Five key points on supplier profiling of your business

Big data can do many things, but should you be concerned about the big data that is extracted or exported by suppliers of devices and applications?

Big data is a sexy buzz term that seems to promise all kinds of benefits, but before getting carried away, it would be a good idea to consider a few questions.

Important questions include: Who is the beneficiary of all this data? How is it gathered? Who buys it? Who uses it? Is there a security risk?

Big data can be a lot of things, but should you be concerned about the big data that is exfiltrated, extracted or exported by suppliers of devices and applications? There are five reasons any business should be worried:

First, big data is often spun as structured or unstructured data from which insights are extracted by tech suppliers using smart analytics. However, most of the data taken from mobile devices, smart thermostats and the like is not used in this way. It is simply sold to marketing and advertising professionals. Pure and simple – no bells and whistles and no (or little) use of analytics.

Second, data exfiltration is a good thing, right? Yes, if you are a big tech supplier getting something for nothing. Most investors are only interested in tech firms that exfiltrate and aggregate data. Often, their actual tech offerings are of secondary interest.

Ethical use

But if you are a user, then what eventually comes out of the tech supplier as a result of the analytics activities and ethical use of big data might actually end up informing the development of a new or better product. So if you close your eyes tight enough you might be able to imagine a tech giant honouring the spirit of the data export agreement, assuming there was an agreement in the first place.

Third, you may think there are only a few devices and apps which exfiltrate data. Wrong! Over 90% of the tech suppliers at CES 2015 in Las Vegas have their solutions exfiltrating data. Many of the solutions take data from your device which has absolutely nothing to do with the tech itself. For example, an app for controlling a child’s doll has no business exfiltrating contact lists, call data and location data.

Read more about data privacy

This problem is firmly in the consumer market and does not apply to businesses, right? Wrong again - this is the fourth worry. Although most organisations are letting significant supplier data exfiltration go completely unchallenged, the reality is that, as legal entities, they have not consented to such activity. Legal teams in corporate business and governments have simply not realised that employees are being profiled by suppliers located in both friendly and not-so-friendly countries.

Data profiling

The final concern is thinking big data profiling can only be good. This is questionable. If you described a situation where all of your staff were being monitored 24x7x365, many could rightly say that was industrial espionage. If you are a tech company which competes with a supplier which regularly profiles your staff, then you only have the supplier's word that it is not spying. What is more, many of the growing number of technologies which exfiltrate data do so by default. Many do not let you disable such functions. Those that do, hide the functions many levels down or they fail to work, potentially enabling large-scale industrial espionage.

So before you buy the spin that tech suppliers cannot give you great solutions unless you agree to profiling, consider whether you should be giving them something for nothing. Above all, consider the risk to the privacy of your staff and to the security of the organisation.

Consumer protection law is way behind the curve, and the legal community is even more so. Law makers and lawyers need to be a bit more questioning, and tech suppliers and their investors need to be a lot more open and ethical before the true benefits of big data can be realised by everyone.

Neil Hare-Brown is chief executive at Storm Guidance

Read more on Privacy and data protection