Data Ethics FAQs for Manufacturers
Today’s manufacturers are all on the road to Industry 4.0, exploring ways they can use emerging technologies to enhance every part of their business, from increasing the accuracy of demand forecasting to improving factory safety and beyond. To do so, they need to collect — and share — more data than ever before.
According to BDO’s 2024 Manufacturing CFO Outlook Survey, 30% of manufacturers consolidate their data in a centralized location and share it across their organization. Another 13% go so far as to share this data with certain vendors. At the same time, manufacturers are also demonstrating intent to grow their data maturity, with 37% planning to hire for data analytics skills in 2024.
As the manufacturing industry’s data usage continues to expand, consumers and privacy advocates will increasingly call on manufacturers to demonstrate strong data ethics. For manufacturers who are just beginning to explore Industry 4.0, the conversation around data ethics may be new and potentially overwhelming.
Before manufacturers can implement a strong data governance program that ensures appropriate collection, management, protection, and usage of data, they must first understand the basics of data ethics and what it means for their organizations.
What is Data Ethics?
Data ethics addresses the ethical challenges that arise from data collection, data privacy, data sharing, data analysis, algorithmic decision-making, and the use of artificial intelligence (AI). It denotes the legal and moral responsibilities that come with the use of customer data, and includes everything from the type of data collected to how it’s used, as well as the security in place to protect it from nefarious actors. Broadly, data ethics can be thought of as central to respecting individuals’ rights and ensuring consumer transparency when regulations are light or non-existent. Some key questions include:
- Does your company notify consumers about their rights and provide a mechanism for them to opt-in to or opt-out of data collection and usage?
- Is your company transparent about data sharing with third parties, such as vendors?
- When using algorithms and AI to make decisions, do you have processes to avoid discrimination and biases?
How Does Data Ethics Relate to Data Privacy?
Data ethics and data privacy share a symbiotic relationship, as ethical data management is a core component of a privacy program. Inadequate privacy considerations can erode consumer trust due to the often-sensitive nature of the data being retained. A data breach can be devastating for this relationship, leaving customers uncertain about where information like their social security or credit card numbers could wind up. For your company, this type of event can result in a loss of consumer trust and brand reputation, even beyond the consumers who were directly affected.
What Role Does Self-Regulation Play?
While regulations establish standards and benchmarks, successful data ethics programs ultimately hinge on your company doing right by its customers. This requires setting internal controls and frameworks that often go beyond compliance. It is critical that manufacturers not only set internal requirements but actively manage each employee’s role in upholding these requirements. Items to consider when developing controls and frameworks should include the length of time data is retained, the purpose for which it is used, and its confidentiality and integrity.
How is Data Legislation Shaping U.S. and Global Policies?
There is currently no blanket U.S. federal standard governing how customer data is collected, used, stored, and protected. However, some individual states have passed privacy laws, which often differ in scope and strictness. To insulate themselves in this environment, companies will often adhere across the board to the strictest of these laws, which means most companies are adopting global privacy and data policies. For example, the European Union introduced the General Data Protection Regulation (GDPR) in 2018, and has now introduced the EU Digital Strategy, which comprises the Data Governance Act and Digital Markets Act, among others. Many U.S. firms will begin to adhere to these laws in place of U.S. federal legislation.
Manufacturers must also consider their network footprint when considering their data privacy responsibilities. Those with suppliers in the EU, for example, are beholden to certain GDPR requirements if they manage or have access to data from EU citizens. Even for manufacturers with no global operations or suppliers, it may be worthwhile to adopt the strictest international data privacy regulations, as these regulations often influence U.S. data privacy legislation.
What are Some Key Concepts to Consider When Looking to Enhance Data Ethics Practices?
Asset Inventory
Understanding your data and applications inventory means asking pertinent questions about personal data in your possession. What kinds of data are stored? How old is the data? Who has access to different data types? Without answers to these questions, it’s impossible to know if tools like algorithms or AI are being used in an ethical way.
Data Rights
What individual rights do your customers hold regarding their data, both according to the law and company data policy? Can you ensure that their data is accurate and complete? Do customers have access to a copy of their data, or the ability to control it?
Biased Algorithms
Algorithms and AI are not inherently free from bias, and failure to account for algorithmic bias can be damaging in several ways. Algorithmic bias — systematic and repeatable errors in a computer system that create ‘unfair’ outcomes — can decrease the accuracy of an algorithm, reducing its usefulness and value. It can also lead to imbalanced access to services for customers, and harm trust. Knowingly or unknowingly feeding customer data to a biased algorithm that produces skewed results or inadvertently furthers existing inequities is not an ethical use of that data.
Data Governance Program Development
Data governance refers to the practice of architecting overall data management and control of data within an organization. A good data governance program involves processes, policies, standards, and frameworks that are put into place to ensure the proper collection, handling, storage, usage, and protection of data. As you build your program it is important to establish a data governance committee to help systematize these measures. Instead of remaining diffuse, responsibilities around data management and ethics can be centralized.
Tracking Technologies
Cookies are considered personal data, and companies continue to face debate around the types of cookies they collect from visitors who browse a website. Enforcement agencies are more focused than ever on the use of tracking technologies, requiring companies to reconsider many questions about tracking and cookie collection. Manufacturers should carefully consider their reasons for collecting specific sets of information, whether this collection is disclosed to the website visitor, and how the information will be used. It is also important to understand the different uses of tracking technologies, including the different categories of cookies, such as required/functional, and optional cookies for marketing and analytics purposes. Remember to update cookie banners and allow users to opt-in or out of this tracking.
Data Usage Frameworks
Data usage frameworks are well-documented standards for how you will and will not use data. These standards should be clearly defined, documented, adhered to internally, and communicated directly to customers.
Data Disposal
Data disposal is the process of getting rid of old, or legacy, data in your possession. Most consumer information is not evergreen and will eventually become outdated. Maintaining a regular review cadence to weigh the potential benefits of old data against any privacy and security risks can help keep your data inventory relevant and help advance your data ethics program.
What are the Benefits of an Ethical Data Strategy?
In practicing ethical data management, you are protecting your brand, improving customer service, and cultivating consumer trust. As many as 74% of people now rank data privacy among their top values, according to a study from MAGNA Media Trials and Ketch, and only 5% have no major concerns about how their data is used, demonstrating a high level of worry and skepticism. But this also presents an opportunity, as the grand majority of consumers also say that strong data privacy practices would have a positive impact on their perception of a company. Just as customers will remember a negative experience — an arcane procedure to unsubscribe from marketing emails, for example — they will remember when their data is treated with respect and when they are given control over that data. Well-articulated data ethics policies can also be a powerful means of bolstering employee confidence within your organization, reducing concern about how human resources data is used. Because data protection is an integral part of data ethics, shoring up these policies can also help enhance resilience, as services, products, and operations will share in the benefits of improved security.
Taking the First Step
Establishing an ethical data strategy is critical for manufacturers seeking to take advantage of Industry 4.0 opportunities. However, taking the first step may require more knowledge and resources than many manufacturers have in house.
Contact Brown Edwards
Copyright © 2024 BDO USA, P.C. All rights reserved. www.bdo.com