Holly Armitage, principal strategist at BAE Systems, looks at the increasing need to apply ethical standards to the exploitation of data in the insurance sector.
As the pace of digital transformation in financial services continues to accelerate, the need to ensure that data is used ethically grows increasingly important. The conversation has to shift from purely what you can do with data, to what you should do with it.
The rise of artificial intelligence and new emerging technologies is reliant on data, so it’s never been as critical as it is now for insurers and banks to build and maintain their social contract of trust with customers.
This is where data ethics comes into play, asking questions and guiding practical actions about the use of data and understanding where it could be misunderstood, mismanaged, or misused.
Every day insurers receive and manage huge volumes of data, using it to support customers, shape products and services, and manage risk, and data ethics has a pivotal role to play in each of these areas.
Compliance has a crucial role to play here, governing a shared set of principles around data use. There are ethical considerations to manage at every stage of the data lifecycle from collection and storage to exploitation and archiving: which type of data should be collected and from which sources?; what should it be used for?; who should have access to it?; what data should be stored and how?
how long should data be kept before disposal?
The trouble is that many financial institutions are still struggling to agree on what the term “data ethics” means, let alone what their own corporate data ethics should cover.
Ignoring the issue isn’t an option – those who start to map out their ethical considerations now will find they form useful guard rails to help accelerate opportunity and innovation.
What does “data ethics” really mean?
Data ethics is about exploring the grey areas which don’t conform to rules and regulations, and putting them in the context of corporate values.
For data ethics to be useful in practice, it has to be more than just ‘what not to do’ – it can’t just be a compliance tick box exercise or a binary list of yes or no, right or wrong questions. And it’s more than just what an insurer is doing with data, it’s also about who is doing it and the how and when.
Data ethics come into their own not in situations of obvious “right versus wrong”, but rather more nuanced quandaries of “right versus right”. How does an insurer choose, for example, between the “right” of customers to be protected from fraud through use of their data, and the “right” of minimising personal data collection?
It all comes down to a moral code of conduct laid out by each company that it will live, breathe and operate by when it comes to the use of data. No two data ethics frameworks will be the same, and a framework cannot be copied as it is unique to the history, culture and future plans of an individual company, created by the individuals that run it.
So generic, plug-and-play data ethics frameworks are not the answer. Although they may help in providing defined approaches to decision-making, and concrete guidance for known scenarios, they fail to take account of an organisation’s unique circumstances and can offer an overly simplistic and narrow view of ethics. In short, they fail to get to the heart of the problem.
Data ethics isn’t a simple problem, and for many financial service providers there won’t be a single right answer. But in the end, it will determine critical business decisions and the strength of customer trust.
Be the first to comment