Skip to main content

Trading data: the risks and rewards

(Image credit: Image Credit: StartupStockPhotos / Pixabay)

Products, software and services are more interconnected than ever, thanks to the costs of sharing and transferring data being lower than ever before. While traditionally this data has been used for marketing purposes, it’s now powering these connections and is the cornerstone of many enterprises’ operations. What’s more, the recent wider adoption of machine learning, AI and the expansion of the IoT market means it’s no surprise that 90 per cent of the world's data has been produced in just the last two years.

Today, organisations of all shapes and sizes, from traditional software developers to hardware manufacturers, are also leveraging the customer and partner data they store to do everything from inform plans and strategy, to directly selling it. Consequently, most (85 per cent) now believe it’s worth the same as currency for solving business challenges, and 48 per cent are already commercialising their data to external parties, up from just 10 per cent in 2014. However, before any organisation can begin to think of ways to monetise data, they need to address the elephant in the room: GDPR.

The challenges and opportunities

Data regulations are causing a rethink of how businesses protect and use personal identifiable information (PII), creating both challenges and opportunities. Notably, organisations must now carefully understand and manage their use of data, whereas before they had carte blanche. Consequently, the value of data to an organisation is balanced against the potential cost – financially and legally – to it in the event of a breach or data incident. For most organisations this takes the form of the risk-reward ratio, which is used to measure the expected gains of a given investment against the risk of loss.

Despite this, GDPR has presented a significant opportunity for businesses by creating a legal framework for how data can be used and protected. By clarifying the legal risks and measures for data management, companies have a consistent framework to share and monetise data with their data buyers in a transparent manner. By identifying where data is stored and employing security solutions such as encryption on all vulnerable data, businesses can ensure they are adhering to GDPR and use data responsibly. The regulations also limit the ‘grey areas’ that some companies were operating in when commercialising data, preventing them from sweeping poor data practices under the carpet. While only reputations were harmed in the past, concrete rules now exist which make it clear how data should be exchanged externally.

So, once an organisation has gotten to grips with GDPR, how should they make the most of their data while minimising risks, and ensure that their chosen monetisation strategy is right for them?

The two sides of data monetisation

Data Monetisation can be defined as the value generated from data, whether that’s monetary or derived from any other attributes which might have value to a business. Quite often, the term monetisation is used for both internal or external value; however, there are clear distinctions between the two:

  • Internal Monetisation – Traditionally the value of data has been derived from analysing it to develop new business strategies or insights, guiding everything from branding to new product features or process improvements. This approach only impacts the organisation internally and ensures that the data they store remains within the network. With a robust data management and protection strategy in place, the business is less likely to run afoul of any regulations. This is usually the first step before being able to derive a monetary value out of data and can be split into three main components: understanding the customer problems already being solved; the problems that haven’t been solved yet, and the operational problems that cost organisations money.
  • Direct External Monetisation – The other approach involves directly monetising data. With permission from customers or partners if PII is involved, a business can either sell its data to other organisations that may find the insights and information useful for their own products and services. Alternatively, they can use it to sell additional complimentary services like analytics to their existing customers. Directly monetising data requires the business developing application programme interfaces (APIs) to monitor which data is transmitted in real time to whom. Coupled with an API product manager, this gives the business oversight of each customer it shares data with. While sharing data externally can potentially expose a business to more risk, with the right solutions in place the supply chain of data should remain secure, and ultimately generate revenue.

Risk and reward

Before any monetisation project can reap rewards, the data needs to thoroughly analysed to: firstly discover if there’s anything unique about the data that competitors don’t have; secondly how reliable the data is for third parties, and finally how much the data is worth for third parties in specific industries. It could be that the third party using a business’ data also operates in another industry which competes with them. For instance, tractor manufacturers might collect data of the crops and sell this information to raw material traders, companies they had no contact with before.

But, data sharing and direct monetisation is not without risks.

This is particularly true when it comes to customer and product usage information. One criteria is to understand market acceptance and how the business will be perceived by its existing customers and partners. Another immediate concern is whether this data is valuable for competitors, and if it could give them an edge with their own products. Whilst a further risk is that the data could potentially help create new competitors who weren’t previously operating in that space – and who now have access to the organisations’ data.

As the Cambridge Analytica scandal with Facebook proved, not only must the company selling data care about how it’s used, but it must consider how third companies are using it too. Businesses must ensure they have tools in place to respond if a third party be found to be misusing their data. During this instance, Facebook’s only solution was to deprecate the problematic APIs, meaning that all developers (including those who were not misusing it) were unable to use them and had to integrate new ones. To get around this, a business must conduct a thorough analysis of not only how the data they want to share can be used, but also how it could be used against them.

If properly managed, direct external monetisation can be a lucrative strategy for an organisation. Not only can PII be shared, but it can even be aggregated externally, which limits risks. Better yet, for businesses with many partners, sharing data can increase integration between products and services, leading to better customer experiences. Similarly, adopting an open data exchange can attract potential future partners, creating more business opportunities, and enhancing stickiness.

Many businesses will have a preference for their approach to data monetisation – whether that involves erring on the side of caution and analysing data internally or embracing the benefits of directly monetising their data. Importantly, it’s about assessing the risks: which data does a business want to share, and why? This does not mean that both approaches are not complementary, either. Even once a business has decided to share its data, it must ensure it has the flexibility in its APIs to have granular control over what is shared.

However, a business’ data capabilities are only as good as how easily they can share that data with customers. In order to do this, organisations need to ensure they use their APIs correctly. APIs must be considered as products themselves, and created with flexible packaging, pricing and business models for customers; understanding the value they provide for existing and new customers, in order to offer the APIs that fit their requirements best.

Further, APIs need to evolve based on the customer experience and changes in their needs, to ensure they have a fast time to market. In the subscription economy, 70 per cent of revenues come from renewals, upsells and cross-sells. Therefore, it is essential to have the right tools to handle data transfers and not leave easily monetisable data on the table by providing the best customer experience with low friction.

As enterprises become increasingly digital and connected, they will have more confidence in sharing their data, thanks to better understanding of its value and the practices needed to protect it. With data sharing enabling customers to use software and products seamlessly across different platforms and solutions in the future, businesses must determine their data monetisation strategies now in order to make the most of this opportunity.

Jamshed Khan, strategy and marketing vice president for cloud protection and licensing activity, Thales (opens in new tab)
Image Credit: StartupStockPhotos / Pixabay

Jam Khan has over 20 years in the software industry with leadership roles in marketing, strategy, customer success and product management. This breadth of experience now sees him helping lead cloud and licensing activities at Thales.