In the News

March 20, 2020
CDOs at loggerheads with legal teams over data use dataIQ Logo

CDOs at loggerheads with legal teams over data use

Data professionals working in financial services firms are being prevented by their legal teams from repurposing customer data for secondary use, with the two departments seemingly at loggerheads, according to new research.

Based on the views of over 400 chief data officers from multi-national companies, the survey revealed that 90% of CDOs are currently repurposing data or plan to in the next year.

However, over half (53%) of them also revealed that within the past six months they have been told by their legal departments that their organisation cannot use the data in the ways that they want to.

The research, conducted by Anonos, shines a light on the challenges financial services organisations face from regulations including the GDPR and PSD2. In many cases, companies can no longer rely on the processing grounds of anonymisation, consent and contract when they want to repurpose customer data for big data analytics, machine learning and AI.

Anonos chief executive and general counsel Gary LaFever said: "In many ways, the role of CDOs is changing from policing and controlling data usage to enabling new business avenues driven by data and analytics. However, as this research highlights, they are facing a struggle with their legal department when it comes to generating revenues from the trove of data their organisation possesses.

"Possession of data doesn’t give companies the right to process data, and most companies are now realising that they cannot repurpose data in the ways that they want to maximise value. This puts them in a difficult position: to gain a competitive edge, or even to compete in their industry at all, repurposing of data is not only important, but in many cases necessary."

LaFever insisted that traditional data protection methods, such as anonymisation, leave personal data open to re-identification, which exposes firms to GDPR non-compliance risks.

He added: "In contrast, GDPR highlights pseudonymisation as a technological solution in more than a dozen places, linking it to express statutory benefits and as a recommended safeguard for enabling greater privacy-respectful use of data in today’s ’big data’ world."

This article originally appeared in dataIQ. All trademarks are the property of their respective owners. All rights reserved by the respective owners.