Policy Oct 4, 2021
How Companies Can Do Data Privacy Better
Not all efforts are costly, and being known for strong protections could give firms a competitive advantage.
As consumers in today’s digital world, we’re used to giving away huge amounts of personal data. We enter our age and credit card number when we register for an online service; we allow companies to track what we click on and buy; we often broadcast our geographical location.
In theory, much of these data are intended to help firms provide better, more personalized service. But as customers become increasingly aware of the risks of their information being stolen by hackers or misused or sold to third parties, they’re looking for stronger privacy protections, says Ruslan Momot, a visiting assistant professor of operations at Kellogg.
So how should regulators and firms approach preserving privacy?
In two papers, Momot and colleagues examine the issue. They find that it’s not enough for policymakers to choose between requiring safeguards against breaches or restricting the amount of data that companies can gather. “You need to regulate two sides of the company’s data strategy, both data protection and data collection,” says Momot, who is on leave from his position as assistant professor of operations management at HEC Paris.
The good news: not all privacy measures are costly to the bottom line. One protective measure, which involves adding “noise” to the output of personalization algorithms, is unlikely to substantially cut company revenue in many circumstances.
“Preserving privacy is not that costly,” he says.
Momot argues that firms should not resist pressure to better protect their customers’ data. In fact, beefing up privacy measures could not only help companies comply with new privacy laws and regulation but could also bring in more business.
“Companies should actually embrace this because this might become a competitive edge,” he says.
Amazon’s product recommendations, based on the data it’s collected about us, are often useful. And, of course, Uber wouldn’t work if we didn’t share our location.
But a stream of news about hackers breaching companies’ databases, as well as growing uncertainty around how information is used and whether it is being shared with third parties, has put customers on edge.
Momot points to a couple of indicators that customers are becoming more guarded. A Pew Research Center survey performed in 2019 found that 81 percent of participants felt that the risks of companies’ data collection outweighed the benefits and 52 percent had recently decided to avoid a product or service due to concerns about giving away personal information. This year, Apple started requiring apps to ask users for permission to track their activity and share those data with other apps. Among U.S. users who made a choice during the first three weeks after this new feature became available, 94 percent of them elected not to allow tracking, according to one industry analysis.
The Downside of Network Effects
So what can regulators do to respond to this growing anxiety?
In one study, Momot and his collaborators, Itay Fainmesser at Johns Hopkins Carey Business School and Andrea Galeotti at London Business School, began by investigating how businesses might, or might not, be incentivized to invest in data privacy.
The team developed a mathematical model of the parties involved in the data market. This included a company, its users, and so-called “adversaries” who wanted to access consumers’ data for harmful purposes. This could include hackers and criminals, as well as entities like governments—basically anyone whose possession of data could make users uncomfortable.
The model predicted that as the firm began gathering data, user activity increased: customers were benefiting from more personalized service. At that stage, the size of the company’s database was small, so it didn’t hold much allure for adversaries. But as the company amassed more and more information, the data trove became more attractive to hackers and other third parties. Privacy risks started to outweigh benefits, and user activity dropped.
“As users become more and more aware, they start to choose companies based on whether the companies are preserving privacy.”
— Ruslan Momot
One key point, Momot says, is that privacy risk, at its core, turns out to be driven by negative network effects.
“Network effects” refers to the idea that a user’s decision to participate in an activity on a platform depends partly on how many other people are using it. Companies such as Facebook have relied heavily on this phenomenon. If a person is the only one in their social circle on the site, it’s not particularly useful; but as more people sign up, the service becomes more beneficial to each person.
Privacy risks, however, are driven by negative network effects. The larger the number of users, the bigger the company’s database, and the more lucrative a target it becomes for adversaries to attack.
Network effects “brought these companies a big chunk of business,” Momot says. But in the realm of data privacy, “they are working in the opposite way.”
The team then used the model to explore the types of regulations that would effectively protect consumers.
First, they examined a hypothetical scenario where policymakers set requirements for data protection but didn’t limit data collection. As one might expect, companies gathered more personal information than they needed. Conversely, if regulators restricted data collection but ignored data protection, firms didn’t guard customers’ data strongly enough.
The problem: a data leak simply wouldn’t affect a company as much as it affected customers. “Companies don’t internalize the privacy risks that the consumers are facing,” Momot says. While a firm might lose some users after a data breach, many large companies are monopolies that enjoy positive network effects. If most of a customer’s friends remain on Facebook, that person can’t get the same benefits by moving to another social-media site.
The team concluded that policymakers must regulate both data protection and collection. Protection might be required in the form of certain encryption techniques or antivirus software.
Collection could be restricted in a couple of ways. Regulators could impose liability fines on companies whose data were leaked, with the amount reflecting how much users were harmed. Or policymakers could tax data collection, thus discouraging firms from gathering personal information indiscriminately.
Of course, these measures impose a range of costs on businesses—but another study suggests that such costs are not always onerous.
In this study, Momot collaborated with Yanzhe (Murray) Lei at Queen’s University and Sentao Miao at McGill University to explore how a particular privacy measure would hit a company’s bottom line.
The researchers focused on firms that provide personalized service to users, based on how other users have behaved in the past. For instance, the company might store customers’ demographic information and purchasing behavior in a database and run algorithms to predict the products that similar people would want or the prices that people with similar backgrounds are likely to pay.
The problem is that this strategy puts users’ personal information at risk—even if hackers don’t directly breach the database.
For example, hackers might register thousands of fake users, entering slightly varying demographic details for each one. They could then monitor how the offered product choices or prices change if one piece of a user’s profile, such as gender, is altered—essentially giving them a window into how the algorithm works. If hackers then get access to the algorithms’ output for real users, they can reverse-engineer that information to figure out each person’s characteristics.
So the team explored how firms providing personalized services to users could do that without compromising users’ data privacy. They chose to use a common privacy standard called differential privacy, which means that a system’s output, such as a product recommendation, does not depend on the data of any individual customer. (Companies such as Apple, Google and Microsoft use this standard, Momot explained.)
The researcher’s strategy involved adding some “noise” to data that hackers might obtain.
In one variation of this technique, companies would add noise to the output of personalization algorithms. Let’s say that a health insurance company determined that the ideal monthly premium for a user’s policy was $326. The firm would then perform the digital equivalent of flipping a coin; if it landed heads, the software would add a small pre-calculated amount, such as $1, to the price. Similarly, a shopping website might present a slightly different product or assortment of products to a customer than the optimal one—for instance, brown instead of black shoes.
The downside, of course, is that the companies are deliberately deviating from their optimal decisions, such as the price to offer or a product to recommend, which may reduce the chances of customers buying a product, and consequently reduce company revenue.
But when the researchers implemented this privacy-protection approach in a mathematical model, they found that such deviations, if done right (based on the algorithms developed by the team), do not cut firms’ profits much—as long as the company had a large database of past user behavior. “This reduction in revenue is not that large,” Momot says. Having extensive records allowed the personalization algorithm to make reasonably accurate predictions and, consequently, decisions. So fudging the results a bit didn’t have a dramatic effect on profits.
To test the idea on real-world data, the team calibrated their model on a dataset of about 208,000 auto-loan applications and about 45,000 resulting loans from 2002 to 2004. They found that if the company had 1,000 data points about past users, it reached 80 percent of its maximum possible profit when no privacy protections were in place. (Reaching 100 percent profit would require an algorithm that could perfectly predict consumer behavior.) When noise was added to its algorithms’ output, that figure was 76 percent. And the difference shrank as the database grew. If the firm had 6,000 data points, the profit gap was 2 percentage points.
Understanding privacy issues is complex. While there are some existing companies, such as Skyflow, that help firms with data privacy and compliance, Momot envisions more will soon be created to give companies a set of tools to better handle their users’ data.
Overall, user-privacy protection is not an issue that companies should avoid. Even if regulations don’t require firms to step up consumer protections, doing so may give companies an advantage over competitors with more lax protocols.
“As users become more and more aware, they start to choose companies based on whether the companies are preserving privacy,” Momot says.
Some companies may put data privacy on the back burner and hope it doesn’t become a major issue. But that focus needs to shift, he says.
“Along with maximizing revenues and profits, this should be one of the first priorities,” Momot says.
Roberta Kwok is a freelance science writer based in Kirkland, Washington.
Fainmesser, Itay P., Andrea Galeotti, and Ruslan Momot. “Digital Privacy.” Working paper.
Lei, Yanzhe (Murray), Sentao Miao, and Ruslan Momot. “Privacy-Preserving Personalized Revenue Management.” Working paper.
What Went Wrong at Silicon Valley Bank?And how can it be avoided next time? A new analysis sheds light on vulnerabilities within the U.S. banking industry.
How Are Black–White Biracial People Perceived in Terms of Race?Understanding the answer—and why black and white Americans may percieve biracial people differently—is increasingly important in a multiracial society.
What Went Wrong at AIG?Unpacking the insurance giant's collapse during the 2008 financial crisis.
Will AI Eventually Replace Doctors?Maybe not entirely. But the doctor–patient relationship is likely to change dramatically.
Which Form of Government Is Best?Democracies may not outlast dictatorships, but they adapt better.
Podcast: "It's Hard to Regulate U.S. Banks!"Silicon Valley Bank spectacularly collapsed—and a new analysis suggests that its precarious situation is not as much of an outlier as we’d hope. On this episode of The Insightful Leader, we learn what went wrong and what should happen next.
What Happens to Worker Productivity after a Minimum Wage Increase?A pay raise boosts productivity for some—but the impact on the bottom line is more complicated.
Why Do Some People Succeed after Failing, While Others Continue to Flounder?A new study dispels some of the mystery behind success after failure.
Marketers, Don’t Be Too Hasty to Act on DataDon’t like the trends you’re seeing? It’s tempting to take immediate action. Instead, consider a hypothesis-driven approach to solving your problems.
Why Well-Meaning NGOs Sometimes Do More Harm than GoodStudies of aid groups in Ghana and Uganda show why it’s so important to coordinate with local governments and institutions.
Understanding the Pandemic’s Lasting Impact on Real EstateWork-from-home has stuck around. What does this mean for residential and commercial real-estate markets?
How Has Marketing Changed over the Past Half-Century?Phil Kotler’s groundbreaking textbook came out 55 years ago. Sixteen editions later, he and coauthor Alexander Chernev discuss how big data, social media, and purpose-driven branding are moving the field forward.
How Much Do Campaign Ads Matter?Tone is key, according to new research, which found that a change in TV ad strategy could have altered the results of the 2000 presidential election.
How Peer Pressure Can Lead Teens to Underachieve—Even in Schools Where It’s “Cool to Be Smart”New research offers lessons for administrators hoping to improve student performance.
Immigrants to the U.S. Create More Jobs than They TakeA new study finds that immigrants are far more likely to found companies—both large and small—than native-born Americans.
Leaders, Don’t Be Afraid to Admit Your FlawsWe prefer to work for people who can make themselves vulnerable, a new study finds. But there are limits.
For Students with Disabilities, Discrimination Starts Before They Even Enter SchoolPublic-school principals are less welcoming to prospective families with disabled children—particularly when they’re Black.
Executive Presence Isn’t One-Size-Fits-All. Here’s How to Develop Yours.A professor and executive coach unpacks this seemingly elusive trait.
How Self-Reflection Can Make You a Better LeaderSetting aside 15 minutes a day can help you prioritize, prepare, and build a stronger team