According to research from Forrester, the way companies handle and protect consumer data privacy is more than a compliance issue. It's important for customer insights (CI) teams to have an understanding of global privacy concerns since they affect the business' ability to collect, store and use customer data.
The survey included 3588 responses from employees involved in planning, funding and the purchasing of business and tech products and services. And found that while 50 percent of security and risk (S&R) pros worry about customer privacy concerns in the US, the number in emerging markets – where many firms are looking for new customers – is significantly higher.
When asked to rate their concern for each source of information risk and the potential impact it could have on their organisation, security decision makers from Germany (34 percent), France (36 percent) and the UK (42 percent) are highly or extremely concerned.
Elsewhere in the world, respondents are more concerned with customer privacy. Security decision makers from India (76 percent), China (71 percent), the US (50 percent), Brazil (51 percent), Canada (47 percent) and Australia/New Zealand (43 percent) expressed such concerns.
In these same markets, a majority of more security decision makers from outside of Europe consider privacy a competitive differentiator: India (44 percent); China (37 percent); Brazil (33 percent); the US (32 percent); Germany (27 percent); Canada (26 percent); Australia/New Zealand (26 percent); the UK (26 percent) and France (23 percent). Firms across the globe must therefore understand the risks and opportunities that come with privacy.
Today, 52 percent of enterprise security technology decision makers say that within their organisations, it is solely the responsibility of their group to protect customers' personal information from privacy abuses. Cyber-security groups tend to be overcautious in their approach to customer data collection and use since their decree is to protect data.
Since security teams don't have a seat at the business planning table, privacy efforts don't always receive the full attention they deserve. A solution is to address privacy practitioners in business strategy from the outset to protect the team from running into project delays.
The report identifies an effective privacy organisation has these attributes for success:
A privacy leader
Identify and limit potential conflicts of interest
Create escalation procedures
Define the relationship between privacy and compliance
Audit data assets
Talking specifically about organisations that worry about customer concerns over privacy, Enza Iannopollo, CIPP/E, analyst at Forrester told SC Media UK: “We found that existing regulatory, business and customer climate largely influence this worry. In the European Union (EU), in particular, where data protection regulation is quite stringent – and getting even more so with the upcoming General Data Protection Regulation (GDPR) – a lower, yet still sizable percentage of companies express concern compared to firms in other territories. For example, European organisations are more used to collecting data with customer consent or addressing data access requests than their peers in other geographies and this gives them more confidence.
“However, there's a silver lining to this concern and awareness: A growing number see a business opportunity and view privacy as a competitive advantage for their business.”