The impact of the Cambridge Analytica revelations continues to grow. Not only is Facebook issuing multiple apologies and promising major policy overhauls, but the constant notification of significant breaches of personal data means companies are increasingly being scrutinised for their own data-handling practices.
This suggests that the fallout from the last few weeks of news will not fade away. Instead, we are likely to see long-term consequences across the entire digital economy.
>See also: GDPR – a real opportunity to better understand your data
Increasingly, consumers are realising that the many ‘free’ digital services they use in their daily lives have not been completely free – users have paid for them in personal data. When the General Data Protection Regulation (GDPR) comes into effect next month, it will only raise the stakes still higher by enshrining new rights for consumers into law and making certain practices and business models no longer tenable. Businesses need to move quickly to make sure that the data policies and processes that they have in place will be fit for purpose in this new era.
Consumers are concerned about data sharing
Consumer anxieties over data privacy and sharing have been building for a while. Earlier this year, a survey ForgeRock commissioned found that 57% of UK consumers worry about how much personal data they have shared online, while 63% feel they know little or nothing about their rights regarding their own data. Given the rate at which the data collection techniques that businesses use have evolved, and the lack of effective tools for consumers to control and manage their data, it is not surprising that nearly half of consumers are unaware of what information about themselves is available online.
>See also: Thriving in the post-GDPR landscape
In another ForgeRock survey, 92% of global consumers say they want to control what personal information is automatically collected and 74% are concerned that small privacy invasions may lead to a loss of civil rights. However, with so many active services gathering personal data, the extent to which consumers can be expected to take responsibility for controlling their data is limited. This points to a significant opportunity for innovation from trusted brands and new startups that can satisfy consumer appetite for more choice, control and visibility.
Consumer trust must come first
With the imminent arrival of the GDPR, we are likely to see individuals simply choosing not to interact with organisations that are not perceived to be trustworthy. In fact, 58% of consumers said that they would stop using a company’s services completely if it shared data without their permission, and the sudden rise of the #deletefacebook campaign has only served to prove this.
Companies now need to accept that legal technicalities and opaque terms and conditions agreements will no longer protect them from reputational damage. In the wake of the Cambridge Analytica scandal, the UK Government has urged technology companies to simplify their data management policies for consumers, and UK Digital, Culture and Media secretary Matt Hancock has stated his goal of getting all of the information onto a single page. Customers will increasingly witness new notifications and requests for specific consent as companies adjust to the legal demand for simpler, less ambiguous statements on data processing.
>See also: 5 things you can expect to happen after the GDPR deadline
There is a first-mover advantage for those businesses that can get this right: by delivering greater visibility and control of the data being managed, used, processed and shared, they can build trust and brand loyalty for the long-term.
In the age of the empowered consumer, consent will be key
To build consumer trust, organisations need to adopt a new philosophy around personal data – one that involves the customer with their own data and empowers them with the option to dynamically control the amount and type of data that is shared.
GDPR will mean that businesses will need to be specific about the purposes of processing the different pieces of personal data their customers share. Gaining consent and providing a dashboard for the ongoing management of this data is the optimal method of engaging customers easily. To succeed in this environment, businesses therefore need to find ways to maximise the value they deliver to customers through context driven, relevant insights, rewards and offers, while also delivering greater transparency, greater control and choice for consumers.
>See also: The multinational impact of GDPR
Consent is no longer static, so organisations need to provide options to make it is as easy to withdraw consent as it was to give it. We are already seeing giants like Apple rolling out privacy features ahead of GDPR.
In the past, ease of use and convenience have always been put before data privacy. But in the new climate of digital awareness, this arrangement needs to be turned on its head making it convenient for consumers to control their data.
A new deal on data is needed
Brands that rely on consumer data for market insight or revenue will need to establish a better deal for consumers in order to retain access to their data. Currently, consumers feel that they do not get good value for their data – in ForgeRock’s survey just 17% said that it is used to benefit themselves, compared to 41% who say it mainly benefits businesses. Consumers are coming to the conclusion that if you’re not paying for a service, then you’re not a customer, you are the product.
This is perhaps one of the reasons why social media brands are less trusted than other services. Only 63% of Britons say that they trust social networks to treat personal data in a responsible manner. This compares unfavourably with banks and credit card companies, who are trusted by 82% of UK consumers.
>See also: GDPR: the good, the not so bad and the opportunities
Overall, companies who have a more ‘transactional’ relationship with their customers are likely to be more trusted, possibly because their customers feel they have a clearer idea of what their data is being used for. Whatever sector they are in, companies can learn from this and look to harness the level of trust that’s achieved by a more concrete and transparent relationship.
As the awareness of new consumer rights regarding personal data grows and users come to expect a different experience, those businesses that have truly put the customer in control of their data are likely to benefit.
Businesses are experiencing a definite shift from the established norm – where it’s mainly the huge tech giants and corporations that capitalise on consumer data for many of their own purposes – to a more balanced value exchange where personal data is treated as a shared asset and used to the benefit of all.
Sourced by Nick Caley, vice president – Financial Services and Regulatory, ForgeRock