+ | - | reset
25 September 2023
Print
|
Share

By EY

As data privacy concerns increase, data ethics should be factored into data use decisions in addition to legal permissibility.

In brief

  • Many regulators and customers want organizations to look beyond minimum standards set forth in data protection rules when making data use decisions.
  • Data ethics guidelines should be defined and reviewed by stakeholders to validate alignment with the organization’s ethical appetite.
  • New technologies and process improvements can be utilized to operationalize and expedite the consideration of data ethics in decisions.

Many organizations have found that data use is essential to business growth, however there is increasing concern in the public about the sensitivity and volume of data used by organizations for innovation and other purposes.  As a result, data ethics is often essential to support innovation, fulfil regulatory demands and winning customer trust.

Data ethics compels organizations to look beyond legal permissibility and commercial strategy in the “can we, should we” decisions about data use. It prompts users to factor into decision-making a wider, often more complex set of considerations that include such things as customer views, social norms and data ethics guidance from regulators.

This complexity is causing many data ethics initiatives to stall. Early movers – who make the link between data ethics and customer trust – will often gain a significant competitive advantage. But the journey from principles to process is not always straight forward. Leading organizations have learned that simply instructing their officers and employees to “do the right thing” is not an effective way to identify newly acceptable data use cases and support innovation across their organization.

Four key steps will help organizations transition away from a principles-based approach and realize the advantages of a fully operational data ethics process.

Many organizations have realized that their employees need more guidance when it comes to determining whether the organization should be utilizing data in a particular way.

 

Four Steps to Move From Principles to Process in Your Data Ethics Program

Step 1: Review Existing Policies and Operating Models

The first step is to take stock and evaluate how well existing data ethics principles, policies and processes are operating. Organizations should ask:

  • To what extent can we trace existing ethical foundations back to current and emerging regulatory guidelines?
  • How well do our existing controls operate when compared to the prevailing industry best practices and our competitors?
  • What are the gaps in our existing ethics policies and related processes?

Answering these questions will usually enable organizations to identify key areas for policy and process improvements. It can also help you to trace data ethics controls back to a set of defined principles and regulatory guidance. From there, organizations should be able to define a target state that promotes lawfulness, accountability and trust.

Step 2: Engage Internal and External Stakeholder Groups to Refine Key Principles and Policies

Using a mix of interviews, customer reviews and surveys, the goal for the second step is to surface the ethical tensions between stakeholders and, in turn, identify areas where their ethical sentiments converge. This should help to determine the organization’s data ethics risk appetite.

It is often not clear how the trade-off between unlocking value from data assets should be balanced against the interests of other stakeholders outside of the organization. Therefore, engaging with internal stakeholders, regulatory bodies and customers is usually essential as you develop, implement and run the framework. You should:

  • Identify which internal stakeholders should be engaged to deliver a diverse and representative balance of voices and opinions that are relevant to organizational goals.
  • Take care that the Data Ethics Board, if the organization has one, contains representatives from the executive board, non-executive directors, technology, legal and compliance.
  • Supplement the Data Ethics Board with representatives from outside the organization, such as customer representatives, academics and external consultants who can embed a balance of views and challenge decisions more freely.

As organizations develop a risk appetite, you should provide platforms where the voice of the customer is clearly considered by engaging with customers through online surveys, in-person interviews and customer labs.

Step 3: Design and Implement a Trade-Off Framework

Once you have positively defined the standards that match the organization’s ethical appetite, designing and implementing an ethics trade-off framework is the leap that will usually take organizations from a principles-based approach to one that embeds data ethics into existing processes, operations and decision-making. It can also enable organizations to transition from paper policies to a technology-led architecture.

An ethics trade-off framework is a system that helps data users evaluate the trade-offs between opposing ethical positions. For example, a trade-off framework could include technology-enabled processes, rules and logic that aid first-line data users to:

  • Identify the ethical impacts of a proposed data use-case.
  • Evaluate the ethical risks flowing from the trade-offs that result from those impacts.
  • Evaluate whether these risks fall within the organization’s ethical appetite.

The outputs of the framework can then usually be used to anchor decision-making.

Step 4: Utilize Technology to Embed Data Ethics Controls in First-Line Decision-Making

Now that the organization has the building blocks of a data ethics architecture in place, the final step is to apply the newly enhanced policies, ethical appetite and trade-off framework to existing day-to-day processes and controls and test them so that they function as intended.

New technologies can help digitize the privacy risk control environment to unlock value from your data assets. You should explore how new technologies embed data ethics controls and test whether the solution can help deliver clear data ethics assessments to first-line data users, support rapid decision-making and guide sustainable business growth.

Lastly, to maintain the organization’s ethical appetite, regularly refresh opinions from stakeholders to update stakeholder sentiment in the trade-off framework. Monitor developing regulatory guidance and update policies as needed. Review the use-cases being tested by front-line staff to validate that the trade-off framework is delivering the expected results, and request feedback from technology users to streamline the approach.

The article was first published here.
Photo by Dawit on Unsplash.

Data Assets Data Ethics Operating Models Policies Stakeholders
Rate this article

0 / 5. 0

Is this article good for you?
< PREVIOUS

NEXT >

Leadership lessons from Leonardo

Related Stories

jason dent JFk0dVyvdvw unsplash scaled
5.0
8  Read

Six Steps to Confidently Manage Data Privacy in the Age of AI

18 December 2023

READ MORE
Share
dawit FBmEunYW1Yg unsplash scaled
5.0
5  Read

Four Steps to Embed Data Ethics into Your Data Risk Control Environment

25 September 2023

READ MORE
Share
rob walsh 4lfrwRyHRYk unsplash scaled
5.0
5  Read

What Sets Sustainable Leaders Apart?

21 November 2022

READ MORE
Share
timon studler ABGaVhJxwDQ unsplash scaled
5.0
5  Read

How Businesses Can Step Up for Human Rights During this Global Crisis

03 November 2022

READ MORE
Share
pexels miguel a padrinan 194094 scaled
5.0
11  Read

How to Improve Board Effectiveness and the Chair of the Future: Executive Summary

16 September 2022

READ MORE
Share
mathieu stern 1zO4O3Z0UJA unsplash scaled
5.0
3  Read

ASEAN+3 Regional Economic Outlook 2022

26 May 2022

READ MORE
Share

Most Read

4.2
5.0
5.0

Survey

ICDM
Homepage

ICDM