RIABiz

News, Vision & Voice for the Advisory Community

RIABiz

Raj Udeshi invokes 'Theranos' fraud in testy exchanges over data collection with Envestnet's Bill Crager and Jud Bergman at Tiburon CEO Summit

HiddenLevers co-founder offended some audience members with his accusations, but others say he raises a valid concern: Where is the line drawn for firms capturing and selling advisor and client data?

Author Brooke Southall April 9, 2019 at 2:29 AM
no description available
Raj Udeshi took on Bill Crager then Jud Bergman about their use of client data.

Brian Murphy

Brian Murphy

April 9, 2019 — 4:50 PM
I think it's pretty clear to me what's going on here. The question of "who's data is it anyways?" is the valid one that each and every industry is going to grapple with over the coming years. From my perspective, the data is that of the end client - not the advisor, not the custodian's and certainly not 3rd party partners. If 3rd party partners want to aggregate a client's data along with others and sell it - then they should have to get direct approval from the client and possibly compensate them for that. That's the way it's meant to be. Period. Full stop.
Brooke Southall

Brooke Southall

April 9, 2019 — 5:12 PM
Brian, I got sort of left in the dust in this debate when data got parsed into individual data and de-individualized data. Ahead of the publication of this article, I never quite got clear on what the difference is and how the ethics flow in that spectrum. -Brooke
Brian Murphy

Brian Murphy

April 9, 2019 — 5:24 PM
Hi Brooke - here's how I suspect it works...let's use company "X" for the discussion to generalize. Basically if I'm company X and have access to client data I would have a hard time justifying selling the data for Client 1 or 2 individually. That would clearly be violating the privacy of each individual client. So instead, I remove all names and aggregate all the data together using different metrics....say all clients of a certain age...all clients of a certain net worth, all clients in a particular geography...all clients in a particular geography with a certain net worth. I then sell that data. So I've "de-identified" particular clients but are then selling characteristics of the entire dataset. That allows me to claim that I'm not violating anyone's individual trust, and hence don't need to disclose anything. Company X then has a new revenue source based on data sales to 3rd parties. This gets tricky, because if you boil your search query down enough you feasibly could access the data of an individual client...for example, all clients in a particular zip code of a certain age and income might drop the meaningful "aggregation pool" down to a small number of clients - perhaps just 1.
Jim Starcev

Jim Starcev

April 9, 2019 — 6:15 PM
This is an interesting topic and one financial services needs to get ahead of. With that said, it is a very difficult area with all sorts of land mines. Brian, your comments are very logical. But honestly, consumers for years have willing given away their data in order to get cheaper or free services. It would be hard to argue that anyone using Facebook, Google or 1000's of other services don't know that those companies are generating lots of money from their data. And although lots of lip service complaining about, we are really trending towards people just accepting it. Also, any firm that aggregates data should have all sorts of safeguards in place that would not allow you to query down to that small of a pool, no matter how specific your query is. So that really should not be an issue. With that said, Financial Services is really built on trust, it is not Facebook and people want to feel secure in their data. I believe their is a middle ground that exists, but it will take clear leadership to define and enforce that. I think discussion such as this are good for the industry.
Brian Murphy

Brian Murphy

April 9, 2019 — 6:42 PM
Jim - who's data is it? No disrespect, and I do understand that we've been "trending towards people just accepting it" for years. That doesn't make it legally right as Facebook and Google are finding out. So, I ask you - who's data is it? I say all personal data is that of the client. I say additionally that all transaction data is that of the client as well. Can we agree on that - or not? Now, I suggest that in such an environment advisor, custodian and/or 3rd party provider(s) have 2 options - explicitly ask end client for use of that data (with or without renumeration to the client), or deciding to withhold service to client's who don't agree to sharing their data. Actually pretty simple. The problem I think we get into is with regards to who's data it is? I think there is a case to be made that "de-identified" data created and owned by advisor, custodian or 3rd party may be justifiably there's to do so as they see fit; but it would be much more straightforward (and legally defensible) if client's acknowledged this.
Jim Starcev

Jim Starcev

April 9, 2019 — 7:00 PM
Brian: I don't have a pony in this game, I don't collect data that I use or sell. With that said it is naive to say clients own their data when they literally give their data away hundreds of times. Whenever you use your credit card, your cell phone, your email, your Alexa, when you shop on line, etc. etc. etc. you are giving away your data. It is hard then to come back and say well here I don't want to do that here and you need to pay me. It is just not going to happen. Our whole society and economy is changing on these lines and it is pervasive everywhere. And while there is a lot of bad, there is a lot of good that is coming out of that too. You need to stay in the lines (as Facebook really needs to figure out) which is why you need good leadership (thought and actual). But this issue is not going away and there are a lot of benefits to it if it can be managed correctly.
Jim Starcev

Jim Starcev

April 9, 2019 — 7:32 PM
Brian: I realized I didn't answer your question and you won't like my answer. I may not agree this is the way it should be, more the train as left the station and there is no way to bring it back. No, you no longer own your own data. You don't, I don't. When you start digging into the world of big data, it is shocking the volume of data that is being generated, collected and used, most of it on some level would be considered personal data to somebody. The explosion of IoT, sensors, cameras, facial recognition, voice recognition. Your data is being collected and used on some level at a mind boggling rate, arguably with data that is far more personal than your financial transactions. I am saying financial services would benefit from embracing, defining and putting parameters around then trying to hide from it, because honestly there is no hiding from it any more and you are always better if you control the conversation versus not.
Brooke Southall

Brooke Southall

April 9, 2019 — 7:37 PM
Jim and Brian, You really zeroed in on where the fault lines lie. What exactly does holding title to data look like and can data about individuals be completely de-individualized? Is erring in one direction or the other a net positive? Brooke
Jim Starcev

Jim Starcev

April 9, 2019 — 8:00 PM
Brooke: Interesting questions. I have no idea what holding title to data in today's world would look like, that was kind of my point. There is so much of it and it is everywhere, virtually no one can hold title to any of it. I don't think I would say you can completely deindividualize data. You can come close. But even if you do a great job, there are probably really smart people out there working on ways to do deindividualize it for nefarious reasons. A risk we are taking. I think your last question is the most interesting. I think we focus a lot on the negatives, and there are a lot of negatives to focus on. But there are a lot of positives too. My initial reaction is no, there is not a net positive in either direction. Individual areas would definitely have a net positive on one side or the other, but overall I guess I fall in the middle. As an example, I made a conscious decision to share my dna on 23 and me. That gave them a lot of really personal data that could be used to harm me. It also gave me data I wanted. I have big holes in my family history so the reports were fascinating to me. I also know the data gathered can have really positive impacts on mankind as a whole. So I weighed the good and the bad and decided to do it. I think that may define my position as well as anything.
Brooke Southall

Brooke Southall

April 9, 2019 — 8:31 PM
Jim, On the lighter side, you brought us back around to the Theranos moment with the testing of your blood (or other bodily DNA farm), though presumably 23 and me has real results :) Brooke
Brian Murphy

Brian Murphy

April 9, 2019 — 8:31 PM
Jim...yes, I've been reviewing your 23 & me data. You're right, there's a lot that we can use there! All kidding aside - I can see both sides of the debate and have presented the one I'm most favorable towards, which is clients owning their data and explicitly providing access to that data to 3rd parties for specific uses. That said, there is a wide range of possible outcomes and already blockchain based technologies being developed to address just these types of issues. Ultimately it comes down to disclosure and allowing users to opt-out - even from having their data used in "de-individualized" data sets. How that gets sorted out monetarily is a separate item. So, in answer to Brooke's questions: Holding title will likely be handled by one or more blockchain technologies. User can probably tune what data is provided to whomever they'd like for whatever compensation they'd like. so I don't necessarily believe "the train has left the station". I'd say the train is in the station. I don't know whether individual client data can be effectively "de-individualized" but fear the risk isn't so much the de-individualized data, but theft of original data sets. Again, I can see both sides to the discussion and am just giving my opinions here.
Jeff Spears

Jeff Spears

April 10, 2019 — 12:25 PM
Seems like our Industry should take a similar approach to Facebook and ask for regulations. Unfortunately we might claim to be conflict free as a shield. We need clear regulations not grey ones we can hide in the gray.
Jim Starcev

Jim Starcev

April 10, 2019 — 2:11 PM
Brooke, I think we have given you a couple more article ideas. Brian. I don't think we are as far off as we seem. I actually agree the customers give lip service to wanting what you say. It sounds good. The problem is their actions speak differently. As another example, their is probably far more private data in our inbox than in our brokerage statement. There are email services that caterer to those saying they want their data private. For $20, $25 month you can have an account that doesn't scan your email, extract data and then sell it. Yet those services barely registered on number of accounts. Everyone says why should I pay that (very relatively small amount) when I can have gmail for free. If you push them, they will even say they like that their flights and hotels automatically get pushed to their calendar, that the system will auto fill the second half of their sentences (machine learning uses large datasets of anonymized data to "learn" to do this) and even don't mind that the ads are more customized to their needs if they have to have ads. Consumers say one think but act different. Where this presents a challenge to financial services is if we follow what they say, set up a system like you describe, they will say they like it. But then let's say Google rolls out a full service RIA, that uses data to all sorts of cool things, sells the data to pay for the service and then offers it for free to customers as long as they opt in(doesn't exist today, but is not that unrealistic). I promise you people would flock to it and then we would be scrambling to remove barriers that won't allow us to compete. That is the risk. Why it is better to have a well thought out plan that is somewhere in the middle, gives some protection of the data, but also some flexibility to use it they way everyone is using it.
CFP123

CFP123

April 10, 2019 — 2:56 PM
Yes, Raj did rudely confront Kellyanne Conway at the Market Counsel Conference. You omitted the part where her reply and made him sit down sheepishly with his tail between his legs. Yes, I was there.
John D Rockefeller

John D Rockefeller

April 10, 2019 — 7:44 PM
Facebook + Amazon, and the buyers of their user data do not have to comport with fiduciary duty to end clients. Fintech platforms serving RIAs absolutely do. It's a level beyond those - to answer what is in the best interest of the client, surely it's not selling their data, even bundled up, even with safeguards.
Jim Starcev

Jim Starcev

April 11, 2019 — 2:18 PM
John, that is an excellent point, but it actually reinforces what I was saying about needing more clarity and thought leadership on this. As a fiduciary, selling client data, without disclosing that for profit would be a clear violation. However, what if your custodian is using large anonymized datasets that includes your client data to develop a better fraud detection system? You are probably ok (which is good because this is most likely happening) because it is for the benefit of the client. What if because of this, your custodian gets significantly better, fraud instances go way down and your E&O carrier reduces your premium. Could someone argue that you used client data, without disclosing it to indirectly increase your profits. If so, that would be textbook example of violating fiduciary duties, but in truth it is not either. My whole point here is that this sounds like an easy topic, data privacy for clients but at the end of the day there is a lot of devil in the details that really needs to be worked out. If you want a truly crazy example, I will use your siting of the big companies not having a fiduciary duty. What if you as a fiduciary play a role in them getting the data, even if it is completely innocent. You email your client saying your are looking forward to meeting with them next week to discuss their college funding plan. Google scans that email (because the client has a gmail account, not you) and sells information so that the client starts getting ads for Universities and SAT prep courses. You disclosed "private" information being they have a college fund that someone else used to make money. What if on top of that you own Google stock in a personal account of yours. No one would question that, but in truth you shared data with someone who made money on it and then a very, very small fraction of which came back to you. Also, as a fiduciary you can disclose that you are selling data for a profit and legally do it. I wouldn't recommend this, but I will also say that if someone did and really offered good value to the client (my example earlier of Google doing it for free), clients would sign up for it. Not all, but a lot and you could be competing against an RIA that is charging clients nothing and making their money from the clients data.
John D Rockefeller

John D Rockefeller

April 11, 2019 — 9:21 PM
You bring up some interesting aburdities - where does fiduciary duty end? It's really about bad incentives and whose getting compensated. The real Theranos in financial services was Wells Fargo - and it was just about these perverse incentives creating a toxic climate based on hidden payouts. Age old story and we got there without without fintech even.

Related Moves

Bill Crager is dropping CEO role after multiple shoes dropped; the company insists it was his 'decision' but vision, Yodlee future uncertain

The co-founder of the $5.3-trillion AUA outsourcer of software and investments was pressed to take the job under the most adverse circumstances, then second-guessed by stakeholders as he managed the cards he was dealt.

January 9, 2024 at 4:09 AM

Behind the scenes, Envestnet's board of directors had much to tussle over before finally subtracting the 'interim' from Bill Crager's CEO title

With Jud Bergman gone at a chairman, a power struggle ensued to fill that spot, and the process dragged when taking the company private came under review

April 2, 2020 at 2:34 AM

Envestnet shares popped -- up 8% today -- after Wall Street filtered out bad news and staked its bet on confidence in a new team

The Berwyn, Pa., firm sugar-coated nothing but ended up with a sweet stock price result as analysts see good outweighing bad.

February 24, 2024 at 3:33 AM

Bill Crager makes critical hire of 'step back from the numbers,' Joshua Warren, replacing 'brother' Pete D'Arrigo at CFO; Warren had a big role at BlackRock -- Envestnet's biggest stakeholder

The Envestnet CEO gets 'very, very impressive' 43 year-old BlackRock exec; the New York asset manager happens to be Envestnet's largest stakeholder.

September 27, 2023 at 2:48 AM

See more related moves

Mentioned in this article:

Tiburon Strategic Advisors
Consulting Firm
Top Executive: Charles Roame

Envestnet Inc
TAMP
Top Executive: Jud Bergman

HiddenLevers
RIA Publication
Top Executive: Eric Clarke, CEO



RIABiz Directory

The Industry Sourcebook for RIAs

   |    LISTING


RIABiz Directory sponsored by:

Directory Sponsor Logo