The Flow Report - monetize vs. minimize

1. Introduction

There is significant demand for data in 2024, fueled by the adoption of new technology, particularly artificial intelligence. At the same time, regulators and lawmakers in major markets including the United States, UK, EU, and China have stepped up privacy controls to limit the collection and sale of data. There is a clear conflict between the nascent data market and national interests in protecting citizens' data and geopolitically sensitive information. While this conflict has been brewing for decades, the past twelve months of technological and legal developments have led to a critical period for many businesses: (lawfully) transacting in data has become table stakes.

Three trends define the current turbulent data market:

1. Broad legal support for collecting and sharing public data in the United States,

2. The explosive interest in artificial intelligence, which motivates new data buyers and sellers, and

3. Government interests in protecting national advantages through data sovereignty (including privacy).

2. What is data minimization?

Data minimization is a near-universal concept in privacy and data regulation. Essentially, data collectors may gather only the data they need to perform a permitted function.

This concept is a core principle of the data practices promoted by the global trade group, Organisation for Economic Co-operation and Development (OECD), since its publication of privacy principles in 1980. It has since been incorporated into most modern privacy law, including the General Data Protection Regulation (GDPR), the Personal Information Protection Law in China (PIPL), and the draft American Privacy Rights Act (APRA). Crucially, this concept relates to personal data and privacy, rather than (non-personal) data more generally. Businesses, governments, and other organizations can often aggregate or otherwise transform data to work around the constraints of regulations requiring data minimization.

3. What is the data monetization trend?

Organizations have also been monetizing data for decades. The recent monetization trend relates to a broader acceptance of the fact that many organizations - including start-ups and businesses outside of tech - may be able to generate new revenue by sharing their databases, customer data, web traffic data, etc. with others. As more businesses transact in data, the market (while still opaque) has matured to the point that it is possible to promote and sell data to businesses ranging from consumer goods, insurance, financial services, pharma, as well as federal and local governments. Most large organizations are now producers and consumers of data that might be sold.

This trend is supported by growth in data storage and computing power. According to Statista, the volume of global data stored was two zettabytes in 2010 and is predicted to reach 147 zettabytes in 2024 and nearly 200 zettabytes by 2025.

4. How will this conflict define the data market?

While the conflict is clear at a high level (in the imposition of legal limits despite surging commercial demand), sophisticated organizations will continue to work within regulatory confines to use public, aggregated, or otherwise non-personal data to achieve their goals. In the largest data market, the United States, cultural norms continue to drive this outcome - for example, protecting certain categories of data (related to minors, finances, and healthcare) rather than privacy generally, as in the EU and the UK. Other regions with massive populations and permissive data collection, such as China and India, have built similar markets despite the complexity of transacting with Western businesses (increasingly constrained by data sovereignty laws). As long as regulation focuses on personal data, it can be circumvented.

The data market remains too vast and consists of too many silos across organizations for a single dominant marketplace or clearinghouse to form (yet); however, as data users adopt generalized best practices and collaborate across industries, it may be possible to reach a balanced middle ground between over-collection and under-utilization of novel forms of data.

Related links

·        General Data Protection Regulation (GDPR, Article 5, 1(c))

·        Personal Information Protection Law in China (PIPL, Chapter 1, Article 6)

·        American Privacy Rights Act (APRA, Section 3)

·        Gulp Data’s monetization tool

©2024 Glacier Network LLC d/b/a Glacier Risk (“Glacier”). This post has been prepared by Glacier for informational purposes and is not legal, tax, or investment advice. This post is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. This post was written by Don D’Amico without the use of generative AI tools. Don is the Founder & CEO of Glacier, a data risk company providing services to users of external and alternative data. Visit www.glaciernetwork.co to learn more.