The Cambridge Analytica scandal revealed how Facebook, Google and other tech companies have sold private information to pretty much anyone who wants it. Hopefully, consumers became more aware of how their personal information can be gathered, sold, resold and used to manipulate them with fake news, into buying things or even voting for a particular candidate. However, businesses may not be as aware that their information is also vulnerable. Facebook and Google may be mining your data for their own purposes or selling it to your competitors.
The lesson is “if the product is free, you’re the product,” but businesses need to know this also applies to them. If you take a free Gmail account from Google or use Google Drive, or sign up for Facebook’s new Facebook Workplace, you’re signing up for a free service. So, what does that mean? Your business is the product. Your data belongs to you as well as Google and Facebook. Yes, your corporate data with all your confidential information and email exchanges belong to Google and Facebook.
More importantly, in the tech industry, big companies used to steal the product ideas of smaller companies by inviting them into a meeting on the guise of a potential acquisition. After gaining an understanding of the technology, they’d deploy their massive resources to recreate the idea faster and with more marketing behind it.
With data crawlers, they don’t have to go to the trouble of inviting you into the office to show them your work. They can see it. And no one would be the wiser if they happened to come up with a similar idea.
Beyond big concerns like data tracking, these free services are not secure, encrypted work environments. Having your company operate on a free service leaves you open to data breaches and hackers because Google and Facebook are not concerned with protecting your data. They’re concerned with protecting theirs.
Mobile phones are another source of privacy concern. Be mindful of the apps your team uses on their mobile devices and how those apps track and share your data. Android phones are notoriously open. You can’t shut off location tracking on a Google phone, and Android applications are known to be riddled with malware.
If privacy is the new black for individual users, it must be for small businesses as well. Small businesses need to develop a culture of privacy and data protection from the get-go. While it’s tempting to use free services like Gmail or Google Drive or Facebook Workplace, you set up a culture that doesn’t value privacy and confidentiality. Furthermore, your precious non-disclosure agreements (NDAs) are worthless when you’re handing over your data to some of the biggest tech companies in the world for free.
Here are some tips on how to make privacy a policy from day one of your startup:
1. Don’t use free productivity services like Facebook Workplace, Gmail, Google Drive or Google Cloud. While it’s tempting to take advantage of free services, when you upload your data into their cloud, it’s no longer just your data. It belongs to them as well. Plus, you don’t want a central repository of all your company’s sensitive information in one, unencrypted location, subject to hacking and data breaches.
2. Don’t mix business and private communications. One hack, one malware infection and you lose both company and personal data.
3. Comply with GDPR, even if you aren’t required to do so. It’s a good set of rules and will prepare you for future expansion and growth into other countries.
4. Don’t use Android phones. While iPhones also have malware, Android is much less secure and provides a back door to encrypted messages, which means it’s a back door for hackers as well.
5. Use encryption. Use encrypted storage, email and file sharing.
The proliferation of data tracking and gathering is only going to increase as big tech companies fight to own the most comprehensive set of data for their advertising customers, artificial intelligence algorithms, and their other customers who buy and sell information about you and your company. Protecting your data will continue to get harder. And there’s no doubt data breaches will increase and have more serious consequences. Step one as an entrepreneur is to protect your valuable, confidential data as a cultural value and good governance from the beginning.