In recent years, conversations around data privacy have done a lot to make consumers pay more attention to how their data is being used. Yet over the past few months there has been a noticeable shift in public consciousness – from growing awareness to widespread worry. Between debates about the use of data for apps like FaceApp or the release of the documentary ‘The Great Hack’, to the issue of surveillance and biometric data hitting the headlines, consumers are waking up to the realities – and threats – posed by data misuse and poor security.
Most people typically regard data as a personal issue, asking questions around how their data is being used, who has access and how they can protect themselves. But businesses also need to ask themselves how the buzz surrounding personal data will impact their bottom line, and what they can do to build trust with their increasingly data-aware customers.
Snowballing data privacy concern
The debate around data privacy is by no means a new one. Lately, though, the subject has garnered heightened levels of public attention and, as a result, become progressively politicised. This transition has not taken place in a vacuum but has, in fact, been the result of a chain of significant events:
- Netflix recently released a documentary, ‘The Great Hack’, to a wide and engaged audience. Yet again ripping off the bandage around the infamous Cambridge Analytica case, the filmmakers also gave a Ted Talk examining Facebook’s role in Brexit, looking at Cambridge Analytica’s breach in ethics for using adverts from the platform to manipulate civilians by illegally using their data.
- The FaceApp application made the news recently as millions uploaded photos of themselves to put through the app’s AI system, which then applied an ‘old filter’. Yet unbeknownst to consumers as they viewed their aged selves, concerns around how images were uploaded and stored were raising the eyebrows of data privacy advocates. And FaceApp isn’t alone in its lack of transparency when it comes to personal data. Recent research revealed that thousands of apps in the US Google Play Store still bypass consent to collect user data.
- Over the past few weeks, debate around facial recognition technology at Kings Cross has generated concerns around citizens’ rights to privacy and biometric data. The newly instituted security measures have been put in place to ‘ensure public safety’. But many are concerned about the ramifications about what this means for data protection, identity, and governance.
- With that in mind, biometric data has become the next in a long line of data privacy concerns. Long gone are the days where the biggest threat was password corruption, rather now consumers need to worry about protecting their biology from theft. As critical industries like finance and retail move to implement biometric methods of authentication – in many cases for ease of use for consumers – this can ultimately open up a host of new threats.
These examples, among others too numerous to mention, illustrate the ubiquity of the data privacy issue and the impossibility of a one-size-fits-all solution. What’s certain, however, is that with this newfound awareness, consumers are now more cautious to subscribe to a brand’s services if they need to hand over their data. The GDPR has ensured that consent must be freely given. But what does this mean at a time when data is more freely flowing and omnipresent?
Establishing trust and returning power to consumers
Building and maintaining trust with consumers in today’s market is more than a competitive differentiator – it’s now a life preserver in a sea of distrust and apathy. So how can companies successfully build these relationships? There are three key steps to ensure customer satisfaction, retention, and most importantly, trust.
- Complying to regulation: Ensuring your company is compliant with data privacy legislation like the GDPR is a crucial element of building trust and ensuring ethical business practices. Ignoring compliance regulations can lead to reputational, financial, and business repercussions, as was felt by British Airways after it suffered a data breach affecting 380,000+ card payments. The company’s shares fell by four per cent, its reputation was severely dented and the ICO announced that it is due to fine the airline £183m. Complying with data privacy regulation not only applies to an organisation’s own data policies, but also to their third-party suppliers, meaning that companies that suffer a data breach through their supply chain will also be held liable for the consequences.
- Being transparent: Companies must do more than simply write out their data policies in the fine print. Instead, they need to establish open and honest relationships with customers, which requires communicating effectively and regularly about why they need to collect certain data, if terms and conditions change, and if problems arise. There’s also an element of education that’s required with consumers. Essentially businesses need to patiently help them understand the processes in place to safeguard their data. Channel 4 has done this well in the UK, creating playful content to help convey to its customers how their data is used.
- Giving authentication options: For businesses whose main touchpoints with consumers are online, sign up processes, including identity verification, are vital in order to convert and retain customers. This means that onboarding needs to be accessible, user friendly, and secure. Today, two-factor authentication is the expectation, and this is only set to increase with the onset of regulations like Strong Consumer Authentication. But in the meantime, giving users options for the second factor – for example through their smart phone or Bank ID – is a huge benefit that enables them to access services in the way that they feel most comfortable with/prefer.
As people become more aware of data usage and access, debate around issues like surveillance rights and biometric security will only intensify. Ultimately, customers are more likely to trust a brand if they feel in control of their data – illustrating that we simply cannot afford to take data privacy lightly. And if an organisation gets this right then they will not only keep customers happy, but also make them want to stay.
Simon Wood, CEO, Ubisecure