Privacy Risk

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

The growing concern about the risk of exposure of User Private Information has been labeled as a Privacy Risk that has been legislated into a legal and reputation risk for Enterprises that collect and store that information.


Tom Jones (2018-12-04)


User Risk

The meaning of the term Privacy has been growing as the Information Age has expanded into every aspect of our human experience. While it started with the Warren and Brandeis article as the "right to the let alone" [1] it has expanded into a wide range of User Rights. While users have shown increasing anxiety about their privacy, they continue to show very little appetite for changing their behavior to protect their Privacy. As a result federal and state governments around the world have been passing laws designed to give users more control over their User Information.

Enterprise Risk

While in an earlier age it was possible to appeal to an Enterprise's good will, in an age of "maximizing shareholder value" the only way to coerce socially beneficial behaviors is by demonstrating risks to their continued profitability or existence. The are two broad categories of Enterprise Risk: Legal risk and Conduct Risk.

Legal Risk

  • Compliance with legislation mandates always entail additional expenses for a hosting provider, both operational and fines for non-compliance.
  • The risk of tort costs will also expand with additional legislation mandates, both for lawyers fees and judgements.

Conduct Risk

Since executive compensation is often predicated on shareholder value, any risk must be measured strictly in that metric to become an important consideration for executive action by the bulk of public companies. A similar calculus will apply to public enterprises because of pressures from the population at large and thanks to the investigations of a free press where it still exists. In both cases Conduct Risk is a growing discipline that Enterprises have learned to fear through the experiences with general business cases describe on the page Conduct Risk as well as those cases that are specific to service providers. For example, since the 2016 US presidential election Facebook has been called on the carpet in several countries for numerous privacy lapses that continue to grow.[2][3] When Facebook reported that 3 million users in Europe had abandoned them it lost $120 Billion in market value and the stock has continued to lose value throughout 2018.[4] The loss to Equifax market cap after their privacy breach is more that 30% with some experts doubting that the company can continue in existence after all the legal cases are settled.[5]


  • Compliance by the Web Site with the agreed terms will be hard to track which means that we can expect to see continued substantial loses as regulatory and market forces exact penalties for bad behavior.


  • It would probably improve the conversation to change the discussion from Privacy to User Rights, but habits and meanings of words are had to change, so it may be necessary to continue to talk about Privacy even though it would be more informative to talk about User Rights.
  • Changing corporate habits can be difficult unless the CEO of the Enterprise makes and enforces a commitment to treating customer with respect. [6]


  1. Warren and Brandeis The Right to Privacy (1890-12-15) Harvard Law Review
  2. Kevin Roose, No gentile Giant, But a Juggernaut Playing Hardball. (2018-12-06) p. B1 New York Times
  3. Adam Satariano +1, Leveraging User Data To Show Favoritism Among Its partners. (2018-12-06) p. B1 New York Times
  4. Over $119bn wiped off Facebook's market cap after growth shock. The Guardian
  5. Equifax’s stock has fallen 31% since breach disclosure, erasing $5 billion in market cap. (2017-09-14) Market Watch
  6. Time magazine special report on Habits