In the insurance sector, you can start thinking about data privacy as something that can actually enable innovation, rather than a challenge that’s slowing down the adoption of data use and analysis within organizations.
The Knotty Issues Around the Value of Data
October 13, 2020
By Marcus Grazette, Europe Policy Lead at Privitar
Our recent Data Policy Network (DPN) evening considered some of the knotty issues around valuing data. We’re grateful to Jeni Tennison, Vice President of the ODI, who kicked off an evening of discussion by sharing her reflections on the topic. She drew on the ODI’s joint report on the Value of Data, co-authored with the Nuffield Foundation and the Bennett Institute for Public Policy.
I’ll try to capture some of the themes from our discussion in this blog, with the caveat that my efforts will be far from exhaustive. First, I’ll look at why we might want to value data in the first place. Then, I’ll highlight some of the challenges relating to valuing data, including defining the concept of value and enabling that value to be shared fairly. Finally, I’ll use real-world examples to show how we can work around those challenges to capture the benefits data can offer.
Understanding the value of data is difficult
We can all agree that valuing data is difficult, and vitally important. If we understand the value of data, we can judge whether there is a fair exchange between those who generate (often individuals in the case of personal data), curate and use data. Longstanding Data Policy Network members will remember that we looked at equitable data sharing in a previous event. We may also want to treat data as an asset, similar to other intangible assets like intellectual property, where an understanding of its value can inform conversations about how to regulate or even tax companies that derive value from data.
The first challenge
The fact that data can be valuable in different ways and that we may want to value data for different purposes illustrates the first challenge: how should we define value? The answer might vary depending on why we want to value the data. Three examples show the range of possible approaches:
- The California Consumer Privacy Act (CCPA) regulations will require that organisations estimate the value of data if they want to charge consumers who opt out of the sale of their personal data. The valuation in this case underpins a ‘fee’ that consumers can pay to ‘compensate’ the organisation for the ‘loss’ it suffers as a result of their opt out. The ‘fee’ must be reasonable; the organisation can’t raise it beyond a justifiable value to prevent consumers from opting out.
- The Organisation for Economic Co-operation and Development (OECD) considers the broader ‘economic value’ of data, including productivity improvements and creating new products or services. Valuation in this case seeks to quantify those benefits as a proportion of gross domestic product (GDP) and may inform policy as governments make choices about the interventions they should prioritise in pursuit of economic growth.
- The Value of Data report is broader still, considering the ‘social welfare’ that data can generate. Transport for London (TfL)’s approach shows this in action. Valuing TfL’s open data considered benefits like cost savings, time saved for commuters, improved air quality, reduced congestion and the increased health benefits of walking or cycling.
What makes data more valuable?
These examples show that value will often arise from data being used or shared. In the TfL example, commuters save time because a developer has used the data to build a journey planning app that helps the commuter navigate the city more efficiently. This property of data, the fact that sharing and using it can make it more valuable, makes data different from other types of tangible or intangible asset and leads to a second question: how to share value fairly between different parties?
As with approaches to valuing data, there are different models for sharing that value. For example, a company developing a new medical treatment based on NHS data might become a commercial success in revenue or profit terms. Some models allow financial value to be shared, for example the agreement between Sensyne Health and the Wye Valley NHS Trust. Sensyne gets access to patient data to power their AI-based clinical research and the Trust gets an equity stake and a share of royalties arising from discoveries. Patients in turn benefit from improved treatment and society as a whole benefits from better health. Fair value sharing can incentivise data use, which in turn increases the value of that data.
You can’t forget the question of trust
But the fact that multiple parties with different incentives are involved brings us to the question of trust. Unlocking the value in data relies on building trust between all of the parties involved. For personal data, that includes the individuals to whom the data relates. A focus on trust allows us to address the underlying driver for valuing data, without needing to actually place a value on data.
Sticking with personal data sharing as an example, how might we build trust between individuals, or society at large, and the organisations seeking to generate value from personal data? We had a few ideas:
- Build appropriate data governance arrangements. No one size fits all. The ODI’s work on data institutions highlights the range of possible governance structures: from data trusts to personal data stores. Investment in effective data governance reinforces the notion that data is valuable, regardless of whether we can put a precise value on it. This links to the recommendation in the Value of Data report for policymakers to provide a trustworthy institutional and regulatory environment.
- Comply with relevant regulation, including on data protection and privacy. The ODI’s work shows that in order to build trust, organisations should collect only the data they need, store it securely (including technical safeguards like pseudonymisation) and delete it when it’s no longer needed. Seasoned data protection pros will instantly recognise those as mirroring principles in the General Data Protection Regulation (GDPR). Compliance in this context can reassure individuals that using data relating to them will not cause them harm. This is one side of the trust-building coin.
- On the other side of the trust-building coin, be transparent about benefits and how they are shared even if you cannot be comprehensive. If individuals trust that their data will be used properly (because of good governance, regulatory compliance) and they can see the value in using that data (e.g. better health outcomes), they are more likely to support data use.
Building trust and sharing data
I’ve written previously about techlash, surveillance capitalism and the theme of individuals being suspicious about how data about them is collected and used. The health sector, drawing on the three points on building trust above, provides a counterexample.
Researchers and commercial companies can access and use NHS data, but are subject to strict controls and well developed data governance systems including ethical review, technical controls like pseudonymisation and legal restrictions in contracts and licenses. Their work must comply with general data protection laws like the GDPR and specific rules governing confidential patient information. And they show benefits e.g. by publishing work in academic journals, paying license fees to access data and enabling advances in patient care.
Organisations like UseMyData show that building trust can turn suspicion about data use into individuals calling for their data to be used. The potential benefits are enormous.
Stay up to date on our Privitar Data Policy Network discussions by joining or subscribing to our blog.
Security alone doesn’t safeguard data, protecting that data also plays an essential part. At ABN AMRO, we believe that client data must be safeguarded by applying the highest possible privacy standards.
Our latest data policy event in collaboration with One HealthTech London explored the interaction between health data and characteristics like gender and ethnicity in the context of data-driven healthcare.
Ready to learn more?
Our team of data privacy experts are here to answer your questions and discuss how data privacy can fuel your business.