And they did: all that additional data value went to Amazon rather than AOL. More than a decade later, SMAC services customers are still at risk for data leakage with these deals. Companies should review all service provider contracts and forms and develop provisions that address data rights and licenses in order to increase the value gains from their own data, says Peterson.
3. Inability to Comply With Current or New Data Laws
Managing compliance with data protection laws in a global economy is no small task. Intellectual property (IP) and privacy protections for data and insights vary widely. European Union laws confer IP rights in databases but also give individuals the right to obtain information about -- and, in some cases, require the removal of -- their data companies have collected about them in their databases.
The EU also limits the use and transfer of personally identifiable information. No such protections exist in the U.S. where a patchwork of federal and state laws must be managed. Companies must make sure both they and their SMAC providers remain in compliance with evolving legislation around the world.
4. Liability for Failure to Protect, Analyze or Disclose Your Data
The more data a company and its SMAC providers collect, the greater the risk that the data will be exposed. And, in many cases, the cost of exposure outweighs the value of that data itself. Peterson advises companies to review their own data retention policies, which may have been written before they started collecting data generated by social media and mobile devices. They should do the same for any new providers.
5. Liability for Discriminatory or Other Illegal Uses of Conclusions Gleaned From SMAC
Errors and poor correlations are a real problem at the juncture of social, mobile, analytics and cloud services.
Even when data and analyses are accurate, actions taken based on the insights might violate laws. John Podesta, the White House advisor in charge of the Obama administration's big data and privacy working group, in May raised concerns about "the potential for big data analytics to lead to discriminatory outcomes and to circumvent longstanding civil rights protections in housing, employment, credit, and the consumer marketplace."
Companies, in working with their SMAC providers, might increase profits by analyzing social and mobile activity that could also amount to discriminatory or otherwise illegal use of that data.
Peterson says he expects to see new laws and expanded interpretations of existing laws that make companies liable for activities that might seem to be legal today. Companies should remain diligent to ensure both they and their SMAC providers remain in compliance with current and future laws.
Companies should not wait for the risks associated with social, mobile, analytics and cloud outsourcing contracts to be settled before addressing them. "Act now," advises Peterson. "The risks are easier to mitigate and the value is easier to capture now than down the road."
Sign up for CIO Asia eNewsletters.