Tim Williams

So it’s a given that every business needs to collect data and process it for it’s own needs.

It’s also a given that private individuals, if treated respectfully, will generally give consent to the fair collection, processing and selective sharing of their personal data with other organisations.  Laws exist in most developed countries to protect personal and private data.

All’s well: simple, well-understood, accepted, that’s just the way the world goes around…

But is this the end of the matter?

Not in my view.

What’s really wrong with the ’status quo’ from a consumer’s perspective are 3 things:

1. the ‘one way’ street - most organisations that collect and process personal data don’t provide any feedback or self-service mechanisms that allow customers to see what data is being held, correct any errors and control what happens to their data

2. lack of supply-chain controls - controls that allow customers to control, in detail, which aspects of their information can be shared with and with which business partners

3. lack of life-cycle controls - controls that allow customers to decide when certain personal information, which is not required for compliance purposes (e.g. for keeping business accounting records, or for credit status reporting) must be deleted.

Some of the very best online businesses are starting to provide controls of this nature, but it’s far from the norm.

I have some ideas about what’s going to happen in the next few years in these areas as an increasing proportion of consumers grow up ‘information savvy’ and the populace in general starts to ask discerning questions about businesses are doing with their personal data.