In recent years, organizations have been empowered with rich personal information about their consumers. They hold reams of intimate details around their private and public lives, from their browsing journey through to their most personal daily habits, much of which people wouldn't tell even their closest friends.
Companies use this data for a variety of purposes. They use it to create and improve their products, to train machine learning models, to market more effectively... many even sell it on to other organizations so that they can do the same. Today, if you are not collecting and analyzing every piece of relevant consumer data you can, your competitive edge is greatly at risk.
Integral to companies' ability to do this is their customers' willingness to trust them with their data, particularly with incoming EU General Data Protection Regulation (GDPR) set to put even more restrictions on its use. Numerous studies have found that when consumers perceive that a company is misusing their personal data or they are unaware that it is being collected, they either reduce their spending drastically or boycott a company entirely. The impact of a data loss is particularly severe, with the inaugural Consumer Trust Index from risk management firm SAI Global finding that 43% of consumers would never return to a company following a data breach.
And as it stands, people do not trust companies with their data. Indeed, in a recent BCG survey of 8,000 consumers across the US and Europe, just 20% of consumers surveyed said they trust companies to 'do the right thing' with their data, while approximately 30% across all the countries surveyed believe that companies will not do the right thing. The problem is particularly significant for the likes of Google and Facebook, whose entire business models rest on their ability to use the huge amounts of personal information they collect from users. In a recent survey by Quartz, each person was asked whether they trusted 25 companies with their data and only 21% said they trusted Facebook.
This has, admittedly, not had a significant impact on these companies bottom lines. There is a trade-off. You give them your data, you use their service for free. It is an issue that provokes an internal conflict - you want their services, you want them for free, you want them to be the best they can possibly be, but you don’t really want a machine going through your private emails. But you let it. However, as with any trade-off, this can easily swing the other way, and at many organizations, it is on a knife-edge.
There are, however, a number of things you can do as an organization to ensure that you keep customers on your good side.
Transparency is vital. It is not enough to hide away permissions and details about how you intend to use data in the fine print. Using an opt-in on your site is important and something that will soon be a legal requirement with GDPR anyway, and you need to be clear what you are doing with the data and how it benefits them to give it to you. Anonymity is also important, but this can always be guaranteed simply by removing any identifiers, such as a name or phone number, before the data is passed on to the marketer.
Transparency is especially important when you are looking to monetize your data. Monetization is firms' attempt to leverage the data they gather either in exchange for goods or money. Data collected by firms is packaged along with their interactions with customers and ecosystems, and then either bartered or sold outright. According to research conducted by Gartner Research, Inc, 30% of businesses will have started directly or indirectly monetizing their data by 2016. You need to be clear with your customers that you are doing this and make sure that any information that has to be de-identified is thoroughly done so.
Push For More Regulation
Kuntal Goradia, Customer Experience & Digital Analytics at PayPal, notes that, 'With the power comes responsibility and unfortunately some companies exploit it. Our governing laws are not keeping up with the speed of innovation. As a consumer, we must take precautionary steps on what we share online and as business leaders, we need to keep pushing the regulations that protect the consumers.'
It may seem against a company's interest to seek regulations, but it is far more reassuring for the public when they are enforced by governing bodies. The GDPR is likely to prove a tremendous hassle for all companies who touch data from countries within the EU, which is the majority of them, but in the long term it is good for companies that the public trusts their data will be properly handled and they know what is being done with it. Companies should work closely alongside governing bodies and assist them so that the regulatory regime is always relevant as technology evolves. This will also help companies stay on top of the regime.
Respect Customer Preference
Rouben Karakachian, Director of CRM and Optimization at Hilton Worldwide, 'I think the boundaries of customer privacy becomes a very nebulous concept. On one end we have people broadcasting about their life and actions in public domain every step of the way, and on the other end, there is a pressure to restrict access to customer data. I think the ethical aspect of using the data is different for different people and is never going to be one size fits all. However, the key ethical aspect, which should be adhered to at all times, is respecting customer preference.'
This very much goes hand-in-hand with transparency, but ensuring that if a customer wants to prevent their data being passed on or used in a certain way is vital.
We need to move away from the perception that people are reading your private information and laughing with their friends about it. Mostly, it is machines and algorithms who see you as nothing more than a series of numbers, and your privacy is really not being invaded in any meaningful way. Organizations need to do better about educating the public about how their data is processed and analyzed, a PR campaign for data collection if you will.
In a September 2016 survey of US adult internet users conducted by Regina Corso Consulting for Arbor Networks, 84% of respondents said they were at least concerned about their digital privacy. Almost 2 billion data records were stolen or lost the world over in 2017’s first six months, causing rapidly deteriorating consumer trust in current data storage and security procedures. As noted earlier, 43% of consumers would never return to a company following a data breach.
You need to invest heavily in protecting your data to ensure that bad actors cannot get at it and employ the necessary talent to keep it secure. This is not easy to come by, and it is a significant, constantly growing outlay as the threat is constantly evolving, but if you just pay it lip service, you are setting yourself up for a tremendous fall.
Don't Overdo It
Douglas Daly, Senior Manager of Data Science at Capital One, 'As long as the data is used to service the customer, deep analytics is a good thing. However, great care must be taken to ensure the insights are secured and contacts with the customer do not result in embarrassment or worse.'
A textbook example of a company going too far with their customer's data is Target. The US retailer would send coupons to women it believed to be pregnant based on their browsing and buying habits. One day they were called by the irate father of a young girl who had been sent such coupons, claiming that she wasn’t pregnant. It was later revealed that she was pregnant but it was being kept secret, and the coupons had exposed her. This is likely to have put the family off Target for life, so be careful not to be too invasive when it comes to sensitive topics.