We have received much feedback from our customers over the past several months on whether, and to what extent, EZLynx will integrate with various third-party services beyond our current integrations. I understand why our customers are frustrated with the slow progress on this front. I felt it was my personal responsibility to explain why we have moved cautiously thus far and elaborate on some of the implications for EZLynx and our agents when integrating with services like these.
I want to make it clear up front that EZLynx considers any data input into our product as belonging to the agency that put it there, and they have full rights over this data with appropriate permissions from the consumer. They can request a complete data backup for a small fee any time, for any reason. We are simply custodians of this data, and we take this responsibility very seriously. By extension, you are also a custodian of the data of each consumer that you do business with. While you have entrusted us with storing and securing that data, your consumers have likewise entrusted you with their data, oblivious to your relationship with us or any other vendor. As consumers, we all tend to believe that we ultimately own our own data, regardless of whether it is being stored on Google, Facebook, Microsoft, Apple, or even EZLynx.
EZLynx is a big proponent of industry standards for the purposes of third-party systems being able to talk to each other. This makes an agent’s life much easier. But we also realize how sensitive some of the data that our agents collect from their customers is, and this data gets stored in our system. This information includes personally identifiable information (PII) for all drivers, family members, and commercial contacts of the applicant, credit scoring information, personal information like financial assets owned to include schedules for jewelry, watches and other valuable items, home security details, and driving incidents, including DUI information. The list goes on and on.
I have no doubt in my mind that when a consumer shares their personal information with an insurance agent, they did not agree to, nor was it their intention, that the agent would turn around and make that information available to a variety of third-party services, some of which are not even part of the insurance industry, and many of whom are not even based in the United States. It is quite possible, even very likely, for this kind of information to fall into the wrong hands. In this age of data breaches and ransomware, I am sure you can imagine countless ways in which a bad actor could monetize this information.
We tried very hard to work with some of these third-party service providers for integration opportunities, but they are not willing to take any responsibility for the data with which they would also be custodians, nor have they been willing to share with us their own vendor vetting process.
As a business owner and decision maker, it feels irresponsible to let our customers share information directly between our system and these third-party services without ourselves being fully confident in the data practices of each vendor and without having received exclusive permission from consumers on how their data will be shared.
This stance does not contradict our view that the data we store in our system on your behalf is your data. You can freely remove your data from our system and share it with any services you choose. However, while the data is retained in our system, we have an obligation to ensure it is protected and that it is only accessible by its rightful owners.
One of the comments we have received is that Google, Facebook, and other online services have not expressed these same concerns when integrating with similar services. I would direct your attention to the fact that this year alone, Facebook has acknowledged that at least 87 million records were breached. This, just on the heels of their political headaches resulting specifically from their own third-party data integrations. Moreover, these services don’t generally have the same kind of sensitive consumer information that our agents store in EZLynx. More importantly, these vendors have gotten into serious trouble with regulators all over the world in the past year. They are being forced to tighten their controls on data sharing and allow consumers, who many consider to be the ultimate owners of the data, to get their data removed upon request.
Finally, these companies are multi-billion-dollar companies that can, and will, fight huge legal battles to defend their business model. I cannot imagine our agents taking on these kinds of legal battles.
So where does this leave agents who are using EZLynx and wanting to integrate with these third-party services? We are currently preparing an integration with Zapier to allow for contact information export and lead information import, though a more extensive integration has been hampered by Zapier’s unwillingness to work with us on defining data security guidelines. EZLynx development work has already begun for this first version, and we hope to have a beta release by early next year.
For additional data sharing with these other services, I do like some of the suggestions that agents have made on our Facebook group, and we are open to implementing these. If you are interested in working with our product management team on defining the data exchange standards for EZLynx, and hopefully for our entire industry, please let us know. We believe that together we can find a middle ground that serves the best interests of EZLynx, the Agent, and the Consumer.
To continue the conversation, join us on our Customer Forums by logging in to EZLynx, clicking the Need Help link on the Dashboard, and then clicking on Forums.