Skip to Content

You’re Probably Collecting Too Much Customer Data — Here’s the Sweet Spot

illustration of a balanced beam with one block on one side and a stack of blocks on the other
Be thoughtful about what data is truly necessary to provide an excellent customer experience, and reap the benefits of collecting less personal and sensitive data. [Photography by Matt Chase]

Collecting data ethically means gathering enough customer information to glean insight – but not so much that it raises privacy concerns. How do you know how much data is too much?

It’s no secret that the amount of data generated by people and collected by businesses continues to explode. And no wonder. With billions of connected devices and the lower cost of storage, it’s easier and cheaper than ever to collect as much data as possible.

But data collection can often seem like the world’s largest fishing net, tossed into the ocean, scooping up every fish in the hopes of finding the few golden morsels that will provide truly meaningful insight. How can organizations find the sweet spot between collecting enough information to give them the insight they need and yet not so much that it creates confusion or – worse – mistrust with employees, customers, and partners?

“There’s a difference between collecting the data you need for your business and collecting all the information you possibly can.”

Paula Goldman, senior vice president and chief ethical and humane use officer at Salesforce. 

“If you cast too big a net, you wind up catching a lot of stuff you never wanted to catch,” said Sean Chou, CEO and co-founder of Catalytic, a no-code workflow automation platform. 

Ethical data protection and data privacy

Indeed, serious issues around data protection, liability, ethics, and privacy (not to mention leveraging data to drive new business opportunities) have elevated data governance from the server room to the board room. In January 2020, for example, in an effort to shore up consumer protections, the U.S. Federal Trade Commission (FTC) issued a specific order mandating the elevation of data security considerations to the C-suite and board level. 

“There’s a difference between collecting the data that you need for your business to have an effective, personalized interaction with your customer and collecting all the information that you possibly can,” said Paula Goldman, senior vice president and chief ethical and humane use officer at Salesforce. 

The EU has been at the forefront of data protection and privacy, having passed the General Data Protection Regulation (GDPR) in 2016. The regulation has become a model for national laws in Chile, Brazil, Japan, South Korea, and elsewhere.

Without a sweeping national privacy law in the United States, California in 2019 became the first state to develop its own privacy act, which is also modeled on the GDPR and has since been replicated in Connecticut, Utah, Virginia, and Colorado. At the same time, U.S. businesses are starting to be more thoughtful and judicious about data collection

The sweet spot lies in being thoughtful about what data is truly necessary to provide an excellent experience, collecting less sensitive data and personally identifiable data, and relying more on first-party data.

(When Google eliminates tracking cookies from its Chrome browser in 2023, businesses will have little choice but to collect more first-party data.) 

It may even be in businesses’ best interest to collect less demographic data, generally considered low-hanging fruit. Why? Consider this example: A company may market its cosmetics exclusively to women, but it may miss a big opportunity by not collecting and analyzing behavioral-based data showing that men or nonbinary individuals also use its products.

You can use data to deliver the best, most personalized customer experience while also respecting those customers’ privacy. There isn’t really a tension between these two goals.

Paula Goldman, SVP and chief ethical and humane use officer, Salesforce

“Nobody wants misdirected messages that don’t apply to their interests or what they’re looking for,” said Goldman. “You can use data to deliver the best, most personalized customer experience while also respecting those customers’ privacy. There isn’t really a tension between these two goals.” 

Make the most of ethical data with AI

According to Statista, the total amount of data created, captured, copied, and consumed globally hit 64.2 zettabytes – measured in bytes, that’s 10 to the 21st power – in 2020. The vast majority – such as email, social media, documents, web pages, audio, photos – is unstructured. That means it has no predefined data model, is not easily searched or analyzed, and requires special processing to be understood. Unstructured data accounts for at least 80% of the data collected by enterprise organizations, according to the tech publication Datamation

This “dark data,” as it’s often referred to, is “frequently disregarded because we tend to think it’s inaccessible,” said Chou. But by doing so, organizations are leaving huge amounts of valuable business intelligence on the table. 

The sweet spot in all the dark data is applying an emerging class of artificial intelligence (AI) and machine learning analytics tools to find, structure, and analyze the data. The end result is uncovering signals, or insights, within all the data. By connecting the dots between data points, these tools uncover insights that inform and drive critical business decisions.

It’s not possible for humans to process all the data, but even if we could, we are finite in terms of the questions we ask of the data. We can only ask questions we think of.

Sean Chou, CEO and co-founder, Catalytic

“AI improves the signal quality of all the noise in your data,” said Chou. “It’s not possible for humans to process all the data, but even if we could, we are finite in terms of the questions we ask of the data. We can only ask questions we think of.” 

Using AI and machine learning to uncover signals in data likely won’t have an impact on how much data is collected, but it will help organizations make much greater sense of what they do have.

Evaluate your company’s use of ethical (or gratuitous) data

Goldman said there are some reasonable questions companies should ask themselves when gathering data: 

  • Is it sensitive or personally identifiable?
  • Would it expose you to liability in any way?
  • If it got into the wrong hands, even internally, would it cause harm?
  • Do you have, or can you anticipate, a reasonable need to use the data? 

“When business leaders ask themselves those questions, they can provide the sense that their companies are imposing some guardrails on what they’re collecting,” said Goldman. “You need to make sure there’s a reasonable need to be collecting it and that you are transparent with your customers about collecting it.”

There’s no question that data is indispensable, but the gratuitous collection of data results in extra costs, higher energy use, and the potential for breaches of privacy and other issues. The takeaway, then, is a practical one and may be summed up by the biggest hit movie of 1993, Jurassic Park: Incredulous about the carefree cloning of dangerous dinosaurs, Jeff Goldblum’s Dr. Ian Malcolm said the park’s scientists “were so preoccupied with whether or not they could, they didn’t stop to think if they should.”

Get smart about data security

Laws and regulations around collecting, using and protecting personal data are constantly evolving, and vary by industry and geography. You need to know the basics.

Lisa Lee Contributing Editor, Salesforce

Lisa Lee is a contributing editor at Salesforce. She has written about technology and its impact on business for more than 25 years. Prior to Salesforce, she was an award-winning journalist with Forbes.com and other publications.

More by Lisa

Get the latest articles in your inbox.