In April of 2018, Mark Zuckerberg testified before Congress about Facebook’s privacy practices the perceived data breach by Cambridge Analytica. As insurance professionals, we recognize that this was not a true data breach in the sense that no one hacked Facebook’s servers and subsequently stole individual information. Facebook users opted in to sharing information and sharing the information of their “friends.” It was evident through the course of questioning that this technicality, however, does not relieve the anxiety or unease that many feel about the new culture of information sharing. There is certainly a discussion to be had as to whether or not it is appropriate for an individual to be able to approve the sharing of someone else’s information. And Facebook has already changed their permission structure which indicates to me that they did have that conversation internally and landed on the obvious answer that it is inappropriate.
Another interesting conversation to be had is how the nature of privacy is changing and how valuable an individual’s personal information is financially. This is relevant to us as insurance professionals not only in understanding where businesses might be exposed to breaches or misuses of data but also in understanding if there is a shift in privacy expectations, how might that be useful to insurers?
Historically, we have thought about Personally Identifiable Information (PII) as ID numbers, account numbers, health/medical information, etc. The value of this type of information is easy to recognize and even relatively simple to quantify financially. On the other hand, consider all of the information that we are all voluntarily sharing. Each of us has profiles that tell a story about who we are. When we wrote those stories, we probably intended them for the people we consider friends or at least acquaintances.
Those of us who grew up in an era before the sites were fully integrated into our lives may be questioning our comfort with sharing those stories now that the services for which we created them have grown and expanded the reach of those stories. Digital Migrants, typically understood to be Gen X and Baby Boomers, seem to be even more uneasy than semi-Digital Native Millennials, who are more uneasy still than true Digital Native Gen Zers. Growing up concurrently with Facebook, I was shocked to hear, during Zuckerberg’s April testimony, members of Congress ask things like “Can you delete your profile?” “How do you make money?”
As I listened, I had two thoughts:
- This is an example of why there must be diversity of experience in decision makers within our companies. Our world is too complex for one type of individual to have a full understanding of everything that is happening, and the pace of change has never been faster. We must depend on our colleagues when their knowledge set is different from ours.
- My friends and I understand that Facebook uses our data, so do many other companies, like Apple, 23andme, Google, etc. While every implication of this use may not be understood, (and could likely stand to be more closely examined), we are each making the decision that the rewards or benefits we get through these services are enough to keep us sharing our data through them and with them.
Insurance companies have also thrived on the use of data-historically gained by questioning Insureds. Insureds understood that the benefit to sharing the data (through an application) was having protection in the event of a loss, and insurance companies used the, often detailed, information to understand exposure to risk, create terms of insuring, and rate appropriately. As we move away from applications that are pages long and instead get data from external sources, it is imperative that we make our products’ value more explicit and provide services that improve our Insureds’ day-to-day lives through use and analysis of their data, just as these tech giants have done.