Data-driven business and data privacy: Challenges and measures for product-based companies

Abstract

To leverage the opportunities provided by the Internet of Things (IoT), product-based companies are exploring new data-driven business opportunities. They may miss these same opportunities, however, owing to data-privacy challenges. These challenges start with the customers of product-based companies, extend to the wider business ecosystem, and continue with the companies themselves. This article identifies 12 data-privacy challenges and introduces 12 measures to address them. These include intuitive recommendations, such as enabling cross-product consent collection, as well as less intuitive measures, such as fostering a can-do attitude in legal units, closing the gap between legal and business initiatives, or implementing a clear process for well-reasoned risk-taking. The following four principles were found to support companies in implementing these measures: (1) letting privacy and data-driven business go hand in hand, (2) putting customers first and turning their privacy preferences into opportunities, (3) aligning risk-management activities with the process of digital service development, and (4) using technology to professionalize legal processes.