the growth of fintech lending. This is a presentation I gave to a graduate finance class in 2019.

I testified before the Texas House Committee on Investments and Financial Services on April 24, 2018 in Austin about my frustration with Equifax.  Go to about 2:25:55

 
 

And a 2021 comment to the Consumer Financial Protection Bureau on the use of personal data by large payment platforms such as Pay Pal. Good example of asymmetry between fintech companies and consumers.

 

Our 2022 Comment to the FTC on Commercial Surveillance and Data Security, addressing discrimination in financial decision making and the need for limitations on companies’ collection, use and retention of consumer data.

 
FIPS 1974.jpg

Most US and EU privacy laws are based on these FIPs.

Data privacy Resources

Consumer concerns about data privacy have been growing over the last few years. Some critics say we now live in the “age of surveillance capitalism.” There has also been an increase in organizations debating the fair balance between consumer rights and corporate rights. A good history of efforts to pass a data privacy law in the US (3 parts). On-going series from the New York Times Privacy Project

The US Department of Commerce - National Institute of Standards and Technology produced their “privacy framework” in 2020. “The NIST Privacy Framework is a voluntary tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy.” I attended a presentation on this in 2020 at CSIS.

Here are a few resources to consider:

Think tanks and academic centers

Kennedy School Shorenstein Center 

Technology Academics Policy

Yale Information Society Project

Belfer Center - Harvard

Berkman Center - Harvard

Georgetown U Law Center on Privacy and Technology

Georgetown U Law Institute for Technology Law and Policy

NYU AI Now Institute

MIT Media Lab

Stanford Law School Center for Internet and Society

University of Washington Tech Policy Lab

Georgetown U Institute of International Economic Law

Americans for Financial Reform

The CFPB should be more concerned about data privacy in financial services and in particular how the lack of privacy hurts sub-prime borrowers. Keep up with their rulemaking and opportunities for comments

Two other non-governmental groups to watch

The Consultative Group to Assist the Poor CGAP

And throw in Microsoft AI principles for good measure

Congressional committees that should be working on this

House - Subcommittee on Consumer Protection and Commerce

Senate - Subcommittee on Communications, Technology, Innovation, and the Internet

Calendar of privacy events

an interesting graphic showing the “marketing technology ecosystem”

Center for Humane Technology

Interestingly, a law firm in Dallas that specializes in privacy law Hosch & Morris

And one that seems friendly to privacy issues Fish and Richardson

Latest results from Data Kind competition, I was a judge

Advancing the Field of Data Science for Inclusive Growth

zuckerberg.jpg

FTC finally starting to push for consumer data privacy

The FTC has launched its largest effort to date to learn about social media and video streaming companies. The companies have been ordered to provide data on how they collect, use, and present personal information, their advertising and user engagement practices, and how their practices affect children and teens.

The FTC is issuing the orders  under Section 6(b) of the FTC Act, which authorizes the Commission to conduct wide-ranging studies that do not have a specific law enforcement purpose. The orders are being sent to Amazon.com, Inc., ByteDance Ltd., which operates the short video service TikTok, Discord Inc., Facebook, Inc., Reddit, Inc., Snap Inc., Twitter, Inc., WhatsApp Inc., and YouTube LLC. The companies will have 45 days from mid-December 2020 to respond.

The FTC is seeking information specifically related to:

  • how the companies use, track, estimate, or derive personal and demographic information;

  • how they determine which ads and other content are shown to consumers;

  • whether they apply algorithms or data analytics to personal information;

  • how they measure, promote, and research user engagement; and

  • how their practices affect children and teens.

This is a big deal. The data will allow the FTC to move toward greater regulation of these online giants.

And the first report from these orders - What ISPs know about you - examining the privacy practices of 6 major internet service providers


 

In addition, I am funding research at UT Dallas that examines the benefits and harms of “big data” from the consumer perspective. What are the trade-offs consumers should be aware of when they use Facebook, Google, Amazon, etc? What regulations are needed to achieve a balance between consumer and corporate benefits? How should companies provide security and privacy?


 
NIST frameworkd.png

Possibly a way forward will be to base privacy bills around the NIST privacy framework.

Focuses on risk management - identify risks, protect against them, detect issues, respond to incidents, and recover from damage.

 
 

The Uniform Law Commission developed a “generic” privacy law which has been introduced in DC. Privacy advocates see this bill as fairly bland - not a strong push for consumer rights.