Nine out of 10 people say data privacy is important to them, according to a recent Mastercard-commissioned survey, yet only one-quarter say companies are doing a very good job handling individuals’ data.
Mastercard has announced the launch of the Data Responsibility Imperative to advance a dialogue around how organizations can work together to close this gap, inviting others to join them in the effort. The initiative hinges on establishing a core set of principles guiding the ethical collection, management and use of data.
“In today’s fast-paced digital economy, we’re facing never-before-seen circumstances that test our ethics on a daily basis,” says JoAnn Stonier, chief data officer at Mastercard. “We need high data standards that allow us to face these situations head-on, knowing that our practices are sound, consistent and based on treating individuals and their data with decency.
“For Mastercard, this commitment starts at home, and we’re embedding these principles into how we do business – every day.”
The initiative is based on the premise that businesses have a responsibility to individuals, one another and society as a whole in how they manage their data.
Mastercard is proposing six data responsibilities that will help deliver sustainable data programs designed to best navigate the challenges and opportunities of the digital economy–and how to make that digital economy work for everyone, everywhere. These principles are meant to complement – and not substitute – regulatory compliance.
The Six Data Responsibilities | |
Security & Privacy | Companies must uphold best-in-class security and privacy practices |
Transparency & Control | Companies should clearly and simply explain how they collect, use, and share an individual’s data and give individuals the ability to control its use |
Accountability | Companies must keep consumer interests at the center of their data practices |
Integrity | Companies must be deliberate in how they use data in order to minimize biases, inaccuracies, and unintended consequences |
Innovation | Companies should be constantly innovating to ensure individuals benefit from the use of their data through better experiences, products and services |
Social Impact | Companies should use data to identify needs and opportunities to make a positive impact on society |
According to the survey research, an organisation committing to these principles would help drive trust with upwards of 90% of individuals. Consumers in India and Brazil are far more positive about the handling of personal data, and more than 50% of consumers say they would be more likely to use a company that’s transparent about how it uses data.
With these findings, ‘corporate data responsibility’ could become the corporate social responsibility of the 21st century.
Mastercard commits to these principles, making sure personal data is leveraged only in ways that are ethical, compliant within the regulatory environment and enhance the consumer experience. Today at Mastercard, that includes:
* Multiple layers of security, including tokenization and encryption, to protect information
* Expanding the protections of the EU Global Data Protection Regulation (GDPR) globally, including the My Data portal so individuals everywhere will be able to see and manage what personal information Mastercard holds
* Developing a world-class anonymisation solution – data trust Trūata – that protects privacy while enabling analytics under the GDPR
* Embedding the Data Responsibility principles into its product development process
* Robust data transfer mechanisms, including Binding Corporate Rules for personal data transfers globally, and certifications under Asia-Pacific Economic Cooperation systems–one of the few companies to achieve both
* Providing controls over the use of data, including opt-outs for data being used for marketing, data analytics and web analytics using online forms
* A comprehensive data for good program led by the Centre for Inclusive Growth, helping to increase the data science capacity of the social and civic sectors through partnerships with organisations such as the Rockefeller Foundation.
“At Mastercard, we believe that individuals own their personal data, have the right to control how it is shared and should benefit from the use of it,” says Dimi Dosis, president of advisors at Mastercard. “And, it’s incumbent on us to protect that data. We’ve embedded this thinking into our product development, and it will inform everything we do moving forward. Innovation is critical to business success, but not at the expense of the individual.”
“Together, organisations have a tremendous opportunity to transform the way we think about responsible data practices and a sustainable data framework that drives universal benefit,” says Stefaan Verhulst, New York University GovLab’s co-founder and director of research and the head of its Data Collaboratives Initiative. “In particular, these principles embrace an opportunity that many other data frameworks do not: using data responsibly to produce insights into societal patterns and behaviors that can help solve real world problems.”
“Mastercard’s Data Responsibility Imperative is a good model for companies that want to use data while honoring individual privacy rights,” says Jules Polonetsky, CEO of the Future of Privacy Forum. “Data is more than just a valuable business asset; principled, moral data practices are a corporate responsibility. In the long run, companies that build trust through principled uses of data – even when there is a short-term cost – will be best suited to thrive in a data-driven economy.”