December 22, 2021
The Fine Line Between Public and Private Data
As underwriters and others use data sets such as those provided and analyzed by Praedicat and Verisk and others to make underwriting decisions (see our story, “The Future of Underwriting”), there is often a fine line between what is public and what is private information.
Where does one draw that line?
A recent incident reported in Insurance Journal illustrates the situation.
When night fell, a clerk at a bustling 24-hour MotoMart flipped a switch from behind the counter. Electromagnetic locks sealed the doorway. A window sign, now illuminated in red, warned “facial recognition technology in use” and directed customers to “look up at the camera.” A woman who wanted cigarettes was locked out. Confused at first, she quickly realized that she needed to remove her medical mask. After her unobstructed facial image was scanned into a store computer, then screened against the company’s photo archives of previous customers convicted of store-related crimes, the doors clicked open.
The woman was in Missouri. If she had been a few miles away, in Illinois, what happened to her would be illegal. In Illinois, private sector companies and institutions are prohibited from collecting biometric data from unsuspecting citizens under any circumstances.
Is social media data that much different from biometric data such a photograph? Should businesses and individuals be protected from underwriters using social media to make evaluations? Should individuals at least be entitled to give their permission first? Or is the incident at the MotoMart something altogether different?