You have zero privacy anyway. Get over it.
Scott McNealy1
An ethical person ought to do more than he’s required to do and less than he’s allowed to do.
Michael Josephson
In the previous chapter, I quoted Patil and Mason, who suggest that “Everyone in the organization should have access to as much data as legally possible.” While I agree in theory, in practice there are some important caveats when you consider the issue from a privacy, ethics, and risk standpoint. In many cases, who should access which data and, further, what they may do with the data, is often more restrictive from a self-imposed ethical and risk perspective than from a legal one. A data-driven culture is one that respects both the power of data and the humanity of the people who are the source of that data.
How should a data-driven organization treat its users’ or customers’ data from these three perspectives?
I’m assuming here that a data-driven organization has:
No credit card required