research in the 21 century - esomar · pdf fileresearch in the 21st century are our ethics,...
TRANSCRIPT
04/11/2014
1
Research in the 21st
Century
Are our ethics, our practices, our laws fit for purpose?
The Topic Today….
• Boring
• Difficult to understand
• Not my business – others to care about
• Superfluous
If you were still thinking this way….
04/11/2014
2
The Future of Our Business….
• Bigger chance than ever of real consumer understanding
• Easier than ever to detect the “Moments of Truth”
• More confident outlook than ever to generate a healthy stream
of business
BUT
• More danger than ever to come into conflict with data protection
• More awareness and suspicion than ever in public that personal
data are misused
• More willingness than ever from regulators to make legislation
water-tight and to prevent any breaches
Where will the future of
our industry go?
The Agenda• Session I: Setting the Scene: 2014
• The Data Protection Debate, as seen from Brussels and our positioning today –
how are we faring?
Kim Smouter (ESOMAR)
• Questions and Answers
• Session II: Looking ahead at the 21st Century: How do we position
research for the future? • Data collection for the future: Just because we can, should we?
Dr. Frank Knapp (BVM)
• Will the future of research be one of white hats, gray hats, or black?
Kim Smouter (ESOMAR)
• Is drawing a line of separation for research still relevant?
Hartmut Scheffler (ADM)
• What are the “Must-Haves” for agencies and clients of tomorrow?
Debrah Harding (MRS, EFAMRO)
• Open Debate and Closing Remarks
Joachim Rittchen – Moderator
04/11/2014
3
About Kim Smouter• Government Affairs Manager for ESOMAR since 2012
• Founding Board Member of the ESOMAR Foundation
• Secretary General of ENNA 2010-2012 • European Network of National Civil Society Associations
• Network of 21 umbrella bodies for the non-profit sector | Covering 19 European countries
• Previous experience working for: • Brussels Office of the North East England region
• European Parliament managing a cross-party intergroup on equalities and non-discrimination
• Co-Founder of New Worlds Project (creative digital community)
• Masters in European Public Affairs from Universiteit Maastricht
Government Affairs
“matters”The Data Protection Debate as seen from Brussels
Our Position Today – How are we faring?
K i m L e o n a r d S m o u t e rE S O M A R G o v e r n m e n t A f f a i r s
04/11/2014
4
In the next 30 minutes
Know where you stand…
Outline the likely outcome
Underline current EU requirements
Debunk the myths around the EU GDPR
Let’s break the ice…
Europe’s love of technology Europe’s fear of technology
04/11/2014
5
Digital is big money• A potential to increase EU GDP by 5%
• Employment potential of 2.1m Europeans
• In long-term increasing to 3.8m Europeans
There is room to grow…• Europe only accounts for 10% of global ICT revenue
• Europe is increasingly reliant on non-EU ICT suppliers
• Europe is quickly losing its innovator status: • Market Fragmentation
• Regulatory pressures
• Investment
04/11/2014
6
Is digital big money for you? • If clients couldn’t pass on data to their agencies?
• If you could not have access to client data?
• If sampling were to be banned?
• If you could not transfer data between your offices?
• If you could not use 3rd party data to verify your own?
• If your activity was not considered legitimate?
“
”
We must create a digital single market for consumers and businesses – making use of the great opportunities of digital technologies which know no borders.
Commission President Juncker’s Manifesto
With €500b at stake, the European Commission is fully aware that the digital economy represents one of Europe’s best chances to restore its economic stature.
04/11/2014
7
DATA PROTECTION IS A FUNDAMENTAL RIGHT
For Europe, this isn’t simply a question of economics…
EU CHARTER OF FUNDAMENTAL RIGHTS
Article 7: Respect for private and family life
Everyone has the right to respect for his or her private and family life, home and communications.
04/11/2014
8
EU CHARTER OF FUNDAMENTAL RIGHTS
Article 8: Protection of personal data
1. Everyone has the right to the protection of personal data concerning him or her.
2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
3. Compliance with these rules shall be subject to control by an independent authority.
The story of Europe and data privacy
The European Union has the most advanced framework to protect data privacy.
A number of reasons explain this: The abuse of public records during WWII
Data privacy is a fundamental right
A tradition of regulation for harmonisation
04/11/2014
9
Piece by piece…decade by decade…
1970s• First
national data protection legislations adopted
1980• OECD
adopts first principles on Data Protection
1981• Council of
Europe adopts Convention 108 on data protection
1995• EU adopts
first directive on EU data protection
1997• EU adopts
the ePrivacy Directive
2002• EU updates
the ePrivacy Directive
2012•Commission proposes the EU Data Protection Regulation
EU principles unchanged since 1980① Limit collection only to what is needed
② Keep the data collected up to date and accurate
③ Data collected must be for a set purpose
④ Data collected must not be used for other purposes
⑤ Keep the data collected secure
⑥ Users should be able to access data held about them
⑦ Users should know what data is collected, why, and by whom
⑧ The data controller is accountable for the data they collect
04/11/2014
10
Europe has led the charge on privacy
European influence on the emerging global data privacy patchwork is strong: • Council of Europe’s “Global” Convention 108
• Several non-European countries have signed up in Latin America and the Middle East
• EU data protection authorities have also: Successfully supported Africa to develop national and continent-wide legislation
Influenced national developments in several countries by imposing “adequacy”
Hosted global data protection authority conferences
Mentored new DPAs in other continents to improve enforcement practice
Europe’s current framework
1995 Directive
Convention 108
ePrivacyDirective
OECD Principles
04/11/2014
11
Until 2016, the 1995 Directive is law
The 1995 Directive continues to be the basis of data protection requirements in the EU: o Collect data only under a set series of circumstances
o Consent | Contractual | Legal Obligation | Subject’s Interests | Legitimate Interest…
o Be processed only for specific purposes
o Not be further processed in incompatible ways
o Proportionate data collection requirements
Until 2016, the 1995 Directive is law
The 1995 Directive also governs the framework for law enforcement: o Transfer of personal data to third countries
o Only to countries providing adequate levels of protection (determined by Commission)
o Binding corporate rules
o Standard contractual clauses
o Enforcement at national level via Data Protection Authorities
o Article 29 Working Party for clarification and advice
04/11/2014
12
EU principles tweaked in 1995① Limit collection only to what is needed
– Proportional data collection linked to the purpose of data collection
② Keep the data collected up to date and accurate ③ Data collected must be for a set purpose
– Only under a set of circumstances: Consent | Contractual | Legal requirement | User request | Legitimate interest…
④ Data collected must not be used for other purposes ⑤ Keep the data collected secure ⑥ Users should be able to access data held about them ⑦ Users should know what data is collected, why, and by whom
– Processing only for specific purposes– Further processing only for purposes compatible with the original purpose
⑧ The data controller is accountable for the data they collect
In the digital world, don’t forget…
Also applicable is the ePrivacy “Cookie” Directive which requires that online:
o Notification of the placement of cookies must take place
o Clear information must be provided about their purpose
o An opportunity to opt-in or opt-out must be provided
o Opt-in or opt-out determined by national jurisdictions
04/11/2014
13
Why is the EU looking to change this?
o Digital economy victim of its own success
o Increased public concern on data collection
o Media coverage of massive loss of records
o Media coverage of tracking on social media
o Public perception that fines are ignored
“
”
Nine out of ten Europeans (92%) say they are concerned about mobile apps collecting their data without their consent.
Flash Eurobarometer 359 commissioned by the EU
Public concern and awareness of data protection issues is rising quickly and is increasingly taking front-stage in the media.
BRAND AND REPUTATION | LEGAL FEES | REGULATORY FINES
04/11/2014
14
“
”
Seven Europeans out of ten are concerned about the potential use that companies may make of the information disclosed
Commissioner Reding speaking on “Data Protection Day”
Research is on the frontlines of the data revolution and is exposed to extreme reputational and financial risks should it fail to comply to current and emerging regulation.
“
”
We need a law that no-one can ignore. Rules that not only bark but bite! Showing citizens that a strong EU data protection framework effectively protects and upholds their rights will help to rebuild trust.
Commissioner Reding calling for a “Data Protection” Compact for Europe
Since 2012, the European Union has been negotiating a new reform of its data protection legal framework prompted by the development of the digital economy, the explosion of incidents of mass data breaches, and a public sentiment that governments and companies alike were engaged in dubious activities involving the collection of personal data.
04/11/2014
15
A framework fit for the digital world…
Whilst the principles are not set to change, the emphasis is increasingly “trust” and “control”:
Accurate and accessible information for data subjects
More control of data subjects over their own data
Greater accountability on data security and safeguards
Requirements to report data breaches within 48 hours!
What the regulation might offer…
If adopted in its current form, the opportunities for our businesses includes:
The promise of bureaucratic simplification (One Stop Shop)
One law covering the entire EU market versus 28 different
Scope for more clarity on data transfers to third countries
Scope for a stronger role for codes like the ICC/ESOMAR
04/11/2014
16
What the regulation might cost…
Digital sectors are particularly concerned by the costs of some of the requirements: New rights aim to give user more control over their data:
Right to be Forgotten | Data Portability | Access
Planned restrictions on profiling may hamper big data
Limitations on transfers of data
Requirements to recruit data protection officers
Steeper fines for breaking the rules
Proposed EU principles post EU-GDPR① Limit collection only to what is needed
– Proportional data collection linked to the purpose of data collection
② Keep the data collected up to date and accurate – Data bases must be accessible and updated at all times– Users must be able to have control over their own data
③ Data collected must be for a set purpose – Only under a set of circumstances: Consent | Contractual | Legal requirement | User request |
Legitimate interest…
④ Data collected must not be used for other purposes ⑤ Keep the data collected secure ⑥ Users should be able to access data held about them ⑦ Users should know what data is collected, why, and by whom
– Processing only for specific purposes– Further processing only for purposes compatible with the original purpose
⑧ The data controller is accountable for the data they collect — Responsible for inadequate security — They are responsible for declaring data breaches within 48 hours
04/11/2014
17
What does it mean for us?
“
”
Market research depends for itssuccess on public confidence – that it is carried out honestly, objectively and without unwelcome intrusion or disadvantage to its participants.
ICC/ESOMAR Code on Market and Social Research
Our business model relies on consumers responding to our surveys, panel invitations, and audience measurement willingly.
Distrust decreases response rates subsequently increasing the cost of doing business.
04/11/2014
18
We are at the frontlines…• MR is exposed to a new public affairs reality:
• Deep concern about private sector data collection
• Trust of private sector’s use of data is reaching new lows
• Our added-value is in the collection and interpretation of personal data
• We are at the forefront of turning “”Big Data” into “Smart Data”
• The Snowden revelations and NSA scandal have polarised the debate even further
• Staying hidden means regulators can no longer distinguish us from other activities
• Commercial research is cast in a “bad light”
Regulators’ questions• How do I distinguish your sector from others?
• Why should I grant you a special status?
• I’ve been getting unsolicited calls claiming to be MR?
• How can I be certain MR isn’t being used for profiling?
• If it’s for public interest that’s fine, but not for private…
04/11/2014
19
Opportunities of the GDPR• Research can be a ground for processing
• Research across Europe under 1 rule
• Special treatment provided to research
Exemptions under threat• Research agencies exempted from asking for consent for sampling
• Commission’s proposed to renew this exemption: Article 83
• Parliament’s adopted text has removed this possibility
• Council is proposing this only for public interest research
Our top objective as associations:
Lobbying for Article 83 to enable us to set samples
04/11/2014
20
Excluding Commercial MR• Research commissioned by clients excluded from exemption
• Public interest bar introduced by Council for exemption
• Separation between historical, statistical, and scientific
• Separate conditions for each of the grounds of research
Our top objective as associations:
Lobby for an explicit reference to our methods in Recital 126 which sets the scope for Art 83, and in Art 83 itself
Working to make this painless…
ESOMAR and EFAMRO are working side-by-side to ensure your interests are catered: o Lobbying against the amalgamation of profiling and sampling
o Lobbying for MR to be considered statistical & scientific
o Lobbying for research to be accepted as a legitimate purpose for data collection and further processing
o Lobbying against efforts to separate commercial and non-commercial research
04/11/2014
21
Our public affairs challenge:• Raise awareness of the social value of MR
• Increase understanding of the folly of dividing MR from opinion and social research
• Tackle the negative perception of commercial research
• Improve our transparency with respondents
• Reinforce the importance of distinguishing research from other activities
• Need to be aware of red-flag words: tracking, profiling, etc…
42
Biography Dr. Frank Knapp
President / CEO BVM Berufsverband
Deutscher Markt- und Sozialforscher e.V. since
2011.
Since 2002 Member of the Executive Board,
2005-2011 Vice-President; BVM member since
1999.
Member of the Executive Board / CIO PSYMA
GROUP AG since 2012; Managing Director E-
Business / ITC since 2001.
Trained Economist & Statistician.
Main Area of Activity: Research for the Digital
World.
04/11/2014
22
Berufsverband
Deutscher Markt- und
Sozialforscher e.V. Data collection for the future:
Just because we can, should we?
44
CRM & Personalization
Big Data & Smart Data
All is measured: The end of privacy
Busy regulatory environment
Trends & Challenges
04/11/2014
23
45
Market Research is Trust
Just because we can, should we?
46
Government, Society, legal issues: Regulation
Consumers: Survey Response
Clients: Our wellbeing as an industry
Trust determines our relationship with all stakeholders
04/11/2014
24
47
EU principles are not new to us, but (should be) well integrated in
our daily routines.
We should also not only look at these principles from a legal
point of view, but especially from an ethical one:
What are the ethical principles of our industry?
Individuals are no research „objects“ or embodiment
of useful data, but owners of knowledge who may or
may not share with us.
48
Both address and survey data are not owned by us, but by
respondents.
In order to use such data, respondents need to voluntarily and
explicitly agree.
We do not commercialize respondent address data, we just use
address data to contact respondents.
We do not advertise clients‘ products & services, we only
research them.
We abstain from non-research related activities.
What are the ethical principles of our industry?
04/11/2014
25
49
We only analyze data which are freely given to us (definition
depending on application)
We just use addresses (and other personal) data for research
purposes, even if respondents would agree to other purposes.
We take a neutral position towards our clients, their products &
services, i.e. we do not advertise.
3 Consequences for Research Activities
Makes it clear to regulators that we differ from other
industries and therefore different rules are justified.
We are not part of the commercial practice of our clients
(= rules relating to their practice do not apply to us).
Builds up trust towards respondents.
50
Transactional data: Respondents / users need to be aware that
these are collected and potentially analyzed.
Web analytics: Likewise, user need to be informed that these
data are collected (e.g. by site owner).
Any combination of transactional data / web analytics with other
sources (e.g. surveys) requires approval by users.
„Personal“ measurements (e.g. health apps etc.): Data belong to
users, other usage requires explicit consent (and needs to
specify purpose for which data are analyzed).
Social Media: Only „published“ data (or explicit consent) and no
personal identifiers.
Sample Applications
04/11/2014
26
51
Because they are free actors & our partners in
research, not mere objects, even if data are collected
passively.
Why still say Respondents?
52
We use personal data only for survey management.
We deliver insights on overall, segment or profile level, but not on
a non-anonymous individual level.
Usage of personal data
= Different rules than for other industries should apply.
04/11/2014
27
53
Our research uncovers opinions, attitudes & behavior without
influencing them.
This also requires
- no leading / biased questions in favor of brands & products
- no product information beyond what is absolutely necessary
for research
- no client-related contact information
- no client communication accompanying research activities
We do not advertise
= Different rules than for other industries should apply.
54
As trust is needed more than ever (see NSA, cloud & password
hacking…) we are more modern than ever.
Clear positioning preferred rather than „we meddle with all kind of
data with all kinds of methods“.
Embracing new paradigms & technology does not prevent us
from complying with ethical and legal requirements.
Are we outdated if we stay within our self-defined limits?
04/11/2014
28
Government Affairs
“matters”Will the future of research be one of
white hats, grey hats, or black?
K i m L e o n a r d S m o u t e rE S O M A R G o v e r n m e n t A f f a i r s
“
”
Market research depends for itssuccess on public confidence – that it is carried out honestly, objectively and without unwelcome intrusion or disadvantage to its participants.
ICC/ESOMAR Code on Market and Social Research
Our business model relies on consumers responding to our surveys, panel invitations, and audience measurement willingly.
Distrust decreases response rates subsequently increasing the cost of doing business.
04/11/2014
29
In perfect harmony…
The ICC/ESOMAR Code’s principles echo those that underpin the EU framework namely:
Voluntary participation based on adequate information
No harm or adverse effect resulting from participation
Market research data may not be used for other purposes
Design, execution, and reporting must be accurate
MR’s historic positioning• Based on trust
• Based on transparency
• Based on quality
• Based on the same rigour as other research
04/11/2014
30
What’s the issue?• The revenue streams for traditional approach are drying up
• Real risk of locking ourselves unnecessarily
• Protecting traditional techniques does not prevent us being asked about the new ones…
OUR APPETITE FOR BIG DATA IS CHALLENGING THIS PERCEPTION
Real-time, ever more precise…
04/11/2014
31
A grey hat future?• Tracking studies
• Customer satisfaction, audience measurement
• Real-time profiling
• Shorter decision-making chains
• Data augmentation
• Data brokering
We can’t ignore it…• Investment is increasingly focussed on projects that deliver:
• Better Return of Investment
• Faster deployment of insights results
• More granularity of results
• If we don’t do it… others will…
04/11/2014
32
What’s the issue?• Difficulty ensuring the consent chain
• Blurring of lines of MR from other activities
• Employing the vocabulary of advertisers
• Decreasing acceptance of the brand MR
DISTINGUISHING AND MAKING THE CONTINUED CASE FOR RESEARCH
In a “Grey-Hat” scenario, greater investment needs to be made in:
04/11/2014
33
ARE EXEMPTIONS MORE TROUBLE THAN THEY ARE WORTH?
Moving to the mainstream could be attractive after all…
It could be tempting…• A black hat would allow us to carry on:
• Collecting without the purpose limitation of our self-regulation
• Allowing us to pass the information more easily between client and agency
• Be able to use the language we want to use
04/11/2014
34
What would this mean?• We would be bound by the same rules
• Consent would become necessary even when setting samples
• Transferring of data would become much more difficult
• Right to be forgotten would have to be enshrined in our projects
• Right to access of records also
• Sampling and profiling would be the same
WHITE – GREY – BLACK…The question is where do we want to sit?
04/11/2014
35
ADM Arbeitskreis Deutscher Markt- und Sozialforschungsinstitute e.V.
69
Hartmut Scheffler Biography
• MD in Market Research since 1989, MD TNS Germany since 1994.
• Since 2005 Chairman of the Board of ADM (Association of German
Market Research Institutes).
• Since 2008 Member of the Advisory Board of Marktforschung.de.
Moreover: Member of the BVM, ESOMAR, Wissenschaftliche
Gesellschaft für Marketing und Unternehmensführung e.V.
• So called “Expert” of German Government for the revision of BDSG
(Data Protection law).
• Lots of papers, interviews, speeches to point out the position of
“Existing Values+Innovations+Differentiation to non MR-Activities”
• Main actual topic: Future oriented activities and policy – strictly based
upon the pillars of Applied Science, Data Protection, Quality and Ethics
ADM Arbeitskreis Deutscher Markt- und Sozialforschungsinstitute e.V.
Is drawing a line of separation
for research still relevant?
Hartmut Scheffler
04/11/2014
36
ADM Arbeitskreis Deutscher Markt- und Sozialforschungsinstitute e.V.
71
What we have to realize!
• Growing demand for Realtime Data, Experience Measurement, 1-2-1
communication and Big Data – Analyses
• Especially in CEM – but not only – growing demand on client side for
personal data.
• Suppliers and offers for this business existing – Data delivery with/of
personal data in place – it´s practice!
ADM Arbeitskreis Deutscher Markt- und Sozialforschungsinstitute e.V.
72
From what shall market research be separated?
• Studies for purposes of market, opinion and social research
- are conducted with accepted scientific methods and techniques,
- serve to produce generalizable findings, and
- observe strictly the principle to render research data anonymous.
• Services based on the disclosure and use of personal data
- serve the objective to target the data subjects directly and individually
- for commercial and other non-research (e.g. fund raising) purposes
- and therefore cannot observe anonymity.
04/11/2014
37
ADM Arbeitskreis Deutscher Markt- und Sozialforschungsinstitute e.V.
73
Necessity of drawing a line of separation
• to preserve trust in and acceptance of market research in the
population as a methodological condition for good research quality
• to preserve the legal privilegies granted to scientific research
• to avoid the requirement of respondents‘ consent in writing when
collecting the research data (according to the data protection law)
• to avoid the requirement of opt-in before collecting research data by
telephone or online (according to the competition law)
• To strengthen differentiation between MR and advertising
ADM Arbeitskreis Deutscher Markt- und Sozialforschungsinstitute e.V.
74
Aim of drawing a line of separation
• The general aim of drawing a line of separation between market
research and services based on the disclosure and use of personal
data is to avoid as far as possible any misleading of
- respondents and clients,
- media and the public,
- political institutions and supervisory authorities.
• The general aim of drawing a line of separation shall be considered by
- the codification of professional principles and rules and
- the interpretation of the applicable legal provisions.
04/11/2014
38
ADM Arbeitskreis Deutscher Markt- und Sozialforschungsinstitute e.V.
75
Measures to draw a line of separation
• use of adequate and not misleading terms and definitions
• adequate communication towards respondents and clients as well
• legal and personnel demarcation of research and other activities
• not misleading purpose, name etc. of the (research) company
• organizational and technical separation (e.g. regarding IT)
Debrah Harding Biography
• Currently Chief Operating Officer of the Market Research Society (MRS) having joined MRS in 1999 to establish Standards Department
• Since 2012, Vice-President of EFAMRO
• A founding member of the Global Research Business Network (GRBN), launched in 2011
• Co-author of the book Quality in Market Research – from theory to practice (2012)
77©copyright efamro 2014
04/11/2014
39
78
What are the “must-haves” for agencies and clients of tomorrow?
October 2014
Munich, 22nd October 2014
Debrah Harding
Vice President, efamro
79
Background• Macro issues
– people
– society
– business
• Future challenges
• Future opportunities
• How business needs to evolve– The ‘must-haves’
©copyright efamro 2014
04/11/2014
40
Macro issues: for people
• Privacy
• Data usage and security
• Right to be forgotten
80©copyright efamro 2014
Privacy and data
• GRBN launched a new personal data study to track perceptions of data across Europe, Asia-Pac and the Americas
• Sponsored by Research Now
• Full report available from early 2015
• Some early results...
81©copyright efamro 2014
04/11/2014
41
Q: How concerned are you that your personal data might be misused?
% “very concerned” with how personal data is collected and used
Germans are much less concerned than other Europeans that their personal data might be misused
Finding from the GRBN Trust & Personal Data Survey 2014
* Population weighted average for the 9 European countries in the survey
6%Average*
28%Vs.
Q: Here is a list of different organizations or companies that may collect and process your personal data. To what degree do you trust each of them to protect and appropriately use your personal data? (7 = trust very much 1 = trust very little)
Germans are much more likely to trust the market research industry not to misuse their personal data
Level of trust in the Market Research Industry
Low trust(Rating: 1 to 2)
36%
High trust(Rating: 6 to 7)
11%
Some trust(Rating: 3 to 5)
53%
EFAMRO
Low trust(Rating: 1 to 2)
15%
High trust(Rating: 6 to 7)
21%
Some trust(Rating: 3 to 5)
64%
04/11/2014
42
Right to be forgotten - Google• Launch of official request process on May 29, 2014
• Total URLs that have been evaluated for removal: 498,737URLs
• Total requests received: 145,644 requests
• Example: Germany
– Total URLs that individuals with relationships to Germany have requested for removal: 88,973 URLs
– Total requests Google has received directly from Germany:25,078 requests
– 53% removed; 47% not
– E.g. an individual in Germany requested that Google remove close to 50 links to articles about an embarrassing private exchange that became public; the pages have been removed from search results for his name
84©copyright efamro 2014
Based on Google data as at 11th October 2014
Macro issues: for society
• FRANCE: Orange study – Future of Digital Trust (September 2014)
– Consumers value of personal data to business: €170
– Consumers happier to share information, at less value, with businesses they trust or have a relationship with
– With unfamiliar organisations value raises to nearly €240
– On average, consumers attribute a value of approximately €15 to an individual piece of data with a brand they already know
– This increases by 20% to approximately €19 for unfamiliar organisations
85©copyright efamro 2014
04/11/2014
43
Macro issues: for society• The ‘social contract’ between business and society
– 80% respondents know that their personal data has a value for business
– 78% agreeing that this value increases the closer they match a brand’s ideal customer demographic
– 67% of respondents believe organisations benefit the most from the sharing of data
– 6% believe the consumer benefits the most
– a sense of imbalance in the data-sharing relationship between consumers and businesses
86©copyright efamro 2014
Macro issues: for society
Who educates consumers about managing personal data?
– Consumer bodies: 36%
– Mobile operators: 20%
– Internet service providers: 20%
– National government organisations: 12%
– Don’t know / None: 37%
To download the report: www.orange.com/en/press/press-releases/press-releases-2014/Consumers-value-their-personal-data-at-170-140-Orange-study-finds
87©copyright efamro 2014
04/11/2014
44
Macro issues: for business
• US: KPMG CEO Study - Setting the course for growth: CEO perspectives – 72% worried about relevance of products/services three years
from now
– 59% worried about new entrants disrupting business model
– 44% have changed senior leadership to spend more time with clients and customers
– Regulatory environment has the highest perceived impact on business (34%)
To download the report: www.kpmg.com/US/en/topics/Pages/ceo-study.aspx
88©copyright efamro 2014
Macro issues: for business
UK: Department of Business, Innovation & Skills &
PWC (2013) – Information Security Breaches
Survey
– The number of data breaches from the previous year increased
significantly:
– 87% of small firms - up 10% - experienced a security breach last
year.
– 93% of large organisations had a security breach last year
– 50% more attacks on average than a year ago
89©copyright efamro 2014
04/11/2014
45
Macro issues: for business– 78% of large organisation were attacked by an unauthorised
outsider
– 63% of small organisations
– 36% of worst security breach were caused by inadvertent human error (a further 10% by deliberate misuse)
– 57% of small businesses suffered staff related security breaches
– 17% of small businesses know their staff broke data protection regulations in the last year
To read the report: www.pwc.co.uk/assets/pdf/cyber-security-2013-exec-summary.pdf
90©copyright efamro 2014
Future challenges
• Citizens/research respondents changing
• Rise of ‘Privacy Fundamentalists’
• Quantified self, Unified self now Liquid self?
• Big & Smart Data
• ‘Disruptive’ technology
• Rise of 5G and Internet of Things
• Future harder to predict?
91©copyright efamro 2014
04/11/2014
46
Future opportunities
• Researchers understand:
– People
– Consumers
– Business
– Society
– Data
92©copyright efamro 2014
Future opportunities
• Opportunities
– Data navigator within business
– Objective voice of consumer
– ‘Honest broker’ as user of data
– Bridge between consumer/citizen and business & society
93©copyright efamro 2014
04/11/2014
47
How business needs to evolve
• Your ‘must-haves’
1. TRUST – Social Contract
With respondents
With clients
With society
How? For example the Fair Data marque launched by MRS in the UK.
94©copyright efamro 2014
How business needs to evolve
• Your ‘must-haves’
2. TRANSPARENCY
What you do
How you do it
Distinguish between research and other activities
Clear communications
95©copyright efamro 2014
04/11/2014
48
How business needs to evolve
• Your ‘must-haves’
3. PRIVACY-CENTRIC
Privacy by design for new research tools
Go beyond minimum
Embrace high ethical data standards
Clearly communicate ethical policies
96©copyright efamro 2014
How business needs to evolve
• Your ‘must-haves’
4. ACCOUNTABILITY & CONTROL
Partners
Supply-chain
Continuous improvement culture
97©copyright efamro 2014
04/11/2014
49
How business needs to evolve
• Your ‘must-haves’
5. ‘BEST IN CLASS’ STAFF
Adopt continuous professional development culture
Invest in qualifications, training and accreditations across a broad spectrum of knowledge and skills
Staff are core to delivering the ‘must-haves’
98©copyright efamro 2014
The other option…Facebook’s psychological ‘research’ experiment…
99©copyright efamro 2014
04/11/2014
50
Final word…
"The consumer isn't a moron. She is your wife."David Ogilvy,
Confessions of an Advertising Man (1971)
The same is true of legislators, clients, respondents…
100©copyright efamro 2014