top of page

Mike McDonald.

AI and Customer Privacy: Navigating the Tightrope

  • Writer: mikemcdonald88
    mikemcdonald88
  • Feb 26
  • 3 min read

Do you remember a time when those google targeted ads first started appearing in your myspace and facebook feed? I do, and it felt like magic, or possibly more like someone was spying on your activities and conversations.


As someone who has followed AI advancements closely over the years both personally and professionally, I have witnessed them become ever increasingly clever at gathering and and analysing customer data. It is both impressive and scarey. Like teaching a dog its first trick to then find it a day later doing backflips.


The Privacy Paradox

Picture this: You're browsing online for a birthday gift, and suddenly your AI shopping assistant knows not only what you might buy but also your budget, style preferences and (somehow) that you're shopping last-minute. Extremely convenient, but extremely unsettling at the same time.


The ethical implications of AI data collection extend beyond convenience. When AI systems analyse our digital footprints, they can infer sensitive information about our health, financial status and personal relationships (often without explicit consent). This raises fundamental questions about data ownership and individual autonomy in our digital age.


The question should not be whether AI should collect your data, as that ship has sailed. But how can we make it less like Nineteen Eighty-Four’s Big Brother and more like a trusted personal assistant.



Making Privacy Protection Actually Work

Let's get practical about this. As a colleague of mine used to say, "Security is not a feature, it's a foundation." Here is what actually works:


  • Straight Talk: Skip the legal jargon. Tell customers what you're collecting and why, in plain English. Think less 'pursuant to subsection whatever' and more 'we use your purchase history to suggest products you might like.'

  • Data Diet: Just because you can collect everything, that does not mean you should. It is like going to an all you can eat buffet, just because it is available, it does not mean you need to have four puddings.

  • Swiss Vault Approach: Equifax had a hugely impactful and high profile data breach in 2017 costing them $700million in settlements, this is exactly what we need to avoid. Regular security audits are not exciting, but neither is explaining to customers why their data is floating around the dark web.


Perhaps what we need is our own version of Asimov's Three Laws for AI privacy, providing an agreed approach that business and the Data / AI community can get behind to improve transparency and standards.


The Personalisation Sweet Spot

Marketing in the privacy era is possible. Effective personalisation can be achieved while also respecting user’s privacy through strategies such as:


  • Contextual targeting instead of personal data tracking

  • Giving customers granular control over their data preferences

  • Using differential privacy techniques to protect individual data

  • Testing marketing effectiveness with anonymised cohorts rather than individual profiles


Finding the balance between helpful and creepy is an art. Think of it like making a cup of tea for someone, you might know they take two sugars, but announcing you have memorised their entire Starbucks order history since 2020 is a little much.



What About the Rule Book?

Data protections like CCPA in California and GDPR in Europe were good starting points, but they're already starting to show their age. It is like trying to regulate space travel with maritime law, the intention is present, but the framework needs updating.


Looking Ahead

AI is not going anywhere, but we can shape how it develops moving forwards. The future of AI and privacy is not about building higher walls, it is about building better bridges between technology and trust.



References:

Submitted as part of my MBA studies

 
 
bottom of page