In recent years, organizations have been empowered with rich personal information about their consumers. They hold reams of intimate data around their private and public lives, from their browsing journey through to their most personal daily habits - much of which people wouldn't tell even their closest friends.
Companies use this data for a variety of purposes. They use it to create and improve their products, to train machine learning models, to market more effectively... many even sell it on to other organizations so that they can do the same. Today, if you are not collecting and analyzing every piece of relevant consumer data you can, your competitive edge is greatly at risk.
Integral to companies' ability to do this is their customers' willingness to trust them with their data, particularly with incoming EU General Data Protection Regulation (GDPR) set to put even more restrictions on its use. Numerous studies have found that when consumers perceive that a company is misusing their personal data or they are unaware that it is being collected, they either reduce their spending drastically or boycott a company entirely. The impact of a data loss is particularly severe, with the inaugural Consumer Trust Index from risk management firm SAI Global finding that 43% of consumers would never return to a company following a data breach.
And as it stands, people do not trust companies with their data - particularly given the constant stream of negativity in the media. The recent revelations around Cambridge Analytica and Facebook, for example, mean that for every one step forward you might take, events outside your control are dragging you two steps back.
This is evidenced by numerous surveys. In one recent BCG survey of 8,000 consumers across the US and Europe, just 20% of consumers surveyed said they trust companies to 'do the right thing' with their data, while approximately 30% across all the countries surveyed believe that companies will not do the right thing. The problem is particularly significant for the likes of Google and Facebook, whose entire business models rest on their ability to use the huge amounts of personal information they collect from users. In a survey carried out last year by Quartz before the recent scandal, only 21% said they trusted Facebook. In a survey carried out by Reuters as the news came out, 51% said they either don’t trust the platform at all or didn’t trust it very much.
The idea that you should be punished for Facebook's crimes may seem unfair, but when it comes to sharing your information online, for consumers, it is always hard to distinguish good actors from bad. Even if you know your data practices are good, your customers need to know it too.
Here are 6 things you can do as an organization to ensure that you keep customers on your side.
Transparency is vital. Facebook's lack of it is one of the main reasons that, despite the extent we all use it, recent news has had such an impact - it came as a shock. It is not enough to hide away permissions and details about how you intend to use data in the fine print. Using an opt-in on your site is important and something that will soon be a legal requirement for those holding EU data anyway thanks to GDPR. You need to be clear what you are doing with the data and how it benefits them to give it to you. Anonymity is also important, but this can always be guaranteed simply by removing any identifiers, such as a name or phone number, before the data is passed on to the marketer.
Transparency is especially important when you are looking to monetize your data. Monetization is firms' attempt to leverage the data they gather either in exchange for goods or money. Data collected by firms is packaged along with their interactions with customers and ecosystems, and then either bartered or sold outright. You need to be clear with your customers that you are doing this and make sure that any information that has to be de-identified is thoroughly done so.
Push For More Regulation
Kuntal Goradia, Customer Experience & Digital Analytics at PayPal, notes that, "With the power comes responsibility and unfortunately some companies exploit it. Our governing laws are not keeping up with the speed of innovation. As a consumer, we must take precautionary steps on what we share online and as business leaders, we need to keep pushing the regulations that protect the consumers."
It may seem against a company's interest to seek regulations, but it is far more reassuring for the public when they are enforced by governing bodies. GDPR is likely to prove a tremendous hassle for all companies who touch data from countries within the EU, which is the majority of them, but in the long term, it is good for companies that the public trusts their data will be properly handled and they know what is being done with it. Companies should work closely alongside governing bodies and assist them so that the regulatory regime is always relevant as technology evolves. This will also help companies stay on top of the regime.
Derek Ho, VP, Privacy & Data Protection, MasterCard, discusses data governance best practices
Respect Customer Preference
Rouben Karakachian, Director of CRM and Optimization at Hilton Worldwide, believes that, "the boundaries of customer privacy becomes a very nebulous concept. On one end we have people broadcasting about their life and actions in public domain every step of the way, and on the other end, there is a pressure to restrict access to customer data. I think the ethical aspect of using the data is different for different people and is never going to be one size fits all. However, the key ethical aspect, which should be adhered to at all times, is respecting customer preference."
This very much goes hand-in-hand with transparency, but is, if anything, more important. Knowing is one thing, but if you can't prevent it, it isn't worth very much. You need to ensure that if a customer wants to prevent their data being passed on or used in a certain way, then they can.
We need to move away from the perception that people are reading your private information and laughing with their friends about it. Mostly, it is machines and algorithms who see you as nothing more than a series of numbers, and your privacy is really not being invaded in any meaningful way. Organizations need to do better about educating the public about how their data is processed and analyzed. They need to organize a PR campaign for data collection if you will, to win the battle for hearts and minds and help consumers appreciate how sharing it is good for them and is vital for providing a positive online experience.
In a September 2016 survey of US adult internet users conducted by Regina Corso Consulting for Arbor Networks, 84% of respondents said they were at least concerned about their digital privacy. Almost 2 billion data records were stolen or lost the world over in 2017’s first six months, causing rapidly deteriorating consumer trust in current data storage and security procedures. As noted earlier, 43% of consumers would never return to a company following a data breach.
You need to invest heavily in protecting your data to ensure that bad actors cannot get at it and employ the necessary talent to keep it secure. This is not easy to come by, and it is a significant, constantly growing outlay as the threat is constantly evolving, but if you just pay it lip service, you are setting yourself up for a tremendous fall.
Don't Overdo It
Douglas Daly, Senior Manager of Data Science at Capital One, claims that, "As long as the data is used to service the customer, deep analytics is a good thing. However, great care must be taken to ensure the insights are secured and contacts with the customer do not result in embarrassment or worse."
A famous and much-used example of a company going too far with their customer's data is Target. The US retailer would send coupons to women it believed to be pregnant based on their browsing and buying habits. One day they were called by the irate father of a young girl who had been sent such coupons, claiming that she wasn’t pregnant. It was later revealed that she was pregnant but it was being kept secret, and the coupons had exposed her. This is likely to have put the family off Target for life, so be careful not to be too invasive when it comes to sensitive topics.