Cybercrime is exploding as digital technologies generate massive amounts of consumer data, including location tracking and personally identifiable information online. The worldwide information security market is forecast to top $170.4 billion in 2022, according to Gartner. Research and personal data was involved in 58% of breaches in 2020, according to Verizon. Because 64% of Americans do not know how to respond in the event of a data breach, even more burden rests on businesses to assure data privacy and to mitigate damage.
So much is at stake, from identity theft to financial catastrophes, and this is driving consumer awareness. People expect the companies with which they do business to handle consumer data and privacy with top-flight control and transparency. Doing so can become a source of consumer trust and a significant business advantage.
Data Guarding and Consumers
McKinsey research reveals that consumers often want to restrict the type of data companies can accumulate, and they rate some concerns higher than others. Privacy in email content and correspondence, content of downloaded files and location data are among top priorities for protection. And about 50% are more likely to trust a company that only requests information relevant to its products and services and limits the amount of personal data inquiries.
Consumer trust in companies’ data privacy and security measures is extremely low, McKinsey reports. The highest trust level, earned by healthcare and financial services, is just 44%. Only 10% of consumers trust the practices of consumer goods, agriculture, media, entertainment, and oil and gas companies. Several measures contribute to consumer trust, including not asking for irrelevant information, reacting quickly to breaches, proactively reporting a hack and not collecting passive online data.
The great majority of McKinsey survey respondents — 87% — said they would leave a company with lax security, and 71% would stop doing business with companies that gave away sensitive data without permission.
Harvard research holds that when firms have transparent privacy practices, customers know they can change their preferences about what and how they share information. Consumers did not punish breached firms that provided both transparency and control. Firms rating high in these areas also suffered less stock damage following breaches, yet only about 10% of Fortune 500 firms fit this profile.
Measures of Protection
Government regulations. The rise in severe data breaches around the world has led governments to regulate more. According to Deloitte research, new regulations not only require customer data protection but they also impose obligations to assure the quality of the data’s quality, completeness and governance. In 2018 the European Union enacted the General Data Protection Regulation, and the California Consumer Privacy Act (CCPA) became effective in 2020. Other states are expected to follow. The GDPR gives consumers easy access to their own data that companies hold and regulates the ways companies can collect, store, share and delete data.
Consumer browser controls. People can prevent companies from tracking online activity through web browsers with built-in cookie blockers, ad-blocking software (used on more than 600 million devices worldwide) and incognito browsers (used by more than 40% of internet users globally). Consumers can also clear their own cookies and browser histories, delete internet posts and disable cookie tracking.
Data minimization. Reducing the amount of data stored addresses a host of problems, from data security and privacy concerns to compliance with emerging regulations. The more data an organization has, the harder it is to secure. Companies must conduct data inventory assessments and determine which data sets provide the best cost-to-benefit ratio.
Data classification. Defining data types, as well as which data is personal versus public, helps companies stay compliant with privacy regulations and properly respond to data access requests.
Consumer distrust in data-management practices has been growing since the onset of e-commerce. In 2021 and beyond, firms must exercise best practices in data security and privacy, be transparent in what they do with data, and stay ahead of data privacy regulations.
Learn more about Boise State University’s online MBA program.