What’s the most valuable resource in the world? We’ll give you a hint, it doesn’t come in a barrel.
Christian Ward, Chief Data Officer at SourceMedia and co-author of Data Leverage returns this week on the show to share the remaining elements of data leverage from the discussion that was sparked last week. Tune in for details on how you can better put this priceless commodity to work for you and your organization while also mitigating many of the complex legal challenges.
George: We’re back with the second part of our two-part “Conquer Local Podcast” with Christian Ward, and we are discussing his new book that he co-authored with his brother, James Ward, around data and all things data. The title of the book is “Data Leverage,” should be out next week, and we’ll give you more details on how you can get the book coming up. Now, in our previous edition, we covered identifying your data, talking about intrinsic and extrinsic data sources. Then we talked about the value in the four buckets of data, and now, we’re gonna get into the structure of data and protecting data.
George: You know, I remember in the early days when we first started talking about voice search and how it was going to change the data set that a local business needed to understand, and needed to present, and needed to own, I think it might have been you, Christian, that talked about the gluten-free butter tart restaurant that somebody was searching for online or the pet friendly apartment building with a swimming pool and a wine night on Tuesday. And, you know, those searches that we’re doing with the voice assistance that we have, whether it be Alexa, or Cortana, or Google, or Siri, it’s a different search than we do if we type, isn’t it? The structure is different.
Christian: It is, it is. It’s great to be back with you, George. It’s not only different, the use case I usually use just because it’s personal and it’s very real is I’ve been waiting for the ability for me to say something like, “Alexa, great to be in London with my family. Can you send us to a family-friendly restaurant that is tree nut allergy sensitive, and has a tree nut allergy from the menu?” Because to me, I have a child with a severe tree nut allergy. That’s not just interesting data, it’s life-saving data. And it’s information that is available, and it can be structured. But for Alexa to break down where we are, where we normally are, what elements in a menu constitute a nut-friendly or are flagged as not friendly, or maybe at the restaurant level that they have some sort of tag where they can say, “We are nut-friendly, or gluten-free,” or other.
Those sorts of data points are not actually hard to get, but it takes a concerted effort to not only identify what data points are necessary, but to then structure your database and your data table to be able to handle it. And I think the big trend that you and I have witnessed over the years in Local is that large corporations have their own challenges with managing either franchise locations or individual locations. There’s a lot of logistics there. But they tend to have already evolved into more structured data about their businesses because they had to. If you’re a home depot and you have 4,000 locations, that data gets structured pretty fast just by necessity.
But for smaller businesses with just a few locations or one location, getting their mindset to understand the value of the painstaking effort sometimes that it takes to take data and get it into the structure unit, I think they’re gonna start to see that really pay off. They certainly have seen it pay off in the concept of local and local [inaudible 00:03:45]. You know, name, address, phone and that type of data. They’ve all learned that in the last, let’s say, 7 to 10 years. But the next step is what about your menu to the level of Alexa being able to answer me and say, “Well, Christian, there’s this amazing Mediterranean place. And while that normally has a lot of nuts on the menu, if you talk to them, they have an entire section put aside for people with tree nut allergies.” That would blow my mind, and it’s an amazing user experience that we can get there.
George: So at the beginning of talking about the structure portion of the four pieces of your methodology, you do talk about legal considerations. So why do I have to be concerned about that?
Christian: Well, so whenever you get into structuring a relationship, a data partnership between different parties, and this can be as much as a user agreement all the way up to a full-blown data sharing or international data-sharing arrangement. We try to start with, what legal structures do you need to understand? And that’s partially…in some way, you could say, “Who’s signing this document? Is it, you know, someone in marketing? Is it someone in data or in IT? Who is the signatory authority that is going to get these two companies understanding what the relationship is or what the user relationship is?”
And the reason why we break down the legal structure is, number one, co-authored by a lawyer. So I tried to keep the law step out as much as I could, but eventually, we said, “Look, we gotta have a chapter on this.” And it’s because what he has found over the years is that people tend to sign agreements without really a great understanding of what they’re really allowing. And I’ll give you an example of something where probably happens a lot more than people realize, which is, people will sign an NDA, a nondisclosure agreement when they’re exploring a data partnership. And that’s necessary and proper. There’s nothing wrong with that.
But as soon as you get to the point where you’re starting to share data files to do what we call in our business a match where you’re gonna see which of my record match to your records. And from there, let’s see a match rate. And that’s when you start to realize “Well, of all the menu items I have, you have all the ingredients at your firm.” I can then match up and see, you know, what’s got tree nuts in it because I’m gonna build this great new app? The issue is as soon as you do that you’re beyond an NDA. And many people do the NDA where it’s signed by a junior officer, or maybe an officer not paying attention, but they don’t realize that they’re gonna start sharing files.
Soon as you share a file with 5,000 of your customers’ names or ingredients to menus of locations that customers have had it, you’re getting into the world of, “I’m sharing across platforms now, and I need more protection for that.” And I think that’s a really healthy attitude for people to start to have around data. The other thing I would say is with you structuring or legal entities very critically for what we would call internal data threats, or people just leaving mistakes by downloading something from the company database to their hard drive, or to their laptop, or their iPad, that is now data on that system that could have identifiable personal information.
And look, listen, even…George, I could say maybe five years ago, this was certainly of interest in the States, but it wasn’t of the magnitude it is today. I feel like literally every other day, there is some major data breach that is announced or revealed or uncovered. And that’s the world we’re now entering. And I’m heartened by what’s going on in Europe in that they had their 40th Annual International Conference of Data Privacy Authority Professionals. Now, I started doing the math like 40th, wait a second, ’76? When did they start this? 1970s. In Europe, they have had what we call the humanized approach toward data for a very long time.
We, in the States, have a dehumanized approach. You and I typically look at data, “Well, it’s just information digitally stored.” That is not the way they view it. They view it as an extension of the human. And so the reason why we throw the legal framework into the book is you have to understand that different jurisdictions view different legal entities, and how they handle data when they’re reviewing whether or not it was done properly. So it’s a little bit dry because it’s legal stuff and, you know, I like to pick on lawyers. But it’s really critical if you’re going to be talking about big data partnerships down the road.
GDPR Structure Parameters
George: So I heard this the other day, and I wanted to get your take on it because I know you’ll have the answer. Under GDPR specifically, I’m allowed to have some data. But if I don’t use it in a period of time, I have to get rid of it. Is that true? Did I hear that correctly?
Christian: Yes. Well, there’s several different areas in GDPR, and I wanna tell the whole audience, my brother will kill me if I don’t. I’m not attorney. We can get him on another podcast in the future. He can give you the actual legal view. But at the same time, GDPR is actually a pretty accessible document. The part of them talking about there data minimization strategies and data minimization practices. Data minimization literally sounds like something that would give most companies, chief data officers, the hives. It literally says, “Over a period of time, you need to look at your data, and you should ultimately minimize how much you have because you should only be keeping what is necessary.”
Now, George, you and I, we grew up in the world of keep everything. I mean, a storage drops in terms of how much it costs to sub-pennies for gigabytes, you start to go on to keep it all. We’ll do something with it at some point, or we’ll check it. What they’re stating is, and what GDPR is saying is this, that is a hoarder’s mentality. And it is a terrible thing to do because you really don’t need this information. And I gotta be honest, the first time I read it, I’m like, “Oh, boy, that’s gonna be hard. Are they asking me to create a framework whereby if I haven’t transacted with George in three years, I should just let his record slowly delete out, and I should probably programmatically do that?”
That’s gonna…I mean, that’s not only difficult, but that’s my data. That’s mine. And they’re looking at us going, “No, it’s not yours. That data is George’s. George permitted you to have it because you provided him a service.” But George doesn’t even live in that same house anymore. In fact, George moved to, you know, Australia, and he’s never gonna work with you again. So just take them out of your database.
That mentality has to be balanced, but it is the right one. And I would also argue, the number of dead records or what you and I might call “zombie data,” right? It’s dead, but it looks like it’s alive. So it looks like it’s walking around in our database, but it’s really never gonna add any value toward our business going forward at a certain point. They are saying, “Kill off the zombie data, use data minimization approaches.” And I do agree with that. I think it’s tough to swallow for a Western entrepreneur data mind like mine, but it is the right attitude. Because in the end, we really need what we need. We don’t need all of it. And that is the approach they’re taking.
Data Minimization Tactics
George: So the interesting thing is when you talk to people that are in the data space, and I had lunch with my good friend, Jim Thompson, who’s the Chief Audience Officer, Billboard Magazine, and Spin Magazine, and Hollywood Reporter, and I said, you know, “You’ve been pretty successful in increasing audience at those publishing companies, how did you do it?” He said, “Well, we had so much data. I got rid of a bunch of it, put it behind a wall and focused on the things that really could drive the numbers to increase our audience.” So when you’re talking to people at work with data every day, they’re saying, “Yeah, we got too much. We need to minimize that data to be more effective.” So this actually aligns with that strategy.
Christian: Yes. And, you know, I would say, God forbid, I ever accused regulators of being brilliant. That’s not my general approach to the world. But I will tell you, the document is brilliant in some of the ways it lays out what you need versus what you think you need. And part of that is, in the data minimization, there’s also the portion, I believe it’s Article 22, around automatic data processing. That’s a fascinating read. It’s literally the thing that prevents you and I from being put into a bubble where I get a credit card offer at one rate, you get it at another rate. I get an offer for mortgage at one rate, you get another rate, and you and I don’t know why we’re getting rates that are four or five points away from each other.
And the law and GDPR says that you and I, as humans, have the right to ask how that automated offer or automated decision occurred. And that’s a really powerful thing. It means that as AI starts to make more decisions or offer more things, we’ve all heard about fake news bubbles and sort of controlling the mindset of people by only laying certain articles. But what they don’t realize is that process affects them with every financial offer, almost every school access or educational offer, almost every vacation offer. All of that is already happening. You just don’t know it.
And what they said was, “We really want humans to be able to unpack that and go to a company and say, ‘Under Article 22, can you explain why George got 4%, and I got 5%?'” Now, you may have a very valid reason, but I’d like to know what that reason is. Now, the scary thing in a way is AI might be doing it because Christian read “Brave New World” and “Sir Knight 451,” and George didn’t. And they view me as a threat interest rate-wise for that reason. I have no idea why it shows it, but there is a reason somewhere.
And the law is saying, “If you’re using those types of data points, you’re gonna have to reveal why you’re using them.” And I think that scares a lot of companies because they’ve enjoyed this world of, “We have all the data, we can make, or choose, or do whatever we want.” And they’re realizing that if you have to reveal that you’re using it and there’s gonna be sunlight on that process, that might be another reason to minimize some of the data you’re keeping. Because if you’re making decisions on it and you don’t really want the world to know you are, pretty good chance you shouldn’t have that data to begin with.
George: So the final part in the methodology is protect. I found it to be very compelling because I was sitting here going, “Okay, what do I really need to protect? Teach me, Christian.” Because we’re all concerned about our data, and it’s these data breaches that are happening. I live in on a day-to-day basis when I’m talking to SMEs and SMBs around the world where they’re, you know, “Somebody left me a negative review, and it’s impacting my data online about my business.” So what are the things that we need to protect and be concerned about?
Christian: Actually, the first thing is, protecting data is not that it’s impossible, but it’s pretty difficult, right? It’s one of those things that it is so easily movable. You’ve probably heard the phrase people go “Data is the new currency.” Have you heard “Data is the new currency” as a phrase?
George: Yes. Absolutely.
Christian: Well, what I try to explain to people is if you’re really saying data is a new currency, then you also have to recognize that you need to protect data just like you would protect your wallet, the currency in it, your bank accounts, your financial information. You need to take it to that level. And for the most part, people don’t, right? They don’t have incredible encryption around their address Outlook book versus their Bank of America statements. So when you look at data and how easy it is to move and manipulate or even walk out with, millions of records on a USB key for an employee that’s upset at their employer, you gotta start to think of, “Where do I start? How do I do this?”
And in our methodology when we say, “Identify, value, structure, and protect,” even though protect is the last step, we try and take you back to the first one that to protect your data, you should be putting on that lens as you’re going to the other three steps. Because when you go through and identify all your data assets, your intrinsic and extrinsic data assets, you should be looking at it as you’re doing that and flagging in a recording. We use mind and the maps typically in our practice, but our goal is to get every single field that has data and then flag it if it’s something that requires additional protective focus. Then you come back in step four to sort of clean that up.
The second step when you’re doing valuation, you wanna think about protection again. Which is, if you get a breach…yeah, the data may not be worth a ton. The first name, last name, and address of your current customers. If you converse with them mostly via email, those first three data points, name and address may not really be worth that much to you because everything you do is via email. But if you get a breach and have to announce that breach, that’s a huge problem that you gotta be thinking about. So as you go through each step, you wanna think in that protective mindset. But what Jay and I propose generally in the book is you should probably take some proactive stances, which is first, we think everybody should be looking at hiring a data protection officer.
And the reason why is it’s mandated under GDPR for many businesses, but this is a person whose job is not to monetize data, but to almost look at data and represents your end customer at your company. In the laws around GDPR, I believe they actually try and get you to not be able to fire your DPO for a period of 18 months because they’re trying to protect them. It’s almost sort of like a whistleblower clause put right into the business because their job is to make sure that if you’re gonna do something, and partner with someone, and share your data, or do something with your data, that that person is present in those meetings and has the voice of the customer to say, “Do we really need to share all of that? Could you just share my email address and not everything else in the file about me?” There are certain elements that way, and that person usually has a very good insight.
Typically, you’ll find a DPO is someone that’s either an attorney, or maybe they were a chief data officer, or chief information officer, but it’s a smart new role to add to your roster. After that, I’m a huge fan of this, George. I had to this first where I worked in a major data aggregator in the past. It’s called the data audit team. And they are a team of people that are technically savvy. They understand data. They’ll shift department by department, but they also have a financial background to work with audit teams. And what they do is they figure out on every deal or anything where the data maybe going in and out of the company and there’s a financial contract.
They figure out an audit who has access to what and what was it being used for? And I kid you not, just announcing that you are launching one of these at your company and putting someone knowledgeable at the helm of it will literally make the racks jump off the ship. People get nervous because they go, “Oh, oh, I probably shouldn’t be storing all this on my personal laptop and occasionally letting my friend get all these businesses, or see this data.” They get really nervous and that is the point. You want to…immediately we send the signal that you take this very seriously.
George: Well, we could continue because it’s just, you know, very enlightening to have you talk about these points. I’ve got about 15 things that we’re gonna be using the sales people just from the last two episodes. Christian, I really appreciate. I know you’re super busy. Congratulations on the new role, Chief Data Officer at Source Media in New York, and the book is called “Data Leverage.” Christian and his brother, James, the Ward brothers, are releasing this book in the next couple of weeks. And we wish you all the best with that book, and the new opportunity that you have with Source Media. And again, thanks for joining us on the “Conquer Local Podcast.” It has really been a privilege.
George: Super smart guy, that Christian Ward. And if anybody can take something that could be as dry as data and keep you compelled for 50 some odd minutes, that’s the guy because he just brings it home. And there were a number of moments during those two podcasts, and I wouldn’t use the whole thing in a pitch, but there were a number of moments where he was talking about how the structured data is impacting voice search, where you could have a conversation with a customer as to why that’s important. Or, you know, how you’re gonna use data, and do you really need it?
If you haven’t used it and the customer has left the market, you’re never gonna see him again, getting rid of that data might actually simplify your story and make sure that you’re focusing on the right things. There’s so many takeaways from that almost an hour of Christian Ward sharing his vast knowledge around the space of data. Fortunately, he’s captured it all inside his book with his brother, James, the data privacy lawyer. Two very smart individuals when it comes to data and how it can impact your business, and the title of the book is “Data Leverage.” You can find it wherever you are buying books today.
My name is George Leith, and we are always looking for your feedback on the “Conquer Local Podcast.” And you can reach me on my personal LinkedIn page. That’s probably the best place to reach out. I’m always reading those comments and responding. And we’re using a lot of that intel that we’re getting through that channel to craft what will be the next additions or next themes of the “Conquer Local Podcast.” As we move forward, we have a number of additions left on the digital marketing stack. So stand by for those as we actually are going to dig into churn and find out how important it is to add other products and solutions to reduce the dreaded churn, and we move forward with more episodes on the digital marketing stack. My name is George Leath, I will see you when I see you.