Q&A  | 

JoAnn Stonier

“Everything a company is doing around data should start with the individual and protecting that individual’s data”

Tags: 'Ética de datos'


Reading Time: 4 minutes

JoAnn C. Stonier is the Chief Data Officer for Mastercard Worldwide. She is responsible for overseeing the curation, maintenance and management of the company’s strong data assets as Mastercard increasingly looks to deepen the value it can provide its merchant, banking and government customers and cardholders through its analytics capabilities.

What is the role of Chief Data Officer?

The role of chief data officer has been around since the dot com boom in the early 2000s, but it seems that more companies have started to adopt the title more recently as they increasingly look to understand both the opportunities and risks related to their data.

My team and I are responsible for ensuring Mastercard’s information assets are available for innovation while navigating known and future data risks.  This means understanding our business strategy and helping to create the corresponding data strategy, it means understanding our data – the data we currently have and issues like data quality, data governance, data policies and data use, the data we need – and assisting the teams in getting the data – new data sources as well as evaluating data obtained via acquisitions and it also means identifying enterprise platforms and infrastructure that needs to change to handle our changing data needs.

What questions should companies be asking themselves when it comes to Big Data?

All organizations need to understand the context in which they are using data.  Are they using data to advance their operational efficiency or are they using data to innovate the next generation of their products and solutions, or perhaps to do both.  The answer to that question leads to the next question, which is – what data will be needed to execute against those strategic goals? Then questions about data sources, quality, governance and management need to be answered as well as issues of data architecture, security and access.

But an overarching question I think companies need to begin to think about more and more is how their data-driven product and solutions impact individuals.

Everything a company is doing around data should start with the individual and protecting that individual’s data.

We live in a world where to deliver experiences, products and services that consumers enjoy, providers use the data available to better understand their preferences, habits, characteristics.

Companies should be asking themselves if they’re being transparent enough and sharing data practices clearly and simply with users.  Are their data practices not only following data security requirements and privacy regulations in their region but is the organization using accurate and trustworthy data?  Are they able minimizing bias in their analytics and AI? And are they designing their data practices with an eye toward minimizing future risks?

We’re at the same crossroads here. Only ethical data innovation will result in sustainable results that can move society forward in meaningful ways. This is essential to allow data to deliver fully on its promise.

How can organizations strike a balance between using data to improve performance and protecting the privacy of their stakeholders?

Data is contextual, invisible and constantly changing. This makes it hard for individuals to understand, easy for it to be abused by bad actors and difficult for regulation to keep pace.

Today’s environment puts the onus on individual organizations to develop responsible data practices, balancing innovation with how that innovation will impact individuals and society. Mastercard has embraced responsible data practices since its inception – we transmit and handle the data of millions of people, financial institutions, merchants and other customers every day. As our digital world continues to evolve, data innovation must be coupled with ethical, sustainable data practices to ensure a system where everyone benefits.

We make sure our partners take privacy and security as seriously as we do. Not only are our vendors and partners contractually obligated to meet high privacy and security standards, but we review our vendors’ systems and processes as well as those of our own ever year.

In the past, the focus was on building a quality product. Now companies are focused on collecting data to profile customers and maximise profit. Data is power and we are giving ours away freely every day. Should we be paid for it? 

Consumers should always benefit from the use of their data, whether that means getting paid or receiving some other form of value like greater security, a specific service or functionality.

I think the challenge we have in many consumer interactions is that they do not understand how their information is being used and/or that the service they are receiving is in exchange for providing their data.

Biometrics is a rapidly growing method of authentication, so the way in which data is stored is crucial. How can we be sure our biometric data is safe particularly when it comes to banking?

We know that safety and security are top priorities for our customers, cardholders, merchants and other partners. That’s why we continue to develop ways to keep payments safe and cardholders reassured. We have been running pilot projects for smart cards with new biometric security such as on-board fingerprint sensors. To protect this sensitive data, we use multiple layers of security and store the biometrics in a privacy-safe way on the device itself to minimize potential risk of breach.

Hackers evolve parallel to technology, which means our data will forever be at risk. Will we ever feel truly secure when it comes to data protection?

This is something we have to think about every second of every day at Mastercard. Much of this is built on Mastercard’s legacy of trust with decades of experience.

Just as our cardholders trust that the transaction will go through whenever they tap or dip their card, they trust that their information is safe with us.

I think that as technology and data use evolves so does the need for world-class data protection and security, we have to evolve and be first-movers in protecting information.