This month our guest blogger, Gabbi Stopp of ProShare, gives us her view on Big Data and cyber security.
Big Data, Big Problem?
Amid the hue and cry of 2016’s ‘black swan’ events, Brexit and Trump, it would have been easy to overlook the approval of the General Data Protection Regulation by the EU Parliament, especially after four years of what was probably rather dry debate. The EU General Data Protection Regulation was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organisations across the region approach data privacy. Approved on 14 April 2016, it will come into force on 25 May 2018. Any organisations in non-compliance at or after that date will face heavy fines – for serious breaches, this could amount to 4% of annual global turnover or E20m, whichever is the greater. (Further details on the GDPR may be found here )
For those of us in the UK, who earlier this week listened to our PM finally set out her vision of what Brexit will actually mean (nearly seven months after the Referendum…), the GDPR still remains relevant and applicable to us for two reasons. One, we will still be EU members at that enforcement date in 2018, given that the two-year negotiating period ‘clock’ does not start ticking until Article 50 is triggered. Two, the GDPR has extra-territorial applicability, so will apply to the processing of personal data of EU citizens regardless of where the controller or data processor is established, within or without the EU. 91% of the FTSE100 offer tax-approved plans to their UK employees and many extend these in one form or another across their European workforces (and beyond), in any case. So there is no escaping the GDPR.
According to Bernard Marr (Forbes contributor & writer on big data, analytics & enterprise performance) by the year 2020 about 1.7 megabytes of new information will be created every second for every human being on the planet. By then our accumulated digital universe of data will grow from 4.4 zettabytes today to around 44 zettabytes, or 44 trillion gigabytes. If, like me, you struggle with ‘whatever’-byte measures, it is estimated that by 2020 there could be four times more digital data than all the grains of sand on Earth.
‘Torture the data, and it will confess to anything’ – Ronald Coase, winner of the Nobel Prize in Economics
So, we have a data-drenched future to swim towards – but how much of it is actually of any use? We’ve all heard the resident office sceptic voice the old adage ‘junk in, junk out’ when it comes to new systems and other data-reliant tools. IDC calculated that in 2013 approximately 22% of data could be useful if it was tagged and analysed i.e. converted into metadata. In 2020, they estimate that the volume of useful data will rise to 37%. (IDC’s estimate was based on data generated by more than forty types of device, from RFID tags and sensors to supercomputers and supercolliders, from PCs and servers to cars and planes.) So without being aware of it, we are moving from Big Data to Rich Data, a transition which will pose both big problems and big opportunities for all of us, from the lone individual to the global corporation and indeed, national governments.
In this brave new world of ‘fake news’ (or propaganda, by it’s correct name), it is eerily prescient that one of the new provisions in the GDPR is that European citizens will have the ‘right to be forgotten’ and have erroneous information wiped from the internet. Dare we say that, in bringing in the GDPR now, the EU is ahead of the curve with this one? (I hope I won’t be sent to the Tower for that suggestion.)
Just three points (from Bernard Marr) to hammer home the motivating factors for businesses to engage with Big/Rich Data and turn it to their advantage:
– For a typical Fortune 1000 company, just a 10% increase in data accessibility will result in more than $65m additional net income;
– Retailers who leverage the full power of big data could increase their operating margins by as much as 60%; and
– 73% of organisations invested or planned to invest in big data in 2016.
With only 0.5% of useful data analysed, mined and put to work currently, it is clear that companies are at the beginning of their journey in harnessing the power of Big Data. The frontrunners, especially in the online retail sphere, are outpacing their less engaged competitors already.
‘Without data you’re just another person with an opinion’ – W. Edwards Deming
With this progress though, comes risk, especially in the form of cyber crime. The ONS estimated that there were 2.46 million cyber incidents (e.g. phishing, identity theft, hacking, malware etc) and 2.11 million victims of cyber crime in the UK in 2015, the first year for which they collected data on cyber crime. An excellent recent report by Detica and the UK Government’s Cabinet Office estimated the cost of cyber crime in the UK to be a whopping £27 billion. That figure includes the £9.2 billion cost to businesses of IP theft. You can read more here
In a speech to the Billington Cyber Security Summit in September last year, the new head of the UK Government’s National Cyber Security Centre, Ciaran Martin, told delegates that the UK “has the highest percentage of individual internet usage of any G7 economy. Digital is a big and growing employer and these are good jobs: the average advertised salary is 36% higher than the national average.” So the stakes could not be higher. (Some helpful and plain English guidance on cyber security can be found on the NCSC’S website)
The world of share plans will not go untouched by developments in Big Data (or indeed, the GDPR). At our Awards last December I was delighted to see two exceptionally strong joint winners in the category for Best Use of Technology, namely DS Smith and Rio Tinto. DS Smith won for their use of Augmented Reality in their share plan communications, a technology which in this context uses data to accurately pinpoint the AR app user’s location in order to deliver jurisdiction-specific tax information alongside inspiringly designed share plan communications, amongst other things. Rio Tinto won for their integrated system of global tax calculation, withholding and simultaneous payment via hundreds of local payrolls, driven by thousands of accurate and timely pieces of data on all plan participants, their tax status and their vesting awards.
The practical and profitable leaps forward that may be achieved through savvy use of data and technology will inevitably be tempered by the need for individuals’ rights to data privacy and informed positive consent, and the need for businesses to protect their digital assets and those of their customers – at all costs. Cyber security and data protection will need to work hand in hand to form the essential bulwark needed against the fast-rising tide of cyber criminality.
Head of Employee Share Ownership