The ethics of data and privacy: take a page from the life insurance industry

More often than I’d like to admit, I find myself talking about life insurance at cocktail parties. The typical reaction I get when people learn that I founded the first life insurance startup that sells a policy entirely online is one of excitement, followed by, “Can I buy a policy from you?” Inevitably, the conversation heads toward how we were able to accomplish this. The secret sauce to what we’ve done? Analyzing data in real-time  –  a response that usually causes a moment of pause. The world of big data, which we hear so much about, crashing into something as personal and sensitive as life insurance makes people rightfully cautious. But it’s not just Haven Life that uses data to render a decision.

The data collected and analyzed on applicants is the lifeblood of the industry . What should cause reassurance is that the life insurance industry is adept at the responsible and ethical usage of big data because of its obligation (as also enforced by regulators) to avoid unlawful discrimination and to hold itself accountable for the decisions provided to consumers.

Two Things the Life Insurance Industry Does Better Than Most with Big Data

We’re in the business of protecting families financially if the unexpected occurs. To insure customers, we collect information  –  like medical histories, prescription lists, and even lab data from a blood and urine test  –  and use all that in an underwriting algorithm to determine coverage eligibility and pricing.

With access to all that information comes a responsibility not to discriminate against applicants unfairly and to hold ourselves accountable for the decisions our underwriting algorithms come up with. The life insurance industry has figured this out better than most.

Careful Attention to Discrimination Issues

The life insurance industry is better than others in dealing with issues of discrimination not because we have fully ‘solved’ the problem, but because we are used to asking questions that could cause unfair discrimination and have worked through dealing with them fairly either internally and in adherence to industry regulations.

We never underwrite based on factors like race or ethnicity. Yet we do explicitly underwrite based on age and gender (life insurance costs less for women .)

But where’s the line? Let’s take a few examples:

1. Family history of cancer: If the father of an insurance applicant had cancer before a certain age, life insurers typically take that into account, and it may impact what risk class the applicant is put in. That seems reasonable. But, what if the father had smoking-related lung cancer and the applicant never smoked a day in his or her life? We do generally still consider this a negative, but by itself, it may not keep an applicant from qualifying for the best rate class.

2. Suppose I tell you that Wyoming has 27.48 traffic deaths per 100,000 people. Comparatively, Massachusetts has 4.79 deaths per 100,000 people. Should we be able to charge Wyoming residents a higher rate? Or would that be unjust discrimination? The industry has taken the position that we should not and cannot underwrite with this type of data because the aggregate numbers don’t tell us specifically if you are a good or bad driver.

3. Or what about the fact that white women have a 13 percentage risk of getting breast cancer in their lifetime compared to Asian women who have a 10 percentage risk. Should Asian women get a price break? Again, the industry has taken the view that using ethnicity or race as a factor in underwriting would be unfair discrimination, so this type of information isn’t considered.

In practice, most anti-discrimination rules are enforced by regulators who review the questions that we can ask in the life insurance application process and hold us accountable for how we can apply those answers to risk classes.

Areas of discrimination are likely to surface in many different industries and contexts, but the life insurance industry has a long history of thinking them through and protecting itself against the risk of using data improperly.

Holding Algorithms and Ourselves Accountable to Decisions

If I throw 100 variables about a person into a model and ask it to spit back a prediction, it may not always be clear what is driving the result because the interactions between the different variables can get complicated.

While in some industries that may be okay, in the life insurance space we are always cognizant of the fact that ultimately, someone needs to be able to tell a life insurance applicant why they were declined coverage or why they got the price they did.

There’s even a legal structure for this requirement: The Adverse Underwriting Decision letter, where we are legally bound to inform customers about ‘adverse’ decisions we make and also need to ensure they understand they have the right to an explanation for the decision.

Imagine if the same requirement held true for other industries who use data to make product decisions about you or for you. It could be transformational and would likely make the industry rethink how it collects and analyzes data.

Perhaps Google should tell me more clearly why I am getting the ads that I do? Or Netflix should tell me what shows and movies it has decided that I’m not interested in and why?

Two Things the Life Insurance Industry Could Do Better when it Comes to Big Data

Use the Data We Already Have Access To

Do some digging on the future of life insurance, and you will see a vision of game-changing data sets. In this perfect picture, insurers will use electronic medical records in real time; health trackers and Apple Watches will provide a deluge of daily, health-related information that will improve customer engagement and ultimately, lead to better premium prices for healthier individuals or those who have improved their health.

The practical reality is that few insurers effectively use the information already available to them. Your typical insurer already has (or could have) access to tons of data: prescription histories, motor vehicle records, background checks, website visitor data, and more.

How many insurers make a concerted effort to bring all this data together to make sense of it? And how many think about how to create different experiences or products based on it?

We took a different approach with Haven Life. Instead of asking to access more information from potential customers, we make an immediate decision on applications by making sense of data that’s already being utilized by the industry. And we do this in real-time.

Customers receive a tangible benefit in return for the health information we ask them to provide during the application process in the form of a real-time decision and, in some cases, without requiring a medical exam.

Sometimes it feels like we are all in a race to create wellness programs that give customers discounts. But is the possibility of a discount enough to justify a potential invasion of privacy? Do customers really want us involved in their daily life? When does incentive cross over to feel more like punishment? And why us over their health care providers or employers?

Just to be clear: it’s not that I don’t think there won’t be value in these new datasets. There definitely will be. However, rather than race to collect new data, there’s information already available that we can better utilize.

Rather than lead with the data, it would be good to start with customer value. The rest usually follows from there.

Give Customers More Control Over Their Data

When I think about what we are doing with Haven Life, this is where I feel we can most improve. Few companies are good at letting you understand what data they collect about you and even fewer are good at letting you take action based on it.

Google is one of the exceptions. Through its ‘activity’ control center, Google clearly shows you the kinds of data they collect about you, tell you why (to make “Google services a lot more useful to you”), and give you the ability to turn off that data collection.

haven_life

It’s my opinion that customers own their data. And being owners of their data, customers have a right to understand what data we get about them, review it, and take action on it.

In life insurance, the data we collect for underwriting purposes (such as Motor Vehicle Records) is often subject to the Fair Credit Reporting Act. What this means is that, ultimately, if a customer wants to know what insights we gathered on them in our decision-making process, they have the right to do so. And we are obligated to provide them with the data so that customers can correct inaccuracies if they exist.

In practice, what happens is that the vendors we use for this data take on the responsibility. For example, if a Haven Life customer writes us a paper letter (which they would be required to do) and asks to see the Motor Vehicle Records we pulled, we would provide them with a copy and then refer them to our third-party vendor to take action on any discrepancies. That vendor would then work with the customer on any validation and correction of information.

We don’t do this to be difficult. Creating a transparent and controlled world is difficult when many parties are providing the data, and the regulations around the data are very complex. Still, it’s no reason not to try and give customers more control of their data.

Confidential Sharing of Data (By Choice) Doesn’t Mean Privacy is Dead

The use of big data in life insurance is a large, controversial topic, and I haven’t come close to touching on all the relevant and important issues that it brings up. That said, I know some will say that the use of data I’ve talked about signals the death of privacy.

I don’t agree.

I don’t believe privacy has been compromised if a person chooses to share personal information confidentially and:

  • Understands exactly what data they are sharing
  • Knows the value they get in return for the data
  • Has confidence that this data won’t be shared with others without consent
  • Has confidence that the company has taken the necessary steps to reduce the risk of data being compromised
  • Can control the data collected on them and correct any inaccuracies

The complexity and richness of data that may be available to us in the future are bound to raise a new set of questions and challenges . The life insurance industry, from my perspective, has a strong start on getting this right.