Data ethics: how to work out what’s right for your business

Business decisions are only as strong as the data and ethical conduct behind them. As the financial services sector accelerates the pace of digital transformation, discussion of data ethics has therefore become increasingly important to the strategic direction of its companies. But few banks or insurance providers can even agree on what the term means, let alone what their own corporate data ethics should cover.

Industry players would do well not to ignore this area. Those who start to map out their ethical considerations now will find they form useful guard rails to help accelerate opportunity and innovation going forward.

What is data ethics?

Data ethics describes how value judgments around data use interact with the moral spectrum of a business — at every stage of the data lifecycle. Just as no two individuals have the same moral compass, neither do any two organisations. Interest in the topic may have spiked over recent years due to growing concerns over how data is used by AI algorithms, but data ethics is about much more than this.

Financial services institutions are prodigious collectors and processors of data today. That means, in order to build and maintain sufficient levels of trust with their customers, they must move the conversation internally from what could they do with this data, to what should they do with it. It’s about going beyond “what” to do with data to also deal with the “who”, “how” and “when”. This will require more than just drawing up a list of what not to do. Data ethics is about exploring the grey areas which don’t conform to rules and regulations, and putting them in the context of corporate values.

The biggest trends in digital ethics

This article will explore the biggest trends that are occurring in digital ethics, as technologies continue to play major roles in people’s lives. Read here

How to get started

As each organisation will have a different set of these values, data ethics will also vary from company to company. That makes generic, plug-and-play data ethics frameworks a suboptimal solution. Although they may help in providing defined approaches to decision making and concrete guidance for known scenarios, these frameworks fail to take account of an organisation’s unique circumstances and can offer an overly simplistic and narrow view of ethics. In short, they fail to get to the heart of the problem.

Data ethics come into their own not in situations of obvious “right versus wrong”, but rather more nuanced quandaries of “right versus right”. How does a bank choose, for example, between the “right” of customers to be protected from fraud and financial loss through use of their data, and the “right” of minimising personal data collection? Data ethics should be able to provide some answers, enabling organisations to choose between two or more desirable options by finding the one that’s closest to your its corporate values. But this isn’t simply a yes or no binary question: we then find ourselves asking how much data or which data types to exploit, or which technologies are appropriate (do we, for example, automate decision making?) – where the overarching decision remains “right versus right”.

Ethical considerations during the data lifecycle

So what does data ethics look like in practice? There are ethical considerations to manage at every stage of the data lifecycle, starting with which types or sources of data should be collected, and for what purposes. Next, what data should be stored and how, and who should be given access to it? An international co-operative with values based around independence, concern for the community and democratic member control, may be more inclined to enabling access by exception, governed by rigorous internal processes. Whereas, a retail bank with values driven by continuous innovation, personal accountability and putting customers first may prefer to allow wider data access to support ad hoc experimentation.

There are yet more ethical considerations to take account of at the data exploitation phase — governing what use cases should be permitted for specific datasets, and how permissions and preferences should be managed. And also at the archive stage, linked to how long data should be retained before disposal. Once again, core values influence ethics, and ultimately key decisions. The co-operative may favour the minimum legal limits for retention while the retail bank could prefer to hold on to data for longer to drive service development and innovation.

These are two extreme examples, of course. But the reason why data ethics is increasingly important in financial services is clear. The question of data ethics isn’t a simple problem, and for many financial service providers there won’t be a single right answer. But in the end, it will determine critical business decisions and the strength of customer trust. You won’t get it right every time. But keep talking, keep thinking, and keep learning.

Written by Holly Armitage, principal strategist at BAE Systems

Editor's Choice

Editor's Choice consists of the best articles written by third parties and selected by our editors. You can contact us at timothy.adler at