Data breach is the new oil spill

Xebia Background Header Wave

In 2010, a major disaster took place in the Gulf of Mexico, when an oil spill of unthinkable proportions led to irreparable environmental and ecological damage. Known as the Deepwater Horizon oil spill, it is the largest marine oil spill as well as the largest environmental disaster in US history, which is still haunting the world.

2018 witnessed yet another spill, this time it is not oil, but data which is termed as the new oil of the industrialized internet economy. Yes, I am talking about the facebook and Cambridge Analytica data scandal, in which privacy of tens of millions of citizens is violated and exploited for private financial gain, without the consent or knowledge of the affected people.

With the rise of digital unicorns such as Amazon, Google, and facebook, data is increasingly viewed as the new oil of the digital world. Just as oil was the vital and essential commodity that powered the manufacturing era, data is the indispensable fuel powering the connected, digital economy.

Oil has been a tightly regulated commodity for more than a century, it consolidated power centres and created new power centres. What will happen to data, the new oil of this world? Will it also play a role in defining power centres rather than just remaining in data centres?

How is data different from oil?

While both oil and data are the key economic drivers in their respective eras, there are some vital differences between them, that we need to recognize and understand:

Oil is a tangible commodityData is intangible
Oil is a fungible (substitutable) commodityData is non-fungible
Oil doesn’t produce more oilData can generate more data
Oil is a physical commodityData is an experience good i.e. its value is realized only after experiencing it like a movie or a book
Oil is nameless and faceless (Anonymous)Data is named and identified

As you can see from the above comparison, oil is a physical, tangible, and fungible commodity, whereas data is often perceived as an intangible, non-fungible, and experience good. While there is no distinction from one barrel of oil to another barrel, there is a world of difference between data associated with one individual to the other. In other words, while oil is nameless and faceless, data is a named and identified commodity. The other key difference is that while oil doesn’t produce more oil, data can generate more data.

It is important for us to understand these critical differences, so that we adopt the right approach towards data regulation.

Where is this data breach leading us?

Let’s consider what has happened in the current Cambridge Analytica and facebook scandal:

    • As part of its policy to transform itself into a popular platform for social applications, facebook provided access to third-party app developers.
    • To encourage wider usage, facebook enabled people to log into apps and share information about their friends
    • One such third-party developer was able to gain unauthorized access to hundreds of thousands of user-accounts, which was subsequently shared with Cambridge Analytica.
  • Even though complete story of what transpired is not yet known – it is reasonable to state that Cambridge Analytica has utilized its unauthorized access to user data towards behavioral influencing, in this case specifically how they vote.

What’s evident from this fiasco is that, in the current context of widespread collection of data from millions of unsuspecting people, we need to clearly distinguish and differentiate between:

  • deriving insights and influencing behavior
  • what is moral from what is ethical
  • privacy and individual rights

Is Cambridge Analytica just one of the businesses that got caught, while there are many more such unscrupulous companies that are exploiting public data for private gain? My own view is that there are many ambitious baby corns (startups created explicitly to be acquired by Unicorns), that are taking advantage of the lax regulatory environment, and exploiting public data, often without consent or knowledge of the affected people.

Is history repeating itself?

I have an eerie feeling that the current digital landscape and the largely unregulated atmosphere in which some of the players are operating is like the wild west of the late 19th century. Some of these new unicorns and the baby corns are behaving fast and loose, very much like the wildcatters of the oil industry.

There is another key difference between these two eras – the wildcatters of the oil era took huge risks with either their own capital or investor capital, whereas the modern-day wildcatters exemplified by the likes of Cambridge Analytica are putting at risk data capital that they don’t own.

Many startups and baby corns, fuelled by an abundance of venture funding are increasingly resorting to a strategy of identifying new data-driven business models that are dependent upon exploiting public data. From what we have seen so far, there is very little hesitation in crossing the thin line between legal and illegal as well as what is ethical and moral. Let’s consider some examples:

  • Using advanced data analytics to mine user data and derive unique insights into buying patterns, preferences, and a host of other relevant data points that could influence consumer behavior. Unicorns such as Netflix and Amazon have pioneered this into a science and achieved tremendous financial success.
  • Contextual advertising, which is increasingly becoming the primary revenue stream for many businesses that have significant user volume. Google and facebook can be considered as prime examples, even though both have multiple revenue streams.

Even though there is no unanimity, the practices cited above are largely considered not only legal, but also ethical to a large extent.

Policy makers recognized a century ago that there is a need to balance genuine entrepreneurship with the need for regulation. This realization gave rise an era of stringent regulation, which laid the foundation for consumer safety, consumer rights, worker protection, and investor rights across diverse domains including oil, banking, airlines, and a host of other industries.

In a similar manner, what we are currently witnessing is to some extent unchartered territory of a data-driven world, that is evolving at exponential speed. While recognizing the genuine need for innovation, we must be proactive in regulating genuine usage of data, and draw the right balance between privacy and individual rights, and clearly define what is legal, ethical, and moral.

In the mad race to become the next digital unicorn, there is a real danger that, in the absence of appropriate regulation, we will create an environment conducive for unregulated monopolies, which could unwittingly give rise to the next Standard Oil.

Every action has a consequence

Mark Zuckerberg wants facebook to be the Internet. He may have wished to make the world a better place for all. As a side effect his net worth might also grow. Facebook is not just a social networking application anymore, it is a platform where commerce can take place, knowledge resides, analytics can be built and thanks to exploitation of data, human behavior can be influenced.

There are many apps on facebook today whose revenue model is based on data rather than on offering something unique to consumers. A consumer purchases merchandise and leaves a data trail along with the monetary transaction, which unwittingly becomes an opportunity for another business transaction? Funny isn’t it? Do we call this being opportunistic or exploitation?

Is facebook alone in indulging in this kind of data exploitation? Connecting professionals of this world, LinkedIn offers deeper insights into their profiles for recruiters and sales people. Most of us even pay hefty subscription fee for this access and insights. Effectively, users are offered free usage of the platform so that Linkedin can profit by selling their information to businesses. Twitter provides targeted feeds that businesses can buy based on demographic data. The difference is that facebook allows third-party apps to be built on its platform, thereby creating a wider exposure of its user information, while other apps are doing it themselves.,

What happens if the user base moves towards private networks, access is restricted to moderation, commerce is limited to the members alone, and targeted ads are forbidden?

Being public is a sign of transparency, but using the same information to exploit those who generate the information will drive people away from being public and transparent.

What if people choose to follow Elon Musk’s lead, and quit en masse from facebook?

Who wins and who loses?

Kiran Madhunapantula, COO
Kiran Madhunapantula is passionate about radical trends in software development using techniques like Lean Software Development and Scrum, building high-performance teams, and organizing distributed innovation.

Get in touch with us to learn more about the subject and related solutions

Explore related posts