Privacy, personalisation and the right to be forgotten

Imagine applying for a rental property and getting knocked back because of an unflattering photo from when you were 18 once posted online. As technology and machine learning improve and companies collect more personal data, this could be a reality.

Click image to zoom Tap image to zoom

I recently sat down with ANZ’s Head of Enterprise Data Governance, Michelle Pinheiro, to discuss privacy, the costs and benefits of better personalization, the Cambridge Analytica-Facebook scandal and the right to be forgotten.

"Based on 300 of your likes, Cambridge Analytica are able to predict your personality better than your spouse.”

You can listen to our chat in full by clicking the podcast below.

For a transcript of this podcast, click here

Pinheiro says the widely covered Cambridge Analytica-Facebook scandal was a tipping point brought on by an undercurrent of concern that has been growing around privacy for a number of years.

“It's probably the worst case scenario [and] has caused mass uproar across the globe. It's really quite a nefarious use of personal information,” she says.

Data, sourced via Facebook and without its owners’ knowledge, eventually ended up in the hands of Cambridge Analytica who used it to create psychographic profiles of users.

“[It] really doesn't pass the reasonableness test in the eyes of most people,” says Pinheiro. “They were able to understand how open you are to change; whether you're introverted; whether you're argumentative; whether you're neurotic and what kind of things can push your emotional buttons.

“Based on 300 of your likes, Cambridge Analyticala are able to predict your personality better than your spouse.”

Pinheiro says people have the right to change and long-lasting personality profiles based on deep historical data may not be considered fair.

Governments are taking notice. The recently released General Data Protection Regulation (GDPR) gives individuals domiciled in Europe greater control over how their data is used and collected – most of us will have had emails and messages recently from sites we interact with advising us of this new privacy regime.

Pinheiro explains individuals covered by GDPR now have additional subject access request rights – including the right to be forgotten.

“What these laws do is allow people to be left alone and have their data removed so that they are no longer contacted or cannot be profiled by particular organizations if they don't want that to happen anymore,” she says.

“The value exchange is when you feel there is more information being collected than is required for you to be provided with that product or service.

In our discussion, Pinheiro reflects on the role of organisations, including ANZ, and the need to keep fairness at the forefront of all decisions.

“I always look at it from a trust perspective. The privacy and ethics data principles that we have created are simple and can be embedded in our culture.

“[We are] building the foundations for maintaining a customer's privacy into everything we do,” she says.

Andrew Cornell is managing editor of bluenotes.

The views and opinions expressed in this communication are those of the author and may not necessarily state or reflect those of ANZ.

editor's picks

14 May 2018

Privacy is dead; long live privacy

Michelle Pinheiro | Chief Risk Officer, Data & Technology, ANZ

Our personal privacy has been declared DOA numerous times – but there may be a glimmer of hope.

08 Dec 2017

Data, ethics and the creepy line

Joanna Jordan | bluenotes contributor

Data can provide better customer outcomes– but businesses have a responsibility to use it correctly.