Who really owns the client?
Big Data is set to become the new oil, the ground breaking commodity that companies will fight furiously over in order to improve their business.
In this new world, who owns the client? Big Data is much more than information filled in on a form, it holds the key to a person’s whole identity and existence.
The modern reality
Lance Solms, Head: Itransact points out that the reality of the modern world is that data is everywhere, and data analysis forms part of everything.
“The investment industry in particular is heavily invested in the procurement, analysis and safeguarding of data at every level. The client, brokerage, insurer, and industry as a whole all have a vested interest in data pertaining to every aspect of a client’s risk profile,” says Solms.
He adds that with so many parties interested in data, the crucial question is one of ownership. “Data is an asset unlike any other. However, where traditional assets like cars or computers are finite by definition and generally have limited ownership for a given timeframe, data can be replicated, enhanced, aggregated, summarized and analyzed endlessly without suffering devaluation over an extended timeframe,” says Solms.
The same data may have very different values to different parties, and the value of a specific set of data can often be increased by sharing it and allowing other parties to analyze and enhance it.
The three kings
The topic of data ownership is far too broad to discuss in a general context. So let us focus on the scenario represented by a client, adviser/representative, brokerage and investment product provider.
“The client has a right to personal privacy as guaranteed by the Protection of Personal Information Act (POPI), which gives them certain leeway in deciding how their personal data may be used. They also have the right to have their personal data returned to them or destroyed upon cessation of the agreed usage. But what control do they have over the wider reuse of their information?” asks Solms.
The adviser will use the client’s information for several different reasons, such as building a relationship, offering advice, and evaluating the client’s risk profile. This same information can be used by the brokerage for the determination of fee structures and profit shares.
“The brokerage therefore has a vested interest in owning the data, and in preventing the adviser/representative from simply walking away with client data in order to conduct business elsewhere. Treating Customers Fairly (TCF) requiress the investment product provider understand their end customer in detail before offering them a product . says Solms.
The investment product provider is more interested in amassing certain data from a large number of clients, which allows for accurate customer profiling , , behavioral pattern analysis and other statistical models.
Surrendering ownership
Solms adds that a client cannot actually be owned, but their information or data certainly can be owned. In fact, when you enter into any agreement with a service or product provider, through a brokerage you effectively part with your data, it does not belong to you anymore.
The brokerage in turn passes your information onto the product platform or product distributor who in terms of law must also analyse and store it. (ie perform FICA checks) The platform then passes your information onto multiple product providers, dependent on what mix of products you may have invested in. The result is that everyone in the supply chain now owns your data.
An air of confusion
Steve Symes, CEO: Genasys Technologies points out that the ownership of data can therefore be confusing. “Add to the fact that once your data is collected and is analysed by another party, is it your data any longer since the analysis would have generated new data and each of those generations may have multiple paths leading off it,” says Symes.
Finding out where your data resides and who actually owns it is almost impossible.
These are some of the reasons why the world has moved to enforce the governance of data ownership. In South Africa POPI seeks to regulate the processing of personal information and has swiftly divided the ownership of data into two camps; the responsible party and the operator.
Both parties now have legal obligations in how they store, analyse or use your data. Some being, but not limited to:
• Only collect information that you need for a specific purpose;
• Apply reasonable security measures to protect it;
• Ensure it is relevant and up to date;
• Only hold as much as you need, and only for as long as you need it; and
• Allow the subject of the information to see it upon request.
Non-compliance
“Non-compliance with the Act could expose the Responsible Party and the Operator to a penalty of a fine and or imprisonment of up to 12 months. In certain cases the penalty for non-compliance could be a fine and or imprisonment of up to ten years,” says Symes.
This may be all good and well for us, but the important question however is not who owns the data. Ultimately, everyone involved in delivering the service or product to the end user is an owner in some way. Perhaps the real question should be who owns the means of analysis?
Restricted movement
Danny Joffe, Senior Legal Advisor: Hollard Broker Markets asks that if the broker decides to move from the insurer, can they simply move their book of business away from the insurer? Can they stop the insurer from dealing with the client directly?
If a broker sells their book of clients to another broker, can the deal that is struck along with payment made force the client of the selling broker to move over to the purchasing broker and if not, what has the purchasing broker in fact paid for?
“One must understand the various capacities that one acts with and for the client. The client is first of all a human being and not an object. No one owns the person or can make unfettered decisions for that person. Clients can make up their own minds about who they want to represent them both as their insurer and their duly appointed agent in dealing with the insurer,” says Joffe.
What may complicate the matter is that the purchase of a broker's book of clients is often accompanied by strongly worded restraints which prevent the selling broker from continuing to act for the client but if the client does not wish to be represented the purchasing broker, then nothing that the purchasing broker inserts in the agreement can assist them.
Interesting complications
The client can simply move and appoint a new broker. The client's data would have been sold as well but an interesting question is whether legally the client's personal data can even be handed on to the purchasing broker without the client's prior consent.
The Financial Advisory and Intermediary Services Act prohibits the handing over of client's personal data to third parties and certainly when POPI comes this will become more strongly enforced.
“Client's data cannot simply be sold to third party insurance brokers for a fee so that the new broker may have an opportunity to market, re-broker or up-sell to that particular client. It is very common in the market today that clients simply get communication advising them that a new broker has purchased the book of business from the old broker, and unless the client objects, the new broker is the duly appointed agent. This could be challenged by the client in future,” says Joffe.
As the world continues its inexorable march into the digital age, data is going to represent a larger and larger proportion of industry assets. This makes it ever more important to ask the question: who owns the client's data?
