Whenever a shopper goes online, swips his/her loyalty card, or even when he/she takes an insurance he/she leaves an electronic footprint. Companies that strive to know and serve their customers, but run this trail at the expense of augmented legal and ethical responsibilities have a priceless offering. Stricter legislation like the CCPA in the US and the GDPR in Europe have increased the size of the scale beyond compliance and to proactive protection of customer information. At the same time, in-store purchases and clicks in the app are so significant and convoluted that it is hard to unite and protect them. The development of an insight-driven and privacy-aware Customer Data Platform (CDP) has become the balancing act of all balancing acts at the eyes of many companies.
He has been an enterprise program veteran and spent time in very complex and sensitive retail and insurance environments with minimal difficulty striking a balance between the two, and it is why eight individuals can hardly rival Selvakumar Kalyanasundaram when it comes to their experience in data-platform leadership. Because he developed the Enterprise Data Fabric of Walmart and was the most active leader of the cloud migration of healthcare payers, his work has always been aimed at eliminating the paradox of two seemingly rather conflicting priorities, data utility, and data protection.
I have never even thought of analytics as being hampered by privacy, and it can be an accelerant, he said, provided you build it into the product. The real trick about doing this is to actually come up with systems that can recognize what can be used by whom and by what purpose without slacking business down.
The retail industry has silos and is notorious in delaying the decision-making process. Under Selvakumar, massive projects to shred store, e-commerce, third-party information into individual CDPs have taken place. The challenge? Integrating them without disrupting the existing reporting and breaking the compliance rules.
He helped in the deployment of an Enterprise Data Fabric at Walmart that contained domains such as supply chain to HR and determined quality and lineage standards in the process. You blow up discrepancies, you blow up silos as you blow up, he said. This combination of entity, time and geography layer will mean that there will be a reduction in the number of reconciliation cycles which will make people trust the numbers. The pay-off was a time-to-insight decreased by the pricing and merchandising teams and physical decrease of sales-variance defects.
One of the most thorny problems in the creation of a CDP is identity resolution that connects one customer profile to many IDs, systems, and channels. This ought not to be done into regulated industries at the cost of unnecessary revelation of Personally Identifiable Information (PII).
Selvakumar realized that the solution to the heterogenous IDs has been to consolidate them into privacy-sensitive 360-degree customer profiles, where tokenization may be applied to obscure PII and implement purpose-based access. It played a crucial role in these sorts of projects like the CKP-style customer unification at Walmart/TCS, cross-channel identity and preferences needed to be the input to the two engines of analytics and personalization.
According to him, the marketing team must be based on the behavior patterns without ever having access to raw PII. On the one hand, data utility and on the other hand, privacy guarantees, that is our advantage.
Migration to the cloud is more rapid and scaled and in the context of such firms in the retail and insurance segments, it is associated with new governance problems. Selvakumar has implemented a few of the Hadoop to Google Cloud migrations, including a big healthcare payer. Not only were these transitions accompanied by changing the data, but they were also accompanied by updating the privacy settings and decommissioning the costly old clusters.
The dual-run cutovers which would imply running the old and new systems would be needed in order that no downtime and broken SLAs would be experienced. The result: infrastructure costs reduction, access control, and current analytics workload readiness.
The capacity to adhere to the laws of data privacy may sometimes be determined by the promptness and thoroughness with which organizations would respond to the Data Subject Access Requests (DSARs), including the right to erasure. The paperwork is a burden and it is prone to errors and expenses.
This was handled by Selvakumar where he automated the process of presentation and deletion of CCPA in a broad variety of systems: HDFS, Hive, BigQuery and identity management systems. These were lineage based workflows and were entirely auditable and were deleted deterministically.
He asserted that privacy SLAs are needed like uptime SLAs. In the case when you are not able to prove that you have deleted data, then you have not deleted data.
A CDP can not be privacy conscious through technology, culture, and process are equally vital. He added privacy checks, data inspection and data contracts to CI/CD pipelines where teams could speed without compromising with laws and regulations.
Privacy cannot be an off-shoot, handled by a different department, he added. It has to co-exist in the processes that build and roll out your data products.
Selvakumar points out new trends that are changing architecture of CDPs as they change. Policy-as-code will transform rules of compliance into a real code that can be run and tested as any other code. The use of artificial data will offer safe testing environments without endangering the real customer data. Consent enforcement in real-time will be done at the edge of activation, email, advertisements, and applications so that an organization can switch at any time based on the consent issued by the customer.
Most likely, and most relevant, he propagates the fact that privacy is not a restricting aspect, but a differentiating aspect. According to him, the customers will trust a lot and stick to the brands that will pay attention to their information. It can be the strength in a flooded market.
The path to a privacy-aware CDP is a long and a complex one to both retailers and insurers. It can, however, and must be so, in the case of the work of Selvakumar. The combination of robust privacy architecture and agile, safeguarded access to data is what organizations will open the keys to what they are seeking, as well as honor the rights of the people to whom they are providing services.
