Building Trust around Consumer Data and Privacy

Written by Stephen Ragan, Principal Privacy Consultant at Wrangu

With privacy legislation expanding globally, this has raised consumer awareness about their personal data and how it is used. Organisations are being forced to adopt privacy preserving principles. Savvy organisations are learning that privacy can be a business competitive advantage, building brand loyalty and accelerating growth, creating a lasting relationship with consumers. The Covid pandemic has only accelerated this process as organisations digitised their operations moving to a remote working environment. At the same time consumers are increasingly adopting digital technology for entertainment and leisure.

The data generated by personally identifiable information (PII) provides valuable insights for organisations helping them better understand their consumer’s demands aiding in the development of new products and services. With consumers become increasingly aware of the value of their data and the subtle ways it can be used to drive their actions, a gulf has arisen on the vital issue of trust. As privacy legislation gives more control to the data subject, consumers are becoming increasingly intentional about what types of data they share and with whom.

A McKinsey study, surveying 1,000 North American consumers across a variety of industries, found that no industry achieved a trust rating of at least 50 percent for data protection. That lack of trust is fueled by high profile data breaches and headline grabbing misuses of personal information. The overwhelming majority of respondents, 87 percent, said they would not do business with a company if they had concerns about its security practices and another 71 percent said they would stop doing business with a company if it gave away sensitive data without permission.

Healthcare and financial services, where there is regulation of privacy, were industries that fared the best and were considered the most trustworthy. Given the low levels of trust, it is no wonder consumers want to restrict the data they share with organisations. The stakes are high and awareness around these issues will only continue to grow as more jurisdictions adopt privacy legislation.

The way organisations approach the issue of consumer privacy creates a real opportunity for organisations to build trust establishing differentiation with competitors and preference for consumers.

Seven tips for building consumer trust

1. Follow the principle of data minimisation and only collect data relevant to your products and limit the amount of personal information requested. Nearly 50 percent of respondents viewed this as a signal that the organisation was taking a thoughtful approach to data management.

2. Be transparent about the data you collect, what it is used for, and who it is shared with. This is the part about educating consumers on their level of control over their data. This is a particular challenge as organisations must avoid bombarding consumers with privacy policies and terms and conditions that frustrate and confuse consumers. Privacy policies should be clear in an easily digestible form that is not overly time consuming.

3. Have a plan for responding to data breaches: Data breaches are a threat to all organisations. Implementing protections and locking all the doors of potential entry is difficult. Hackers need to find only one point of weakness. The cards are stacked against organisations and responding promptly is vital. Time might make an immense difference in mitigating harms. This is why the GDPR requires notification within 72 hours when there is a threat to the individuals rights and freedoms and half of respondents viewed short response times as a signal that organisations were taking the threat of data breach seriously.

4. Define and enforce clear data subject access rights. This means creating internal processes to handles data subject requests and breaking down information silos within organisations.

5. Limit the use of cookies and do not collect passive data: Often consumers do not even know all the tools used to survey their online activities, but when they find out, the blowback is severe as ignorance breeds fear and uncertainty.

6. Implement Privacy by Design featuring automatic timed logouts and requirements for strong passwords updated regularly.

7. Publicize the organisations interest in consumer-privacy making things understandable for consumers while demonstrating a public commitment to privacy and data protection. This requires a mentality shift from what the brand needs towards what the customer needs.

Consumers today have greater control over their personal information. They can deploy ad-blockers and use search engines that do not save and share their preferences. Consumers also have a bevy options and may walk away from doing business with organisations whose data privacy practices they do not trust, do not agree with, or simply do not understand. While consumers concerns are mounting, few know how to take adequate measures to protect themselves. Organisations who make this easy will build a relationship based on the trust of consumers.

Want more? Register for this upcoming webinar exploring what GDPR compliance is, key steps to take and how it helps to build consumer trust. 

Join your peers and get the latest GRC, Privacy, Security and Regulatory updates delivered straight to your inbox

Read more about our tailor-made software for data privacy and integrated risk management

Relevant news & insights: