We're at a Crossroad for Data PrivacyBy Samuel Greengard | Posted 2014-03-03 Email Print
Consumer expectations create an environment of privacy and awareness, so companies must build privacy practices and controls that link with the way they operate.
The steady drip of data breaches on the news and in consumers' lives isn't doing anything to build confidence in the state of today's business environment. At the heart of the matter: data privacy, or perhaps more accurately, the lack of it.
A new report from PwC, "10 Minutes on Data Privacy," points out that privacy is evolving beyond a risk and regulatory issue. Winning consumer trust is essential, and privacy polices directly correlate with brand image. How businesses manage data privacy and communicate with customers says everything about public perceptions of trust.
According to the report, 89 percent of consumers surveyed said they avoid doing business with companies they believe do not protect their privacy online, and 85 percent of investors said boards should be involved in overseeing the risk of compromising customer data.
"Executives must think about privacy as a competitive advantage and opportunity, as opposed to the typical school of thought in which privacy is only a compliance risk," says Carolyn Holcomb, a partner and PwC data protection and privacy leader. "Data privacy is becoming instrumental to company growth and brand health; it's no longer solely about managing risk."
Although some industries, such as health care and financial services, have strong controls and regulations in place, many industries (including retail) remain blissfully ignorant about the need for more stringent and progressive measures.
The survey found that the leading causes of consumer mistrust and distress center on receiving unsolicited and wanted contact (19 percent); companies selling information and other general concerns (13 percent); and the type of information that's shared, including social security numbers and financial records (11 percent).
In fact, 87 percent of respondents to the survey indicated that they want to call the shots and control the amount of information shared. Unfortunately, I'd argue, the U.S. system makes it difficult to embrace this approach. That's because marketers and others have created an opt-out framework rather than an opt-in approach, which Europe and other regions of the world now use.
Perhaps it's time to reconsider. PwC believes that it's wise to allow consumers to make choices in how data is collected, managed and used. It notes that consumer expectations create an environment of privacy and awareness, and business leaders must build privacy practices and controls that intertwine with the way an organization operates.
That can mean appointing an executive to oversee privacy, ratcheting up governance, re-examining partnerships, and having a better understanding of IT system and databases.
One thing is certain: U.S. companies had better get their act together soon. The price for ignoring data privacy is on the rise.