Data privacy refers to how organizations should collect, store, manage, and share personal data. A robust commitment to data privacy is increasingly important to building trust in a brand.
That trust matters. Trust enables a brand to nurture loyalty and expand more freely. Yet, trust can rise and fall with every encounter between consumer and business. And approaches to data privacy have become a chief factor in this.
The Digital Transformation and Personal Data
A global digital transformation is unfolding across the world. More and more activity, reaching into all corners of our lives, is becoming digital. Consumers navigating this increasingly online world leave a trail of personal details.
Whether making a purchase, registering for a website, or simply browsing, surprisingly detailed imprints can be formed: names, contact details, preferences, location, education, social media behavior, etc.
Such data capture can benefit businesses. Most obviously, for example, a customer’s personal details are required to fulfill orders. But consumer data is used beyond that purpose; to build more nuanced customer profiles, for example, enabling more personalized marketing.
Consumers have now grasped the true extent of this. New legal frameworks have both reflected and amplified this awareness. And a proliferation of high-profile news stories has further catapulted data privacy into the people’s consciousness, raising anxieties and suspicions.
In short, perceptions of the potential downsides of data collection have grown. Online privacy has become hugely contentious. Rather than building loyalty, a company’s approach to its consumer’s personal data is now a potential liability and diminishes trust.
What Do Statistics Tell Us About Data Privacy?
All businesses need to consider data privacy. Even for a small start-up setting up its online operations using global domains international services, it’s essential to have a clear grasp of data privacy.
This article identifies some key themes about data privacy, with statistics to illustrate each one.
A Genuine Danger
The dangers consumers perceive are not wholly imaginary. High-profile news stories of business data breaches and consumer awareness of fraud have made data privacy a potent public issue.
- In 2021, data security breaches from organizations exposed over 18 billion personal records. Hackers access and steal personal data about customers of a business and service users. Then they use the data for criminal activity (fraud and identity theft).
- For example, in 2021 LinkedIn experienced a data breach. 700 million of its users’ contact details were stolen.
- People may naturally wonder what happens with such stolen data. Unsurprisingly then, the widespread threat of fraud amplifies public concern about breaches. There were 1.4 million reported cases of identity theft in the US alone in 2020, an annual increase of 53%.
- Nor is this problem limited to the US. 33% of all fraud attacks in Europe are linked to identity theft.
- When there is a customer data breach, consumers take note and potentially feel more threatened. It can affect a company’s bottom line. Around two-thirds of consumers may stop using a business if their personal data were stolen from that business.
Consumers Care About Data Privacy
It is not only the risk of hackers stealing personal data from businesses through a data breach that worries consumers. They increasingly also care about data privacy more generally: how and why is their data being collected, managed, and used by the businesses themselves?
- A survey of consumers in Europe, the Middle East, and Africa found that 71% of consumers are concerned about how businesses use their personal data.
- Likewise, a US survey found that 8 in 10 people felt they had little control over what data was being collected, were concerned about how it would be used by organizations, and felt that risks outweigh the benefits.
- Another survey, which explored the impact of the Cambridge Analytica revelations in 2018, revealed that 73% of respondents were concerned about how their information would be used online. 48% were either ‘very’ or ‘extremely’ concerned.
- When consumer trust is damaged, it impacts consumer decision-making. For example, about two-thirds said they would stop using a company if it shared their personal data without permission or disrespected their data preferences.
- Moreover, in the year after the Cambridge Analytica headlines broke, over half of respondents unsubscribed from email newsletters because of those concerns.
Strict Data Privacy Legislation is Coming Into Force
At varying speeds, governments worldwide are trying to address data privacy.
- 71% of countries worldwide have introduced some data privacy laws. A further 9% have drafted legislation.
- The European Union’s General Data Protection Regulation (GDPR) of 2018 is the most rigorous data privacy legislation worldwide. For example, it prescribes stricter rules around consent when collecting personal data and gives consumers the right to be forgotten. 67% of European citizens have heard of GDPR.
- The United States has a more complicated patchwork of national, state, and local laws. California led with its California Consumer Privacy Act (CCPA) of 2018. It applies to organizations, for example, with annual gross revenues higher than $25 million a year.
- Globally, the legislative picture is patchier. So in Africa, while 61% of countries do have data privacy legislation, it is less robust and less rigorously enforced than Europe’s.
Adjusting to New Data Privacy Expectations Can Be Tricky
The data privacy challenge needs embedding across a business’s workflows and culture. For example, developers can craft precise user stories, translating data privacy laws into tangible requirements for evolving their service. Effective testing strategies (like testrail integration) can then ensure the enforcement of legal requirements.
Nevertheless, compliance has not always been easy. Businesses worldwide operating in the EEA and UK have found some aspects of the GDPR legislation particularly challenging.
- Businesses invested large amounts in preparing for GDPR. Ernst & Young estimated that the world’s largest 500 corporations would spend a combined total of $7.8 billion in preparation.
- Some businesses decided not to attempt compliance—backing out of markets because of the new data privacy legislation. For example, 1,000 websites (many American) chose to block EU users rather than comply.
- The data privacy challenge evolves over time. In 2018 businesses cited GDPR’s right to be forgotten, fulfilling access requests, and data portability as the toughest challenges. By 2021, companies still reported difficulties, but now the prevalent headaches were international data transfers and consent.
- Compliance should not induce complacency in the future. Indeed, 2021 saw a six-fold increase in GDPR noncompliance fines: data privacy clearly remains a huge issue. This included two tech-giants and many smaller businesses.
- Why the increase? Regulation may have toughened, and reporting of incidents increased. Moreover, the pandemic exacerbated data privacy concerns. Indeed, 69% of business leaders reported more difficulty earning customer trust since the pandemic.
- Additionally, expansion and tightening of privacy laws, increased remote working patterns, and the growth of new technologies (such as AI) are likely to pose new data privacy challenges for businesses.
- Amidst such complexity, smaller enterprises unsurprisingly have queries about implementing data privacy. Some developers post queries on sites like stack overflow. A 2022 analysis of 170 stack overflow posts about data privacy found that 124 received accepted responses.
Increasing Business Risks
New ideas keep flowing. A business may have just tackled omnichannel marketing before wondering what is ci? Keeping abreast is tough. However, with business dangers increasing, it’s crucial not to neglect data privacy.
- Under GDPR, fines for non-compliance can be up to 4% of a company’s global turnover or €20 million, whichever is higher. And astronomical fines are, now, actually being imposed.
- In July 2021, Luxemburg fined Amazon €746 million for non-compliance with GDPR. They were found guilty of not seeking proper consent from users.
- Similarly, in September 2021, WhatsApp was fined $266 million.
- In 2021 across the EEA and UK, fines for GDPR non-conformity totaled more than €1 billion.
- Beyond fines, the reputational damage with consumers can also be massive. For example, due to the Cambridge Analytica revelations, trust in Facebook plummeted in 2018 from 79% to 27%.
- Yet, effective use of customer data can undoubtedly still pay off and enhance trust. 49% of consumers were more likely to trust brands that use technology to offer smooth, personalized customer experiences: so personal data use can foster consumer trust and loyalty if it adds clear value and is done in a compliant way. Indeed, more than half claimed they would stop purchasing from brands offering no personalized service. Not acting has an opportunity cost.
Given the constantly evolving legislation, work and lifestyle habits, and fast-pace of technological innovation, the data privacy challenge is here to stay.
- 67% of Americans would like the United States to adopt a framework as stringent as the EU’s GDPR.
- And, even in the EU, with the GDPR in place, 45% of Europeans still worry about their online privacy.
- In a 2022 survey, 71% of business leaders perceived that the benefits customers receive from having their data collected outweigh the risks. However, only 31% of consumers agreed!
Such a gulf in perceptions illustrates the tension with respect to privacy between, on the one hand, the interests of businesses and, on the other, the concerns of consumers. Brand trust will be won and lost in the contested space between the two.
Kate Priestman – Head Of Marketing, Global App Testing
Kate Priestman is the Head of Marketing at Global App Testing, a trusted and leading end-to-end functional testing conferences solution. Kate has over 8 years of experience in the field of marketing, helping brands achieve exceptional growth. She has extensive knowledge on brand development, lead and demand generation, and marketing strategy — driving business impact at its best. Kate has also written great articles for sites such as VMblog and CBNation.You can connect with her on LinkedIn.