Data sovereignty: How offering your customers control over their data can benefit your business6 Aug 2020 | Enrique Pena
Information-rich organisations have never possessed such extensive reserves of personal data, nor have they had the opportunity to be closer to their customers as a result. Digital services consumers have benefited from customised product and service offerings, with great user experiences and the ability to intimately engage with their favourite brands on multiple platforms.
Using the oil analogy, it is essential to develop oil from its crude form into fuels, lubricants, and other valuable commodities to maximise its value. In the case of raw data, to maximise its value, it's essential to transform it into actionable insights which can proactively guide decision making and provide opportunities for new and increased revenue, increased competitiveness, operational efficiencies and more. There are synergistic effects too. By collecting more data, an organisation can expand its scope, improve its products, which in turn will attract more users, generating even more data, and so on. And unlike oil, there will never be a shortage of raw data, making its business value exceptionally high.
Smart devices and the internet make the mining of data abundant and ubiquitous. Virtually every activity creates a digital trace. This means an abundance of raw material for the data distilleries. When 5G, the Internet of Things (IoT) and cars connect to the internet, they will increase the volume of data exponentially. Artificial intelligence (AI) technology such as machine learning can extract more insights and further value from data, while algorithms can predict numerous things all contributing to the 'data economy'.
In the data economy, organisations collect but also manipulate, share, sell and monetise unprecedented amounts of personal and confidential data across country borders. Therefore, as discussed in my previous blog, organisations that collect data should also invest in intrinsic data privacy. Robust data privacy is not only a fundamental value proposition for any digital brand and product, but it is also crucial for placing the interests of users first. As individuals generate ever-increasing amounts of data, how their data is collected and used, along with how their data is protected with transparent privacy policies will dictate how much people trust and embrace data-driven services and innovations.
There are growing concerns that people have little to no control over what happens to their data and how others use it and profit from it, which is a contributing factor in the increasing distrust of digital services by consumers. The balance between the sharing of data and the benefit gained from doing so is heavily weighted in favour of a handful of global tech giants. That balance must be remedied in favour of consumers, and one way to do that is to put consumers back in control of their data.
In this wild data sharing landscape, governments have swiftly moved to provide legal instruments that seek to regulate the flow of information. This has included the declaration of 'data sovereignty', in which governments enforce their own (and in many cases strict) privacy laws on data stored within their jurisdictions. These laws are primarily in the governments' and their citizens' interests to protect personal information against any misuse, especially outside of each country's jurisdiction. But it is also a call of sorts to the global data economy's tech giants to bring back sovereign interest and protect the competitiveness of local business and innovation.
Data sovereignty comes into play when an organisation's data is stored outside of its country of origin and is subject to the laws of the country in which the data resides. The main concern with data sovereignty is maintaining privacy regulations and keeping foreign countries from being able to access or subpoena sensitive data. For businesses that collect private and confidential data, the challenge is to ensure that data privacy is not put at risk when shared across borders. Governments have realised that when it comes to data sovereignty, they cannot rely on external players. In the data economy, where data drives growth and innovation, you need a local alternative.
As an example, consider the data you store in the cloud is like the money you keep in your bank. What if the bank took your money that you thought was saved in your local account and put it into a foreign bank? And what if the political situation changed in that foreign country and the foreign government took possession of that money? With cross-border data storage, that is what can happen with even your most sensitive data. You can ask yourself, as a Gmail or WhatsApp user, where in the world are your messages, photos and email attachments really being stored? Just because you hired a local service provider or a provider based in the country you live in, it does not mean they store your data in a local data centre. You should really ask them.
For businesses and governments, data sovereignty regulations have created a multitude of compliance obligations and urgent strategic changes. There is a need for informed decisions about where customer data is stored and how it is managed and protected when shared across borders. Responsible businesses and government entities, interested in increasing trust, can use data sovereignty as the means for them to offer their customers and citizens control over their data assets, while still being able to benefit from the data. Additionally, data sovereignty protocols can be a complementary technology providing solutions to other data security problems. Although data sovereignty protocols incur additional costs, they are invaluable because they help an organisation comply with data retention legislation, meet new contractual obligations, remain competitive in the marketplace and establish trust with digital services buyers and users.
How well organisations and governments deal with the risks and benefits posed by data sovereignty are the latest challenges in digital transformation initiatives. As challenging as it might sound, data sovereignty yields fairer and more equitable conditions of competition, especially with international service providers. This is already evidenced by the EU's General Data Protection Regulation (GDPR) that gives individuals power over the use of their data and holds global organisations accountable for their data collection and usage practices.
The concept that data may be subject to the laws of more than one country and that those laws are constantly changing presents increased responsibilities and challenges for many organisations. At Digital14 we can help you assure your organisation’s state of data sovereignty as well as national data sovereignty. Our digital workspace and secure communications solutions are guaranteed sovereign wherever you are. Contact us at Digital14, and we can help you take steps to validate your data sovereignty assumptions and make enhancements to help ensure that trust can be maintained before it is broken.
Connect with us