When one thinks of traditional asset classes we think of equities, bonds, commodities, property and cash.
Now add ‘Personal Data’ to the list of available investments.
Just like oil powered the factories and machines in the industrial revolution. Personal Data will be the fuel which allows the ‘new’ machines and algorithms to operate. Without it they break down, stop or worse still, return errors.
To date that personal data has been anything but ‘personal’. The same brands that consumers love and diligently support have collected it, used it and even sold it. All without returning as much as a thankyou.
That may be all about to change.
A wave of regulation across the globe is taking the first step in assigning the property rights to this data. In May 2018, the General Data Protection Regulation (GDPR) will come into play, requiring organisations around the world that hold data belonging to individuals from within the European Union (EU) to provide a high level of protection and explicitly know where every ounce of data is stored.
Closer to home our own Privacy Act 1988 in large part mirrors the EU variant.
This is regulation with teeth. in the case of the GDPR, fines for non-compliance can be up to 4% of total global turnover (or 20 million Euros – whichever is larger).
This will be sure to appear on the boardroom agendas around the world. Especially after the highly televised Equifax breach which saw millions of consumer personal data records hacked by cyber criminals.
The good news is this signifies a shift in the balance of power and starts to provides individuals with the legal and practical means to take greater control of their data. To decide on how it’s used, who they share it with and when they wish to be ‘erased’.