5 Steps to Building Trust in Your Data Privacy Policies

Zahra Deinde-Smith  |  July 18, 2018   |  Data & Technology  |  ID Verification  


In 2016, a KPMG survey revealed that less than 10 percent of consumers worldwide felt they had control over how organizations use and handle their personal data. Meanwhile, this past year, events like the Cambridge Analytica breach and the passing of GDPR have suddenly raised consumer awareness around data privacy policies. Now, consumers have firm opinions about how their personal data should be collected and shared.

According to Daryl Pereira, Head of Cyber Security at KPMG Singapore, “consumers and regulators alike are paying attention to how organizations collect, store, and use personal data.” And as consumers sit up and pay attention, so too should the businesses that handle their data. Consumers expect to have an active role in how their data is used. Regulators expect to see transparent data privacy policies. Let’s dive deeper into what’s driving their demands.

GDPR Rises in Popularity

Cambridge Analytica was a wake-up call for the vast majority of consumers. Suddenly, for the first time, they were apprehensive about their personal data. Earlier this year, Janrain surveyed over 1,000 U.S. consumers to analyze how this affected attitudes toward data privacy. Based on their responses, 78 percent of consumers are aware of the Cambridge Analytica breach and 57 percent are more concerned about data privacy than ever before.

Consumers aren’t just more concerned; they’re also more open to regulations that would prevent similar breaches from happening again. In the same survey, 68 percent said they would like to see privacy regulations like the GDPR enacted in the U.S. Specifically, out of relevant GDPR requirements, respondents said they wanted the right to ask companies to delete their personal data and the right to control how their data is used.

Which of these provisions of GDPR would you most like to see applied in the US?


U.S. vs. UK: Opposing Attitudes

However, consumer attitudes are not all created equal — people outside the U.S. see data privacy policy through a very different lens. A 2018 study by DMA and Acxiom measured this shift in attitudes amongst UK consumers. One finding showed the percentage of people in the UK who are concerned about online privacy dropping from 84 percent in 2012 to 75 percent in 2017.

This drop in concern around online privacy has been even more noticeable in younger generations. The proportion of 18 to 24 year olds who expressed concern about online privacy fell from 75 percent in 2012 to 58 percent in 2017. Still, UK consumers agree with U.S. consumers when it comes to wanting control over how their data is used. According to the DMA study, 86 percent of adults in the UK want the power to decide whether their personal information is shared with companies and how its stored.

In general, European consumers seem to be more comfortable with sharing their data, as long as they receive something in return. A 2017 GfK study revealed that 69 percent of European consumers would allow their browser data to be used by companies in exchange for free access to online news, content, and services. Interestingly, over half of adults in the UK would share personal information in exchange for incentives like direct financial rewards, loyalty points, and free products or services. All in all, however, even despite their differences, UK and U.S. consumers agree that they deserve control over their data, so they’ll choose companies that they can trust to provide them with that control.

Building Trust in Data Privacy Policies in 5 Steps

Now that consumers are sitting up and paying attention, they’re putting their money toward companies that make data protection a priority. Many organizations are aware that the best way to build trust with these consumers is to implement strong data security tactics, and to be transparent about what’s implemented. But how can these tactics be put into practice? Deloitte offers these five tips for companies to improve their data privacy policies:

1. Keep the consumer’s perspective in mind when developing a vision and strategy for data privacy. Companies should ask themselves the following questions: What data is necessary for us to collect to improve the consumer experience? How can we avoid seeming intrusive, instead of helpful, in efforts to improve this experience? How prepared are we to be transparent and timely in responding to a potential data breach?

2. Treat privacy policies as a marketing tool, instead of just as a legal disclosure. Companies should consider: Is our privacy policy written in a manner that is transparent and easy for consumers to understand? Have we presented our privacy policy as concisely, with the key points stated first? Do we provide links for consumers to read in more detail about the steps they can take to control the usage of their personal data?

3. Elevate the seniority of the executive responsible for data privacy. By having a privacy officer at the decision-making level of a Chief Information Officer or Chief Privacy Officer, it sends a message to consumers that there is someone advocating on their behalf in the C-suite.

4. Implement consistent data security tactics across the entire enterprise. When data breaches occur, consumers’ main concern isn’t which department was responsible for it. They’ll blame the company as a whole. That’s why companies need to make data privacy a coordinated effort throughout the organization to avoid data breaches.

5. Expand data security tactics to focus not only on external breaches, but internal and third-party breaches as well. This makes data security more comprehensive and effective at protecting consumers’ data.

All in all, consumers and regulators alike need to trust that the companies they do business with are taking care of their data. With recent events, they’re even willing to accept more regulation to make that happen. Businesses can build trust with these consumers by being transparent, investing in the right data security tactics, and keeping their data privacy policies consistent throughout the organization.

Have your own thoughts to share about the impacts of GDPR and Cambridge Analytica on consumer trust? Start a conversation with us on Twitter.

Related Resources:

If you like what you’re reading, why not subscribe?

About Zahra Deinde-Smith

Hi, I'm Zahra Deinde-Smith and I currently work as a Marketing Intern at Urjanet. My passions include history, genealogy, and hair care!

Tags   Financial Services   |   Identity & Fraud   |   Identity Verification   |   Regulation   |   Urjanet   |