Businesses benefit from being transparent about data. Here's how.

I was recently looking for earphones in a remote hill town of Southern India. The town did not have a showroom of the company in question, so I went to a general electronics store. The shopkeeper pulled out a pair, but how could I know that it was actually the one manufactured by Apple? I asked for the price, and it was about the same as the original. That was a signal, I thought, because why would the shopkeeper sell fakes at the original’s price and destroy his reputation? But then, I was only a one-time customer and the shopkeeper had no incentive to maintain his reputation with me. “Is this an original?” I asked the shopkeeper. “Yes, sir” he said “and it comes with a one year warranty”. That was the clincher – a fake would be unable to signal a performance standard by offering a warranty.

Businesses deliberately seek to obfuscate their data handling practices ... researchers in India found that privacy policies are poorly drafted and filled with legal jargon.

At the core of my dilemma was the problem of asymmetric information – the shopkeeper knew whether the pair was original, but I did not. All of us face a similar situation frequently. When we buy a second-hand car, the original owner knows the exact condition of the car, but the new buyer does not. When we get a health insurance, we have much better knowledge about our medical condition than the insurance firm. When we hire attorneys to represent us in court, they know much more about the law than we do. In every situation, the data-holder can ‘cheat’ the other party in ways that become obvious only later.

The same is true of data. Businesses deliberately seek to obfuscate their data handling practices, such that individuals do not usually know what they’re signing up for. Researchers in India found that privacy policies are poorly drafted and filled with legal jargon. Unsurprisingly, most respondents in their survey demonstrated poor understanding of the policies despite being in undergraduate and postgraduate programs. This is, of course, if you even bother reading. Most of us don’t, and with good reason – a study found that reading each and every privacy policy would take a person 76 days a year! And because users are unable to distinguish between a good data fiduciary and a bad one, there is little economic incentive for a company to advertise good data practices.

While most people believe that asymmetric information harms only the party without knowledge, economic theory demonstrates that it can also harm the data-holder.

Going back to my earphone adventure, the one-year warranty signalled to me that the shopkeeper was confident of the product’s performance. Even if it wasn’t an original, I was convinced that the earphones won’t stop working anytime soon. This demonstrates the economic concept of signalling, which is the most popular way out of asymmetric information. For example, many individuals who go to the best schools in the world do so not necessarily because the education is fantastic, but because the ‘brand’ demonstrates to future recruiters that they are good candidates who have been vetted by the best universities globally. Similarly, in the venture capital world that I inhabit, incoming investors in a financing round look at whether existing investors continue to believe that a company is a good one by putting their own money in the new round. To be effective, the signal should be ‘costly’, i.e. a ‘bad’ actor should not be able to pretend to be ‘good’.

While most people believe that asymmetric information harms only the party without knowledge, economic theory demonstrates that it can also harm the data-holder. In the absence of information, a buyer acts as if all sellers are alike, and may refuse to participate in the market if she feels that the average benefit to her does not compensate her for the possible losses. This kind of market failure has been theorised in the market for second-hand cars by Nobel-prize winning economist George Akerloff. A similar phenomenon can play out in the data market as well. An individual might not even know that one policy is, on average, better than another one. Therefore, she is equally sceptical of all data collectors and is extremely cautious about who she shares her data with. This can reduce the creation and sharing of data to a socially sub-optimal amount, thus harming both individuals and businesses.

Economic theory demonstrates that sellers and corporations can receive monetary gains by effectively bridging this information gap. For example, researchers found that the voluntary disclosure of private information on eBay motors helps the more transparent sellers fetch higher prices. This might potentially hold true for data as well, though more research is needed to check whether a similar logic also applies to data markets. In case this hypothesis holds true, what can businesses do to demonstrate good data practices? Here are a few ideas-

• Branding: Companies use branding to differentiate themselves in a crowded market and create a niche for themselves. For example, DeBeers has run the ‘diamonds are forever’ campaign for over 70 years, thus effectively positioning diamonds as a quintessential token of ageless love. Data-based companies are waking up to the potential of branding to differentiate themselves in a crowded market with strong asymmetric information. For example, Apple recently launched the ‘what happens on your iPhone, stays on your iPhone’ campaign. The idea is simple – trust Apple because they’re willing to orient their brand around keeping your data in your hands (and in your device). Of course, such branding can also be false, but consumers will eventually find out. Businesses that are planning for the future have an incentive to assiduously guard their brand image.
• Better privacy policies: The most straightforward way to address the information gap is to minimise it. This happens in the market for second-hand cars when the original owners voluntarily disclose a lot of information about the car that assuages the new buyers. Something like this can be done in data markets as well. We all know that privacy policies are incredibly dense – many of them are tougher to read than the Harvard Law Review. Companies can demonstrate good data practices by creating better privacy policies. Experimental research has shown that aggressively trimming these policies to only a few essential facts – those least expected by consumers – and presenting in a standardised, nontechnical and easily comparable format enhances user understanding of these policies. Regulators and data protection authorities can put out templates for such simplified privacy policies, and can mandate data collectors to use them.

A data-based company can also signal such confidence, for example, by offering to pay customers in case their personal data is ever breached.

• Data warranties: One of the most effective ways of solving asymmetric information is for the seller to offer warranties – if a certain minimum performance threshold isn’t met, the seller will monetarily compensate the buyer. Not only does it signal the seller’s confidence in the product, but also reduces risk for the buyer. A data-based company can also signal such confidence, for example, by offering to pay customers in case their personal data is ever breached. Companies with the right privacy technology and practices are unlikely to ever have to pay this compensation, but the very act of offering it will increase trust, resulting in higher customer acquisition and retention.
• Data trust marks: Simple visual cues can be deployed to convey the most important information to buyers of a product. For example, electronic goods like refrigerators and ACs in many countries come with ‘star ratings’ that indicate their power consumption. Similarly, credit agencies like Moody’s and S&P assign ratings to a debtor’s ability to pay back the debt and the likelihood of default. Similarly, we can create data trust marks, which convey visually to the individual whether her data is likely to be safe with the concerned company. For these ratings to be effective, they must come from a trusted third party. These trusted intermediaries can be either public regulators, or private sector companies like the auditing firms. We need to find the right revenue models for the latter to ensure that they do not have a conflict of interest in assigning the right rating to each company. It might also be possible to automate such credit ratings, though more research is needed for that.

Like living organisms, corporations have an innate incentive to survive and grow. To do so, they collect individual data and build defensive moats around their business. But it also means that they plan for decades of survival and will interact with individuals several times over their lifetimes. Therefore, trust becomes a critical element of the long-term survival strategy. Empowering individuals with greater information is the foundation of higher trust. Which makes me hopeful that the wide information chasm in today’s data economy will eventually be bridged.