Save content
Have you found this content useful? Use the button above to save it to your profile.
Hacker looking at data

Ensuring You Are Not Complicit in Data Mining


The emergence of cloud accounting has enabled tech vendors to mine clients' data, to the chagrin of some accounting professionals. In this article, accounting guru Clayton Oates explains how data mining works and why it's important for CPAs and others to fully understand the terms and conditions before they partner with software vendors.

10th Nov 2021
Save content
Have you found this content useful? Use the button above to save it to your profile.

If “data is the new oil,” is cloud accounting software the pipeline to access this untapped resource?

Should accounting professionals be concerned about the ability to tap into (and mine) data that was previously siloed on individual desktops and servers of SMBs? Are we ethically obligated to alert clients to the possibility this could be happening? 

What is Data Mining?

Broadly speaking, data mining is a process of extracting patterns in large data sets, and whilst the data is not removed in the traditional sense of mining a finite resource, the results reveal otherwise hidden insights that benefit the party doing the mining. Allowing accounting tech vendors to peer into the financials of individual customers has long been regarded by the accounting profession as a bridge too far and also as an encroachment on the domain of the trained professionals who are equipped to discern insights and advise accordingly.

Now that the pipe to the oil is being laid and the data is flowing, should accounting professionals be concerned? After all, isn’t individual client data aggregated and anonymized when these large data sets are analyzed? The answer is no, not always. 

What if it were possible for a tech vendor to view clients’ financials at any time and use this knowledge to market services to the client, such as financing for those experiencing cash flow problems? What if the vendor were to offer loans only from one of their related entities without the client having any idea that their “private”financials had been mined? You, as their accountant, would be equally unaware of what had happened behind the scenes. While this scenario may seem fanciful, it is exactly what is happening with some accounting tech vendors. How do you feel about this?

Blind Trust

When I first realized this was happening, I was shocked. I saw it as a massive overreach by the vendor. I was embarrassed that I hadn’t fully read or understood the end-user license agreement, instead skimming over the terms and conditions in my eagerness to partner with the vendor, and I was concerned that I may have put my relationship with my client in jeopardy. After all, the client’s financial position is sacred and private and should only be shared with their express authority. What if my partnership with a software vendor to deliver a software product that I truly believed would benefit the client had actually created a breach of trust?

It Can Be Done, But Should It Be?

To be clear, not all vendors do this, and I’m not suggesting that it’s illegal. If a vendor wants to mine individual client data files, perhaps they are entitled to do so. However, the issue is that the practice of data mining appears to be covert and largely unknown (or perhaps ignored) by the accounting and finance profession. 

It’s in the Terms and Conditions

So, how are vendors allowed to do this? It’s likely in the terms and conditions that you (or your client) agreed to!

For example, you may see wording like this in the vendor privacy statement:

"The personal information we use includes... information about your activities, your interests and preferences; insights about your finances or your business; the content you place on our Platform." 

The privacy statement may also indicate that personal information is used for the following purposes:

  • Evaluate eligibility for financial offers, products and services
  • Advertise and market services and experiences
  • Personalize the user experience and tailor recommendations and offers, including through the development of insights about the user

Few of us fully read and understand the terms; we simply click “agree” and move on. However, it’s now necessary to read the terms and understand their true meaning and real-world applications so you can inform your clients before signing them up.

Tech companies should remove the legalese in their terms so they are easier to understand, and I am seeing a shift toward using more plain language. However, legal terms like “without limiting,” “amongst others include” and “subject to change” still remain. Specifying what they won’t do might be more useful. 

The Cloud

The cloud has enabled new ways of connecting and interacting with clients, providing leverage for firms and the SMBs we serve. With the cloud came a renewed focus on the trust and influence accounting professionals have with our clients, who are potential customers of the vendor. Despite this exciting development, accounting professionals should remain diligent, as vendors often have their own interests in mind. 

Making Sure We Are Part of the Solution

You are more influential than you think, so act accordingly. Remember we are here to serve our clients, and we partner with software vendors to enhance the businesses and lives of our clients. We are their confidantes and conduits to a better future, and our actions should reflect this. 

I recommend taking the following steps to ensure you’re protecting your clients:

  • Read the terms and conditions carefully, and understand their implications. Ensure that your client also fully understands and agrees to them.
  • Provide up-front full disclosure to your client. Communicate with clients about the opportunities and potential threats of using a cloud-based platform.
  • Lobby for clear and effective “opt in” and “opt out” functions within software that unlock any data-mining opportunity for the vendor.
  • Know the vendor’s philosophy regarding client data (e.g., who “owns” the data?).
  • Understand how a client can remove all of their data from a vendor’s platform (or, in tech terms, how they can exercise their right to be forgotten). 
  • Determine if the vendor is selling (and enhancing) a software solution or mining for data.

When you ask the vendor questions, pay attention to whether they are responsive and give straight answers about how they intend to use client data. 

Differentiators Are Emerging

Fortunately, we are in a competitive marketplace (and may this always be the case). I’d encourage you to seek answers to your questions and align with vendors who demonstrate shared ethics and values. This may mean making the tough but inevitable decision to pause or cease recommending a solution that you have partnered with for many years. 

There is a sense that we are entering a new era, where discernment as to who is an “ethical data custodian” and who is not will be foundational to continuing and emerging partnerships. What this era may look like is a topic we will cover in next month’s article.

Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.