Young people buying meal from street food truck showing consumer trust and data privacy culture

The Data Privacy Disconnect Between Businesses and Consumers

Consumer trust is at an all-time low and data privacy is a central factor in the decline, with privacy becoming a core expectation among 89 per cent of consumers. This expectation demands that businesses re-evaluate how they treat their customers’ data to ensure they prioritise privacy focused practices and technology to keep data safe online.

Customers are increasingly aware of how their data can be exploited and they now expect organisations to respect their privacy concerns and protect their data.

According to research from the European Union Agency For Fundamental Rights, 41 per cent of Europeans are unwilling to share any personal data with businesses, while a report from Cisco revealed that 76 per cent would not make a purchase from an organisation they don’t trust with their data. It is clear that data privacy has become a driving force behind consumer decision making and businesses must adapt.

Tech leaders must be one step ahead and prioritise privacy and consent by design. The terrible user experience, and subsequent data loss caused by long and complex cookie consent screens is an example of what happens when we as an industry don’t take responsibility early, leaving it to legislators to enforce better practices.

The data privacy disconnect

A disconnect between expectations and reality exists when industry norms are not meeting the needs of the consumer. This is where the General Data Protection Regulation (GDPR) comes into play, to lay out laws in relation to data protection and privacy across Europe.

Ethical security professionals know it is not an individual’s choice to act responsibly, but an expectation by law, and are increasingly aware that consumers are taking back control by rejecting all cookies, creating a data gap.

Consumers are starting to understand this disconnect too – that free services simply mean they are being monetised, and they expect organisations to behave ethically, or at the very least to the standard set out by the GDPR.

The prevalence of the data privacy disconnect is amplified where regulatory compliance standards differ. In the US, for example, corporate surveillance is allowed, and organisations are free to monitor their consumers’ behaviour and use this data for their own gain. In this instance, a disconnect is likely to occur as there are no set standards to support the needs or expectations of the consumer – an issue that must be addressed.

However, even within regulated territories, the variety of levels of compliance and confusing permission screens on websites creates distrust across the board. This increases when consumers are overwhelmed with complex options interrupting their viewing experience.

The security and compliance risks

Failing to secure customer data and comply with the relevant privacy laws can have a detrimental impact on a business, putting them at risk of losing customers and permanently damaging reputations which may have taken years to build.

The Cisco 2023 Data Privacy Benchmark Study shows that 94 per cent of organisations stated that their customers would not buy from them if their data is not protected properly, with 81 per cent of consumers from their 2022 study agreeing that how an organisation treats their data indicates how they view and respect their customers, influencing decision making.

If organisations choose not to be transparent when handling data, they run the risk of losing their competitive advantage in the marketplace. More than this, a transparent data handling policy can be a powerful driving factor in growth. For example, the encrypted messaging app Signal which offered better data security in comparison to competitors gained over 42 million users in a single year.

Privacy wins in the marketplace and organisations should understand the opportunities it can bring such as higher consumer trust and loyalty, rather than seeing it as a disadvantage, or an obstacle to overcome.

Building a data privacy culture

Creating a business that consumers can trust will require a continuous and conscious effort throughout an organisation. Identifying staff who are willing to lead conversations on privacy and share their knowledge will play a key role in creating a universal approach, while providing platforms and message channels where information on data privacy can be shared and updated will enable continuous learning to take place

On top of this, ensuring organisations deploy privacy principles and regulations that employees can hold themselves accountable to will help to solidify a privacy-centric culture, involving elements such as asking for permission to collect, process and store sensitive data, collecting data in compliance with regulations and providing transparent explanations about data operations and usage.

We live in a data driven world and organisations must now ensure they obtain and use data in an ethical way that doesn’t exploit the customer in any way. Consumer data must be treated with the utmost integrity. Only then will organisations be able to create a brand that is respected and trusted.