The tension between data utility and data protection is costing the world trillions. According to Statista, the estimated global cost of cybercrime is $8.44T per year, while the estimated missed opportunity cost of under-utilized data is $4T. Historically, data could be encrypted at rest in order to ensure its protection, but what if you wanted to use or analyze that data? You’d have to decrypt it, leaving it exposed or non-compliant, or accept the missed opportunity costs of keeping it sequestered.

A false sense of security

In the age of GDPR, CCPA, and HIPAA, cybersecurity practices that guard against data breaches and fines for non-compliance appear to make sense. We’ve all heard the scary stories of mega breaches. One stolen vendor laptop cost a major US health insurer $1.7B, for example.

Many will have noticed a sharp rise in their insurance premiums to hedge against breaches, but there are costs beyond that. By now, most have heard the phrase "data is the new oil" – and yet only 32% of the data available to businesses is put to work. Poor data quality and data availability are all too often side effects of deterring hackers and checking the boxes for compliance.

Privacy regulations hamper fraud detection

It’s ironic that a risk-averse data policy can result in more fraud for organizations and their customers. Stringent privacy regulations make it difficult or impossible to track all stages of a user journey and analyze overall behavior in real-time. 

Siloed data often necessitates a separate fraud workflow for each part of a user journey, which means red flags are raised by one workflow without the benefit of context from the others, i.e., insights from the account-opening stage are completely separate from a user’s transaction data. This makes it much more difficult for a fraud department to aggregate user activity and make an informed judgment. 

62% of financial leaders say that improving access to siloed data will be a priority in the next 12 months. Another study found that payment fraud grew 40% from 2021 to 2022, while the average fraud case is said to cost companies $1,509,000. The issue is very real, but few have got to come to grips with it.

Untrusted first parties and internal breaches

Retail brands and franchises are understandably mindful of preventing sensitive data from being sold or used for nefarious means by their own employees. 57% of fraud is committed by company insiders or a combination of insiders and outsiders, and 20% of data breaches are caused by company insiders.

The 'solution' is often to reduce the amount of data that flows down from corporate to various employees who use that data to help them do their jobs efficiently. While this can give peace of mind that individual customer records are safe from fraud, it can impair the ability of various parties to track performance and conduct business analytics. Call and customer service centers are another example of the dilemma a big business faces when employees on the ground are entrusted with sensitive data. Should data only be shared with center managers on a strict need-to-know basis? Or should they be empowered with insights that can help them perform better in the future? One option carries a fraud risk, and the other carries an opportunity risk.

The missed-opportunity costs of underutilized data

Missed-opportunity cost is more difficult to quantify than the cost of fraud, data breaches, and non-compliance. This is because these missed opportunities are so vast and spread across so many verticals and use cases. Nevertheless, there are some compelling statistics. Data access and sharing has been said to increase its value to data users by 10 to 20 times, and by 20 to 50 times for the wider economy, which results in a boost to GDP of between 1% and 2.5%. At an organizational level, many have reported missed business opportunities and poor decision-making because of a lack of availability of data/insights. Immuta found that 89% of organizations cited ‘data access bottlenecks’ as a reason for missing business opportunities and that only 58% of their data is available to them when they make important business decisions. The majority of respondents said that securing data with appropriate access rights is one of their biggest hurdles.

The human cost of data underutilization

While all of the above results in significant business costs, the cost to individuals is also enormous. Identity theft and financial fraud can cost an individual a life-changing sum of money, and even in scenarios where they are protected, the cost is often passed onto the consumer indirectly. Indeed, legislation that is supposed to protect the consumer has been found to be responsible for significant hikes in the cost of mortgages and an ultimate reduction in the amount of money available to consumers. Since the introduction of the California Consumer Protection Act, compliance costs have led banks to reduce their credit by 3.4%. 

Outside of finance, there are matters of life and death in the healthcare sector that are compromised by data protection and compliance, with life-saving treatments taking decades to get to market and at-risk patients going unidentified. Fully 30% of the world's data is healthcare data, and yet only 3% of that potentially life-saving data is actually ever used. We will explore this in more detail in our next article.‍

But it doesn’t have to be this way…

Nobody should be content with a system that merely sequesters and encrypts data to make it unusable. This is where privacy-enhancing technologies (PETs) come in. PETs allow data to be analyzed in privacy-preserving ways so that more value can be extracted while still protecting individuals' privacy. 
Blind Insight is a new private database platform that allows fully encrypted data to be analyzed efficiently. Easy integration enables modern software teams to build privacy-preserving computation into existing platforms.

Sign up for a demo and get a free 30-day trial.