The Ethical Risks from Data Enrichment

  • 16 February 2021

Data enrichment is a big thing in insurance at the moment. The market likes the idea of bringing together data about consumers so that it can deliver better products and services to them. On the surface, that’s fine, and the sector has become pretty comfortable with this. Yet data enrichment needs to be thought of more critically. Its ethical credentials are weak.  

Ask yourself this simple question. Why is data enrichment needed in the first place? Why is your data incomplete? And from whose perspective is it incomplete?

I believe that there are significant differences between what insurers think of as a complete set of data, and what consumers think of as complete. And that difference represents the ethical risk that data enrichment introduces into an insurer’s digital strategy. In that difference lies all sorts of issues, such as fairness, discrimination, access, vulnerability, autonomy, transparency and confidentiality.

Now, those insurers who do think about that ethical risk tend to do so through a privacy lens. And as you can see, privacy does feature, but it is far from the only issue present.

Take autonomy and secondary use. This involves data coming into existence in one context and being used to enrich other data in a different context. One example is a post on social media being used in the underwriting of a motor policy (more here).

Yet consider this quote from Professor Melissa Terras of Edinburgh University, speaking in 2019 at the Alan Turing Institute…

"All data is historical data: the product of a time, place, political, economic, technical, & social climate. If you are not considering why your data exists, and other data doesn’t, you are doing data science wrong."

Listen to What Consumers are Saying

The ABI commissioned independent research in 2020 into consumer attitudes to data and insurance One of the key findings was that consumers have a strong dislike to their data being used out of context. It played a big part in what the researchers described as a double lens of mistrust around consumer attitudes to data and insurance. From what Professor Terras is saying, consumers are right to be concerned.

“So what!”, some insurance people might suggest – “it’s data and if it’s available, why shouldn’t we use it?” Well, investors might be interested in whether you’re doing data science right or not, especially if the strategy you’ve laid before them is a particularly digital one. And customers are clearly interested in whether the data being used to assess and settle their claim is actually relevant and up-to-date. That’s not something that can be judged by an algorithm.

A big chunk of the ethical risk from data enrichment comes through partners and suppliers. The scale of this risk was highlighted in October 2020, in a ruling by the Information Commission’s Office on data practices at the UK’s three main data brokers (more here). The ICO ruling was pretty damning, for example - “None of the consents… relied on by Equifax were valid.” Just think about that – none.

These are firms that supply huge amounts of data to the insurance sector, the main purpose of which is to enrich insurers’ data lochs. How much of that enriching data has been reused and supplied without valid consent? This ICO report, and a further one to follow, should be treated as a red light for insurers’ due diligence processes, and to firm and individual accountability under SMCR.

Deleting Algorithms

Let’s take this data enrichment risk one level further. Remember this post from a few weeks ago. It looked at a US regulator’s ruling on the algorithms that a firm had trained upon data gathered without valid consent. The Federal Trade Commission’s ruling required that firm to not only delete the data gathered without valid consent, but also the algorithms trained upon that data. And nowadays, when you have to delete your algorithms, you are deleting your decision making capability.

This is why the ethical risks associated with data enrichment need to be taken seriously. The ICO and FTC rulings have direct relevance for some digital practices now being used by insurers.

It is clear that every insurer engaged in data enrichment needs to be better at challenging themselves on where they get data from and what they can then do with it. The sector’s thinking around data acquisition and use has been too comfortable, too insulated from the public mood.

Back in 2012, I said that privacy was the next big controversy awaiting the insurance sector. This was confirmed in 2018 when the Financial Ombudsman Bureau told the Treasury Committee that they were predicting the use of customer data by the financial services industry to be responsible for the next big surge of complaints after payment protection insurance dies down.

What we have then is a sector listening to the language of ‘winning’ data for ‘intelligent decisions’ coming from date brokers, but needing to tune into escalating calls from consumers and regulators to be more careful, more critical when considering data enrichment.  

What this means for Claims Decisions

Let’s end by putting this into a practical context. If you’re basing your claims decision making upon data that has been enriched without ethical considerations, then your assessment of cause and settlement are exposed to challenge. And those challenges have already been raised in the US insurance market, and I expect the FCA to be an eager audience for what emerges there. This has contributed to my belief that it is in claims that an insurer’s biggest data ethics risks lie.  

Enriched data may be driving decision making forward, but it may also be driving it in a reputationally dangerous direction. Speed is all well and fine, but when it comes to data ethics, direction is more important.

If you have any questions about this post, please get in touch

Related Articles 

These two articles will also be of interest...

  1. The problems that insurers will have with identity
  2. Data ethics risks in insurance

Leave a Comment: