(Image credit: PixxlTeufel.)
Way back in 1975, geochemist Dr. Wallace Broecker of Columbia University published his article “Climatic Change: Are We on the brink of a Pronounced Global Warming?” Today, almost 45 years later, the debate has intensified but still rages on, even as some believe the clock is running out. The UN Intergovernmental Panel on Climate Change warns that we have only 11 years to limit the chances of a climate change catastrophe.
One can see strong parallels between Dr. Broecker’s warnings and those related to our loss of personal data privacy. Society is facing the threat of climate change, which some experts say will reach a tipping point; we may be reaching a similar tipping point with privacy and cyber security.
In their paper presented at the 1965 Fall Joint Computer Conference titled “Some Thoughts About the Social Implications of Accessible Computing,” E. E. David, Jr. of Bell Labs and R. M. Fano of MIT, warn that “the same technology which has given us new dimensions in communication has been used to implement eavesdropping equipment.” They went on to say that “the very power of advanced computer systems makes them a serious threat to the privacy of the individual”.
And just as we continued to contribute to climate change, we continue to surrender personal privacy in exchange for the lure of instant gratification delivered through simple, easily accessible technologies.
Insurance Industry Opportunity
The insurance industry is uniquely well positioned to take the lead in safeguarding data privacy; few other industries have the same depth and breadth of personal information or the same level of dependency on the trust and loyalty of their customers.
Many insurers of property, life and health, along with numerous supply chain intermediaries, are employing a wide range of connected digital technologies to gather individual data and store, analyze and use it to train AI and use it to offer new different and attractive products and services. And as of now, there is no easy way for customers to reclaim their data. People may consciously understand the trade-offs of using digital services, but few understand how extensively their data is captured, used, and shared. And that data exists in digital form and therefore virtually forever, most certainly long after we are gone.
Without applicable data laws, we’re left with a decentralized patchwork system, devoid of human control. Privacy concerns are surfacing almost daily now but successful high-profile applications of analytics are drowning out the cautionary voices. Facial recognition, which is not unlike taking your fingerprints without your permission, is being used by China to keep track of all of their citizens and has been deployed by law enforcement agencies all over the world.
Too Little, Too Late
In a relatively small victory for opponents of this rapid adoption, San Francisco recently became the first U.S. city to ban the use of facial recognition by local agencies. And California’s tough new law, The California Consumer Privacy Act which takes effect in January 2020, will significantly limit how companies handle, store, and use consumer data. The law will require businesses to be more transparent, give consumers the ability to delete and download collected data, and give them the chance to opt-out of the sale of their information. But still, according to a new survey by TrustArc, most companies still aren’t ready to comply.
Elsewhere, the European Union’s General Data Protection Regulation (GDPR), a set of new privacy laws went into effect in May of 2018. And Hawaii, Massachusetts, and Washington are all considering their own state privacy laws while Brazil passed its own regulations that will take effect in 2020.
Insurance Industry Call To Action
What we really need however, is a standardized, global set of rules and regulations on the permissible uses of personal data and a process governing and enforcing them. The global insurance industry would gain much by taking the lead in this effort—and sooner than later.