Chapter 12. Privacy, Ethics, and Risk

You have zero privacy anyway. Get over it.

Scott McNealy1

An ethical person ought to do more than he’s required to do and less than he’s allowed to do.

Michael Josephson

In the previous chapter, I quoted Patil and Mason, who suggest that “Everyone in the organization should have access to as much data as legally possible.” While I agree in theory, in practice there are some important caveats when you consider the issue from a privacy, ethics, and risk standpoint. In many cases, who should access which data and, further, what they may do with the data, is often more restrictive from a self-imposed ethical and risk perspective than from a legal one. A data-driven culture is one that respects both the power of data and the humanity of the people who are the source of that data. 

How should a data-driven organization treat its users’ or customers’ data from these three perspectives?

I’m assuming here that a data-driven organization has:

  • More data
  • A richer context than other organizations
  • More points of integration among the nonsiloed data sources
  • Greater data access and visibility
  • More staff across the organization who are skilled at analytics
  • More data scientists who can eke out subtle patterns

Get Creating a Data-Driven Organization now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.