TechTalk ep 13: Data: To govern, or not to govern: that is (never) the question

Paramita: Hello and welcome to PwC Luxembourg TechTalk. Continuing with our series on A.I. and data today I talk with Loic Dumont, Manager, Industry and Services about data governance.

Paramita: Hello Loic. Welcome to our show. We are doing a series of mini episodes basically on A.I. and data.

Last week we had a really fantastic talk with Andreas Braun and we spoke of ethical A.I. you know integrating ethics A.I. and today with you... It's because we spoke of ethics and when we talk about data now I think since a few years people have really woken up to the fact that data needs to be handled ethically.

So ethics is also very much present. You know the topic of ethics is very much present when we talk about data and we'll talk of data governance with you. First of all before going into what is data governance why do we talk about governance. I mean because some people might find the word governance a little I don't know... Because data is something intangible. Why do we call it governance and not management or you know. Why do you think.

Loic: For me it's a little bit like in the physical world. So you have your I.D. and beside your I.D. you have your personal address. You have maybe as well the relatives that you have into your family. And for me as you want to be protective with your family you want to be protective as well as your data. Because for a lot of experts, data is the new gold mine. We see a lot of articles as well in the media. So I'm taking the example of Facebook or Google. And this usage that they're doing about our data and yes data governance try to tackle this challenge about your private life. So it's really as well an ethical debate for me data governance... What must stay private. So really all the data protection aspect and what is freely into the public domain and what is the usage of these data.

Paramita: I'll come back to the you know the questions about what other data governance strategies that businesses use these days. But I remember when I spoke to you over the phone some weeks before and we were talking about data governance you said something that was quite interesting. You said that it's almost metaphysical talking about data governance.

Do you remember that. Why do you think that it's almost metaphysical?

Loic: I'm coming back to your first point it's something which is intangible. It can be located everywhere and nowhere. If you take data centres... They are applying the same rules for protecting these data centres as they do for banks. So we are somewhere in the Holy Grail level for me and because it's a very challenging discussion today because we have more and more and more data. So if you take a statistic about amplification of data. It's exponential every day. But the real challenge it's how to dive, and to crawl and to find values as well in this big universe. So for me it's like sometimes discovering that the sky or looking at the sky and to find really one point. So it's like something really gigantic and the navigation in this ocean can be quite tricky but now we have methodologies and so on and speaking about metaphysics, it's also I would say science.

Paramita: Yeah. So it's almost like deciphering the mysteries of an unknown universe or something.

So, OK, coming back to our strategies of data governance, what do businesses use these days. Are there any specific strategies of data governance?

Loic: I think going back to a couple of years ago it was quite easy because all the data were located on your own premise. There were already some issues with data. But we were not collecting data from a lot of sources. Today because we are opening all of this first to the cloud, so what you manage as business application, portals for customer relationship and so on. But this is still almost your own system but you are opening as well to other data and they can be geographic data, it can be traffic data. It can be rain data. It can be everything.  And then you need to combine all of this and I'm coming back to the same point to bring value for the business based on all these data.

Paramita: So what would you say are the best practices. Because I've heard a lot about good data governance, so what is good data governance? Are there certain best practices that you would recommend?

Loic: For me there is... I will be quite relative by saying this is good or this is bad data governance because for me all the time the starting point is you need to have something adapted compared to the maturity of your company. Because if you come with the best solution, the best tools and so on and the team is not ready or the mentality is not there you need to come with value and quick wins at the beginning and so on instead of creating a big revolution. Because I have never seen any company or any clients who want to really to evolve really fast in this direction because you are a little bit the policeman when you are speaking about rules, restriction, governance and so on. But at the end, every customer, when there are some valuable input and asset, discover that these rules are necessary. And the first maybe big input today, and the hot topic today is all these GDPR regulation which is for me a form of governance because the public opinion and also the legal aspect have decided that we want to protect personal data. This is a big drive as well for the business because after years and years you don't know all the time where your data is located. What's inside the different databases and so on. So it's a big revamping and I would say a retro engineering concept that every company and as well all the individuals because it's us. It's also your case when you add I don't know eight social media accounts, all the traces that you leave which are public today. The right to be forgotten it is very important because today you have when we speak about recruitment you leave your personal data you know in a lot of recruitment system. At your side you have the right to be forgotten but at the company side they need to put in place all the measures which are necessary to forget you. You have everything which is related to reselling data to a third party which is as well a big topic. And now more and more we are speaking about privacy by design. And I think all the vendors now they have embedded Privacy by Design and a GDPR policy into their tools. But for me we still need to progress on this because it you have the reality where you have a project you need to deliver and you need to be fast because time is easy is money. But at the other side you need to comply as well with the regulation, your internal policies and so on. And between the theory and the practice for me it's the best compromise I would say is to stay quite pragmatic. So don't want to put too much rules to the business because too much rule can kill the nature of flexibilities. But do what is required at least to protect your client, to protect your employee and not to spread all this information everywhere without applying cautiousness.

Paramita: Is data governance and data management, they're the same thing? Or are they two different things?

Loic: Data governance is a part of data management. You have data architecture within data management. You have all the migration topics as well.

Paramita: So data governance is a part of data management. I'm sorry I'm just digressing but what is data management then? It includes what?

Loic: Data management is like I said data architecture topics, data governance, data quality.

Paramita: And data analysis as well?

Loic: I will say data management is all the lifecycle of a data. From its creation or from when you can get them to if you transfer them and make them available because you have structured data and unstructured data. So it's everywhere. It can be PDF, your payslip, your customer account and how do you manage all the lifecycle of these data is data management.

Paramita: In a company like ours, when we say data governance what data are we talking about? Are we talking about the employee data...?

Loic: It can be the document that you cannot classify first and you say this is very critical for me are not . This is public this is really private and this is confidential.

Paramita: So everything that we produce comes under data governance in the sense what we produce as employee you know the documents that we produce and then the documents from clients that we receive.

Loic: Oh yeah. Everything that every piece of information for me is data. It can be external data and we are starting from your business card. We are speaking about the business card that we collect during a meeting from a client.

Paramita: Wow. Even that come comes under the Data Governance scope.

Loic: Yeah. Can I leave this card somewhere on my desk or the cafeteria and so on.

And this is very important as well because we are an audit firm. So even if you are not an auditor you are linked by the firm to do some regulation and protecting the data of your client and as well the obligation inside to protect the data of your employee it is as well for me the Holy Grail.

Paramita: I can't imagine the amount of data you have to sift through every day. But for that you have proper tools I suppose?

Loic: There is a lot of tools and methods to control but that's more and more complex because it's growing. Not all your data are managed internally. So let's think about Office 365. Think about the Google suite. The thing about all of this.

So how do we use all these external tools and how do we ensure that we are compliant. How do we put the rules in place as well for all your employees, your partners and so on to be sure that it's as well compliant with your internal policies. Because it's not just having a tool then you need to define as well the usage of this tool. What do I allow? Can I prevent something to happen? How do I prevent? Because when we say too many rules can kill the rules, it's as well true for a tool.

Paramita: Yeah speaking of these tools are there any new trends new developments that we should watch for?

Loic: Yeah we have more and more requests and more and more discussion from clients first to bring some method into their data practice, their data protection.

So it's really methodologically aspect plus policy accept into their governance. They're looking as well for more traditional tools I would say to improve the governance and to detect abnormal usage of data and to predict as well as some behaviour of the people before it happens and I think we will move quite quickly by using the artificial intelligence as well iIn all these topics. It's not really only data governance. But for me I think that artificial intelligence because it's very good in massive amounts and repetitive task. Why should I use someone in a master management team I would say to oversee huge amounts of data when an artificial intelligence can detect, learn and define patterns.

Paramita: So it's basically A.I., the advance of AI...

Loic: Not only because you need to have... That's really very challenging because you still need to have human brain and human input on this because it really depends on industries. The way that you drive certain industry, you create typical behaviour, typical data. Some are overly regulated or regulated and some are almost not. You need to still have the brain juice behind these tools to drive your company in a certain way.

Paramita: OK on that note, I think we're going to end our conversation. Like you said it's almost metaphysical. It's such a vast vast topic and I really think a mini episode on data is doing kind of injustice to data. But you know time constraints. So... thank you so much.

Loic: Thank you very much. Really pleased to do this quick chat.

Paramita: So that was Loic Dumont. I hope you gained some insight on the importance of data governance in business and hope you tune in next week to explore a bit more of his vast universe that is data. I'll see you next time.