By Christina Peters
American adults are feeling increasingly less confident about their ability to control and ensure the privacy and security of their personal information, according to a recent study from Pew Research.
While people routinely share such information when they believe doing so will benefit them, consumers and citizens everywhere are concerned about the risks and often skeptical about the promised benefits of sharing their personal data. Information analysis has become an indispensable tool for businesses, governments and organizations of all kinds – in every industry around the world. Improvements that data analytics can bring in areas like transit, energy conservation and medical have made analytics too compelling for the private and public sector to ignore.
Yet it’s evident that protecting personal privacy is a critical challenge on the path toward enabling information analysis that generates better outcomes and opportunities for businesses and other organizations.
My colleague, IBM Fellow and Chief Scientist of Context Computing, Jeff Jonas, brings thought-provoking insights to the contentious debates on balancing privacy and analytics that pit the sides in a friend vs. foe manner. One of Jeff’s most telling examples is his work with the Pew Charitable Trusts to improve the quality of the US voter lists, which contain a large percentage of out-of-date addresses due to America’s highly-mobile population.
The system Jeff and Pew helped build – the Electronic Registration Information Center (ERIC) – allows states to share their voter lists and compare those records to other records, including driver’s licenses and death records.
In this system, it’s imperative to be able to confirm that a new address on one record – for instance, a driver’s record – relates to the same person with an old address on the voter record. To do that, the system requires states to share some highly-sensitive data elements to confirm the records relate to the same individuals, such as Social Security numbers, driver’s license numbers, and dates of birth and compare that data in a central database.
Needless to say, this approach could raise privacy concerns. Rather than abandoning the use of analytics, the team made anonymous sensitive identifiers to change them into a non-human readable, non-reversible format before any data transfer.
The ability to analyze the data and answer the important question – “Do these two records relate to the same individual?” – is maintained. The ability to discover personal identifiers about individuals, such as their social security numbers, is not.
Rarely is the debate louder or longer than in Europe where protecting privacy while promoting progress is a significantly contentious topic.
European regulators, legislators and policymakers have been working hard to reach a consensus on draft privacy regulation that has been under consideration for almost three years.
If the regulation is to both protect the privacy of Europeans as technology outstrips today’s expectations, it has to set standards that permit innovation – both in analytics, and in solutions to the privacy challenges the future will surely bring.
To help encourage a constructive conversation on why analytics are essential to business and government and to examine how innovations in data can be a driver of widespread positive change, IBM recently convened a meeting in Brussels with more than 100 representatives of the EU data policy community in Brussels. The meeting focused on a fresh perspective – finding practical solutions to how technologists and privacy experts can answer questions that Big Data and analytics raise for privacy.
The answer: one question at a time. By carefully considering the possible impacts on people at the outset, data architects and analysts can design ways to avoid or mitigate those impacts into their solution. Innovation in privacy must proceed hand in hand with innovation in analytics.
Embracing analytics that deliver on privacy is particularly essential if the EU and other governments and global businesses aim to foster prosperity, growth and security. They must find effective solutions to the privacy concerns of their citizens that don’t limit the capacity for breakthrough research and innovation. Indeed, the answers are not to be found in sweeping prohibitions, minutely detailed requirements or regulatory checkboxes.
Rather, they are found one at a time, in applying high standards to solving hard problems.