Skip navigation Jump to main navigation

Digital Data and Privacy

The Dean’s Circle is a recurring luncheon discussion group I hold with a small group of our high-performing master’s students about pressing news topics—and how their backgrounds and studies here at Columbia contribute to the dialogue and point to potential solutions.

In November, students from the Enterprise Risk Management program and the Technology Management program convened to discuss “Digital Data and Privacy.” Two topics were analyzed: 1) the September 2017 Equifax data breach, whereby the personal data of 143 million people in the U.S. was compromised, and 2) the revelation from Facebook, Google, and Twitter that Russian sources may have used their platforms to spread misinformation during last year’s election.

These graduate students, who represented India, Jamaica, China, South Africa, the U.K., and the U.S., held professional experiences ranging from international litigation, to cybersecurity and web development, to financial risk analysis, lent the conversation a particularly rich diversity of viewpoints. In both topical scenarios, we defined three stakeholders and analyzed the business concerns, motivations, and varied conflicts of interest:

  1. The Leadership Team
  2. The Data/Analytics & Technology Teams
  3. The Consumers

The Leadership Team: Delivering Value to Shareholders and Customers

The leadership, or management team, of any organization walks a tightrope between heeding the recommendations of its data/analytics and technology teams and managing the varying expectation of shareholders, board members, and consumers. Leaders, the group agreed, must use these news stories to rethink how to deliver short-term and long-term value.

Students equated the lessons in leadership in the Equifax news story to the BP oil spill of 2010: just as BP knew its technology was outdated before its massive oil spill, Equifax knew its security measures were not up to par. It was compromising long-term goals in favor of short-term financial goals.

An Enterprise Risk Management M.S. student argued that because data privacy is an increasingly pressing and commonplace area of risk for businesses today, organizations must be ready in advance of any breaches. Organizations that handle private data should already have action plans in place—including employees or teams poised to handle potential breach problems. Leadership at companies can now point to Equifax as a compelling case study which displayed a lack of foresight that critically undermined its ability to provide value to customers and shareholders. Mishandling privacy issues may undermine its prospects for many years to come—from getting drawn into lengthy litigation to spending years earning back customer trust.

The Data/Analytics and Technology Teams: Using Data to Influence Change

Data/analytics and technology teams consistently uncover patterns of potential risk—pointing to emerging, and new, problem areas where cost/benefit analysis and advance planning is imperative. The students discussed how the data, analytics, and technology teams must assess potential revenue loss when analyzing traditionally qualitative areas, such as brand loyalty and trust, in these scenarios of data breaches and manipulation.

There was general agreement that investing in Corporate Social Responsibility (CSR) does not necessarily imply a loss of revenue; however, that is not always the perception of shareholders and boards who are focused on quarterly financial results. The challenge lies in quantifying the softer elements of business, recognizing their importance to an organizational mission, and in communicating that data in a way that can shift perspectives.

For companies like Facebook, Google, and Twitter, how can these organizations balance the potential loss of users and advertising, which are easy to quantify, against brand reputation and corporate risk, which are less straightforward to compare? In retrospect, it is easy to say that Facebook should never have prioritized earning $100,000 in advertising revenue (which student participants agreed was a tiny sum compared to overall revenues) over its corporate responsibility to create a trustworthy information-sharing platform. How could Facebook and the other companies gotten ahead of this news story? We discussed how leadership must constantly collaborate with top talent—particularly the data/analytics and technology management teams—to understand future trends outside of the revenue context, gathering compelling data with them, and presenting that data in a way that supports a vision that motivates decisions makers.

The Consumers: Their Levers of Control

How much power do consumers have, and how does power shift before and after a crisis situation? Consumers have the ultimate power of walking away from a company and taking their business elsewhere. This is tremendous leverage—a Technology Management student posited that consumers should demand protective restrictions, and they must use their power as voters to influence change. For example, allowing consumers to join class-action lawsuits is an area that legislators have control over—voters can use their voice to sway those government representatives and ensure that consumers can join such lawsuits. All agreed that consumers’ ability to take business elsewhere is effective, provided a competitor offers similar goods or services. Consumers always have these options, but they may not think to exercise their powers until after crises like these. Companies that forget this dynamic risk moving into territory that alienates and angers its most important constituency, to the point of consumers taking retributive action.

If you are a student interested in participating and would like to pitch a pressing topic that relates to your studies, please send an email to my office with the subject line “Dean’s Circle”: SPSOfficeoftheDean [[at]] columbia [[dot]] edu (SPSOfficeoftheDean[at]columbia[dot]edu).