Ethics and data: Value in mature governance

May 3, 2018 / 4 min read

Ethics is a subject as old as human thought, and it tends to be stressed and reshaped during periods of profound change. The Industrial Revolution and, more recently, the Information Age have dramatically increased the speed and scope of change; in so doing, they’ve transformed societal norms – often, for the better.

As the volume and intensity of data generation grow exponentially, new "use cases" for embedding technology in our lives, homes, and relationships seem to appear daily. In 2017, the number of smartphone users in the U.S. was expected to reach 224.3 million, with the number worldwide forecast to exceed 2 billion. Moreover, the increased integration of smart devices through the Internet of Things (IoT) is quickly changing how we travel, work, and live.

Data governance

Alongside these changes, ethical concerns can also arise.

Data is an ethical issue

Data can have many positive applications, but there can also be many risks with increased data dependency. Gartner, Inc. has predicted that, by 2018, 50 percent of business ethics violations will occur because of improper use of data.

Projections like this one, combined with ongoing revelations of data breaches, denial-of-service attacks, and other cyber events, highlight the need for policies and laws governing matters like personal-data privacy and implicit bias in algorithms. They also should prompt individuals and organizations to review their own assumptions, priorities, and standards with an eye to the changing role of data.

Call for maturity

As the rate of technological and social change accelerates, it becomes harder for companies and individuals – many in industries that didn’t exist a decade ago – to navigate their day-to-day operational challenges. Harder still to maintain a focus on ethics.

Every individual and organization has a duty to provide responsible stewardship to data in its care. Sustainable, mature data governance cannot be wholly reactive to unethical conduct. To apologize and investigate after a data or privacy breach has been discovered is necessary, but it’s far from sufficient.

As a starting point, we can ensure that the information systems in our custody include such features as data lineage, role-based access controls, encryption, audit logging, versioning, and integration with external governance systems. However, this only speaks to what technology helps us to automate and manage. For businesses to continue to grow and prosper, we will need more data of increased variety and the data and analytics infrastructure and insight to support this.

A mature data-governance environment requires frequent reevaluation and reassessment of data protection and management processes. Important steps in positioning a company's future success should include fostering greater awareness of data and information ethics at all levels and every domain, and facilitating policy discussions and provisions for sustainable, responsible data governance and management.

Data management at ISO

Within the U.S. insurance industry, there is strong correlation between regulation, consumer advocacy, and ethics, and many of these functions are enabled by data. In an increasingly complex world, interests overlap and may conflict, so reliable data and standardized operating practices are central to ethical business behavior.

As a provider of risk assessment and decision analytics that insurers use to serve their customers and meet their regulatory obligations, ISO and our parent company, Verisk, occupy a critical location within a business-ethics ecosystem. ISO's advisory prospective loss costs, rules, forms, and statistical plans help support a level playing field for our customers and their customers – and help foster a competitive and robust insurance marketplace.

As an appointed statistical agent on behalf of state insurance regulators for nearly 50 years, ISO is committed to being responsible stewards of industry data. We strive to meet a critical market need responsibly and ethically. While our business is to generate insight from data, we account for privacy laws and will not disseminate, share or use client data in a manner that does not meet agreements or client expectations.

Our investments in analytical technology and data management infrastructure have been matched by significant investment in security, education, compliance, and audit to help avoid infringing on a client’s competitive position or intellectual property.

Although ethical models and norms change, the common underpinning is trust – abiding by one’s word and serving the interests entrusted to you: those of customers, shareholders, employees, and communities in which you do business. Verisk is committed to safeguarding the data assets entrusted to our care and we operate through open and ethical corporate and data governance.