What Acxiom Can Teach the NSA About Transparency
At last month’s IAPP Privacy Academy, I attended a session on “taming Big Data.” Much of the discussion involved the difficulties of conveying Big Data collection and use practices to consumers. As IAPP VP of Research Omer Tene has said, explaining the online tracking landscape would be equal to placing an average person in the cockpit of a fighter jet and asking him or her to fly it. Good luck with that.
Being transparent about such complex processes is understandably challenging for Big Data businesses and the privacy pros fully immersed in the weeds. We also hear folks talk about fostering consumer trust through corporate accountability. Good companies will be as transparent as possible, but must continuously demonstrate to their customers that they are trustworthy. Transparency is but one step toward a truly accountable organization and it’s a process that never really ends.
Well, last Tuesday after listening to a House Intelligence Committee hearing on U.S. surveillance, I heard similar attempts by National Security Agency Director Gen. Keith Alexander and Director of National Intelligence James Clapper to explain how, in order to gain back the trust of the American people, U.S. intelligence agencies must be more transparent.
Ding! Ding! Ding! Ding! A bell went off.
It would seem data brokers such as Acxiom and the NSA have similar transparency problems (I know there are others, but trying to stay focused here). So it got me thinking, the NSA and Acxiom—and the greater privacy pro community in the Big Data ecosystem for that matter—both face a similar set of issues: How can you be transparent to consumers who most likely will not take the steps necessary to actually look at your attempts to be transparent?
Take Acxiom’s consumer-facing data portal for example. Data brokers have been under the spotlight since the Federal Trade Commission published its privacy report in 2012. Letters have been sent, Section 6 has been implemented and many companies like Acxiom have been answering the queries of the FTC. Commissioner Julie Brill has been vocal about her call for data broker transparency with her Reclaim Your Name initiative.
And Acxiom has listened.
A couple months back they unveiled their AbouttheData.com portal so that consumers could see the marketing data collected about them. I have blogged about my experience with the portal. Like many other curious consumers, I found that my data was very generic, often inaccurate and vague. But, hey, they’re taking steps in the correct direction, right?
Acxiom’s Chief Privacy Officer Jennifer Barrett Glasgow, CIPP/US, has been forthright about the issue. At an event in New York City last week, she, along with Brill, talked about the initiative. Glasgow has noted there are security and technical issues that prevent more disclosure of personal information in Acxiom’s portal. And Brill says it’s a good start, but Acxiom needs to begin offering portals of other data it collects on people—its credit and eligibility profiles, for example.
Clearly, the FTC’s burgeoning oversight of the data broker industry has gotten the ball moving, by some organizations, at least.
Unfortunately, in the surveillance realm, it took a whistleblower or leaker (depending on whom you talk to) to get the ball moving for NSA oversight, but the House Intelligence Committee is now starting to behave toward the NSA an awful lot like the FTC is behaving toward Acxiom and other data brokers. (On a side note, House Intelligence Committee members aren’t in total agreement about how much oversight they really have within the committee, but let’s just put that to the side for the moment.)
So should Congressional overseers be demanding the NSA have its own “AbouttheData” portal? Well, the U.S. intelligence community has attempted to be transparent in other ways. The Office of the Director of National Intelligence has opened up a Tumblr blog called IC on the Record. It features official statements, declassified documents, fact sheets and video as well as “In Their Own Words” posts by Clapper, Alexander and others.
But do people really go through it? Yes, I’m sure journalists, regulators and advocates use it. I have a feeling those are the same folks who flocked to Acxiom’s portal, too. But do consumers care?
It reminds me of the privacy notice problem. Everyone’s got a privacy notice, but who, besides regulators, privacy pros and advocates, really reads them?
Clearly, consumers cannot be fighter jet pilots breaking the Internet surveillance sound barrier, but our businesses, just like our intelligence agencies, need to be creative with transparency, not only for a robust free market but for an open and democratic society. Privacy is at the nexus of all this.
Might the solution to the Big Data’s transparency problem, should it come to pass, eventually create the solution to the intelligence community’s transparency problem? Or, considering the increasing urgency created by the Snowden leaks, might it be the other way around?
About the Author
As editor of the Privacy Perspectives, Jedidiah Bracy moderates the many views, angles and, well, perspectives that inform information privacy and all its adjacent professions.
In addition to editing the Privacy Perspectives, Bracy facilitates the vetting, writing, editing and curation for the Daily Dashboard, the IAPP Canada Dashboard Digest, the IAPP Europe Data Protection Digest and the IAPP ANZ Dashboard Digest. He writes feature articles for The Privacy Advisor on information privacy law, data protection and the privacy profession.
When not mulling over the current state of information privacy in the digital age, Bracy enjoys watching international soccer, listening to his music library and tasting a finely wrought craft beer. You can follow him @jedbracy