In yesterday’s post, I outlined why the public have ethical issues with the aggregation of data. In this second post, I’ll explore the implications this has for insurers.
Insurers are aggregating increasing amounts of data about us for two reasons: firstly, to gain underwriting insight that will improve portfolio performance and secondly, to build a better picture of a policyholder beyond the ‘reasonable disclosures’ allowed under the new Consumer Insurance (Disclosure and Representations) Act 2012.
This trend is not without risk. Data quality is an already recognised factor. Insurers can be more confident of data they receive from the DVLA than that garnered from a policyholder’s social networking accounts (something I’ve previously referred to as ‘anecdotal underwriting’). Data disclosed in such differing circumstances can hardly be aggregated without the profile of a policyholder becoming distorted.
The use of aggregated data raises some complex ethical and operational issues for insurers. This is because privacy concerns around aggregated data are founded not just on the bringing together of the data, but also on how meaning is drawn from it. In other words, how the computerised algorithms are programmed to draw conclusions and how those conclusions then influence underwriting and claims decisions.
Will an underwriting profile built up from a mix of policyholder declared information and data aggregated from various sources allow the insurer to properly weigh up a subsequent claim? How confident can the claims manager be about the data upon which she may have to turn down a claim? Will her claims file even tell her the origins and quality of an item of information crucial to her final decision?
Any attempt to head off such risks with a carte blanche declaration at inception or renewal about truthfulness is unlikely to stand up in court. The policyholder may give consent to the insurer accessing specific sources of data, but can hardly vouch for the way in which the insurer puts those sources together and draws conclusions from it. If consent is requested on a more general basis, the policyholder can hardly vouch for the provenance of data obtained from sources they know nothing about.
Few policyholders would vouch for the truthfulness of what an insurer might find in their social networking accounts. Turning down a claim because of something said only as a joke on Facebook five years ago is hardly fair.
The aggregation of data could have implications for the Insurance Fraud Register (IFR). Claimants labelled as fraudulent are unlikely to look kindly upon the IFR if the key data upon which their claim was turned down turns out to have been aggregated from a variety of sources, some of questionable reliability.
So how should an insurer approach the aggregation of data in ways that account for such privacy concerns and such operational challenges? Clearly, the starting point is to take those privacy concerns on board at the design and implementation stages of your data aggregation. Here are three particular themes to consider:
- Take the provenance of data very seriously
- Be robust about how you weigh up the reliability of different data sources
- Take a precautionary approach to the conclusions you draw from aggregated data