Players in ecommerce, entertainment, finance, Internet and social media space drive and influence risk indicators for not just for themselves but for users of Internet and increasingly to larger society as side effects spread to social, political and economic scenarios. Any risks from above domains are dominant and may easily be extrapolated in domains too.
There are five risks that may influence society negatively and turn in to resistance force for adoption of digital transformation. 1. Fake News 2. Fake feedback and responses 3. Stereotyping of consumers 4. Privacy and 5.Information Security.
1. Fake News
There are several items reported from use of Facebook, Google and Twitter that large group of consumers are criticizing and complaining about fake news. All recognize and acknowledge problems, originated because of division in user groups, aligned to different methods and ideologies. It is impossible for anyone to advise consumers of Internet and Social Media to behave or expect them to verify and validate their posts or liking posts by others, without verifying. There is an increased tendency about “what they want to believe” or “following blindly” if a subject of post is dear to them or aligned to their belief systems.
All that service providers can do is either wait for users to behave, which is an utopian thought or expectation, or create an antidote as technical solution. As of 2019, understanding of data, data science and AI approaches are relatively understood and reasonable solutions are possible, if provided a determined investment in resources and perseverance, to be demonstrated by service providers. While no solution is fail proof but the risk of fake news can be controlled to an extent, to avoid damages in contexts relating to personal, professional/business/political and social.
This risk is not limited to one or few but for every platform who has user participation about current affairs, businesses, social and political news and even sports and entertainment just to name a few. But are providers doing enough to control this risk? While every provider understands this risk but are struggling shape a mechanism in the form of technical solution. In theory it is simple but it needs a complex and sustainable architecture and everyone needs to prepare it is too late.
2. Fake feedback and responses
All Internet platforms are engaging users to get feedback about business and service providers to rate reliability and quality of a product, service and business. It is undeniable that none has ability to ensure or insist user to provide independent, honest and unbiased feedback. Users have inclination to rate, based on their individual experience and perception overall, but not on objective and specific analysis of quality of products and services.
What it means to both consumers and businesses? Consumers may be misled due to vacuity rating and feedbacks. Contrarily, for a large business may not have any impacts of these ratings even if there are reasons valid and worthy to investigate. Most consumers would go by majority opinions.
Until now society was in a phase to shift paradigms of activities and social behavior in to a digital world so fake feedback was not really a significant factor. Going forward, if continued with same practice and approaches for rating a business, it may be detrimental to small businesses and startups. In such a scenario businesses will start fighting back adding further to confusion, chaos and unrest for consumers as well as other businesses. Here are some examples;
3. Stereotyping of consumers
An easy way to understand this risk is from use of Netflix. Whenever a user logs in to Netflix, based on interpretation of name of user, recommendations are almost “judged” by Netflix. For example, I am a person of East Indian origin though my interest is not Hindi movies on Netflix, I was abundantly recommended Hindi titles without me having a say or choice. Netflix does not even provide options what I want to be recommended, at least by language and genre, if not perfect analysis of my moods.
I have no other personal information supplied to Netflix except my name and address. Though India has 22 languages (other than dialects) recognized by constitution of India, Netflix does not recognize my culture and background as a Netflix user living in USA. I keep getting recommendations irrelevant to my tastes and interests, and almost annoyed and drove me away from Netflix.
So what happened here is a complete stereotyping of me as Netflix user based on my name. It may be same with other users based on their names. Netflix may only be recognizing names based on ethnicity like Asian, South Asian, Arabic, Chinese, and European alike.
In a continuously globalizing world, when people from all over world are living in many countries, and at a stage when cultures are melting in a pot, consumers are continued to be judged based on ethnicity. If such a stereotyping is not controlled, if not avoidable, users may lose interest in products and services, irrespective of their ability to serve them.
It may not appear like a risk from one example of Netflix. Try understanding same issue from use of multiple platforms like Amazon, eBay, Google, Facebook, Twitter and similar ones. Such a stereotyping may confuse group of users, circle of friends, fans and followers about representation of one’s ideology and orientation towards social, political, economic and sexual too.
I reached out to Netflix customer support about stereotyping causing me discomfort as a user of Netflix and I have almost stopped logging in to it. Customer support team recognized and accepted to have such a flaw and limitation from Netflix but do not have solutions to address this issue before it may transform into a business risk.
Once Netflix was in news and discussions around world for their data mining competition for recommendation purposes. In recent months and years, there are reports that Netflix does not use data mining for recommendations but advertising. Discussions about Netflix are rather becoming controversies.
4. Privacy
Discussions and debates around privacy are increasing concerns in many users of Internet. It is not just Google and Facebook but there are several websites scraping web for personal information. Added to it public records shared by governments (local and state) are providing too many data points helping people prying for information about others easily.
All service providers like Internet and mobile companies, search engines, social media, e-commerce and almost all mobile apps are gathering details and personal content to such an extent that it may be possible to locate a person on real-time basis. If those prying for information happen to be criminals or sexual offenders, tracking anyone especially women and children, raises fears and concerns about privacy. Google alone gathers so much of information about users that any breaches may provide complete history of a user searches, locations and user movements (maps) aiding people who may use it either commercial purposes or criminal acts.
5. Information Security
Securing information in digitized enterprises is unending struggle 24X7.
Every business is on alert for protecting data assets from hacking, stealing and insider jobs sabotaging security. Despite having multiple high-tech tools and products data breaches are reported in many businesses.
What next?
Most enterprises are under impression of doing enough towards these risks by investing in manpower, technical products and consultancy services. Often investments are targeted at tactical levels without considering to mitigate risks as business problems to be solved strategically. Often responses to these risks are in the form of a tool, technology and software an organization has bought and implemented.
To a large extent many of us ignoring the fact that solutions should have a blend of approaches and perspectives of problem solving, robust risk management that include people related metrics (psycho-metrics), data and technical architectures can be added with automation and AI solutions.
If treated these risks as only technical challenges none will be able to mitigate these risks in near future. Above all, three lines of defense seems to be offering good start but often ends up with false sense of security due to nature these risks are too complex to handle without considering all influencing factors.
In case of Facebook and Google this a huge challenge stirring social and political emotions. Often efforts are made to see fake news in binary conditions (true or false) but fake news is in other forms like inaccurate representation, referring and attributing with wrong – person, place and time. It is not just a problem of some companies but sovereign countries are at both sides – instigating and receiving the brunt of fake news. It becomes very critical to tag all posts as accurate and verified in order to increase credibility of content, and it can be extended to a platform too.
Fake news cannot be eliminated completely but can be controlled (pre, immediate and post fake news situations) through mix of solutions in data and technical architectures along with platform management strategies. An AI based solution can be a 3rd layer in the stack but prior to that a simple data (1st) and analytical (2nd) solutions must be developed and evolved in social media platforms.
Fake feedback, fake responses and stereotyping may not raise an immediate flag for many users and businesses. From root cause analysis of recent events and reports in social, political and business portals indicate these risks may be hurting both consumers, businesses and society at large. All are deprived of truth yet compromising to work with perceptions. For example – while buying a product online or booking a hotel, customers do go by majority of opinions, irrespective of accuracy.
A detailed study, investigation and analysis of adverse effects from these risks is yet to be conducted in different categories of products, service lines and businesses. It does not look like many enterprises are taking it serious as they do not have numbers associated with these risks. Small businesses will be easy victims and large businesses might not have reached a point to quantify losses due to these risks. While AI and data analytics can be helpful but business strategies are at the core of these risks, either to have vision and investment.
Information Security risks are debated and being worked out as top risks in almost all organizations yet afraid of data breach vulnerabilities almost every day. An important factor, hard to balance, is data breaches equally serious within organizations as much as they are from outside hackers and attackers.
The level of sophistication required about people handling security issues, analyzing and predicting a breach and establishing a points of failure yet to measure up for effectiveness or efficiency. This is why experts are debating 3 lines of defense may be falling short for information security requirements, and need to move on for approaches that can address all factors giving up for data breaches.
Privacy seems to be mostly driven by regulatory requirements and GDPR is a latest and complexity added to list. Until now, privacy is addressed as operational and technology issues. Business perception appears to be worried about fines and reputation at risk! instead of making it as priority among business strategies.
Both information security and privacy may have their roots in personalized marketing and recommendation approaches of products and services, only next to financial (bank accounts, credit cards) even health related information is targeted for either marketing or insurance purposes only. New regulations may have to focus and overhaul personalized marketing than putting band aids around it. It is possible but initiatives need to come from leaders like Google and Facebook.
Personalized marketing is generating businesses greediness about gathering personal identification information. It is growing like madness and becoming prime reasons for violation of information security and privacy. With progress in analytics and data science there can be substitutes to personalized targeting for marketing and continue building recommendation approaches. This transformation does not come easily as most businesses are addicted to it. However there should not be any doubts that Internet Users are getting more awareness to fight for their privacy and information security. Regulations like GDPR will be prominent and governments will not be able to ignore and business must have comply before damaging their businesses opportunities.
Conclusion
Challenges are enormous and failing to mitigate these risks will cause adverse impacts that are already extending to economical, business, political and social scenarios. Though technical solutions are the means to achieve these objectives, role of strategy, business management and operations must be tweaked so that technology solutions get paradigms to control risks. It is quite enticing to look for an AI solution for mitigating these risks but AI solution can perform better when proper data is fed and all possible analytical practices are performed prior to handover keys and responsibilities to AI solutions. A business plan, reaching board level, must be presented with solutions at different levels of organization. Last but not the least, organizations must change risk cultures to bring in different and out of the box thought processes and new solutions.