Attention, data-centric companies (and these days, that means just about every brand).
Consumers care about data privacy. A lot.
According to Ketchum’s second annual Social Permission and Technology Study, two-thirds (66%) of consumers surveyed are worried about data privacy, which is the exact same percentage as those concerned about data security1.
One of the primary reasons for their anxiety is they don’t fully understand, nor do they trust, what you are doing with their data. And – sooner, rather than later – they will demand you tell them all about it.
Are you ready for that undoubtedly difficult day of judgement?
Possibly not. With few exceptions, many of the companies we have had discussions with in the past year on the topic of data privacy have some form of the following answer to that question: We don’t have a good story to tell … We don’t know if we have a good story to tell … We can’t afford to be transparent, given our business model … People only care about cybersecurity.
Companies or brands who are unprepared for the sure-to-come scrutiny on the data privacy issue need to wake up, as their reputations and business models could be in severe jeopardy. Many of these companies’ revenue streams are predicated on the ability to market large portions of the data they collect, aggregate and – hopefully – anonymize.
Still, there could be some good news in the data privacy arena for companies bold enough to tackle the topic head-on. Importantly, companies that find a way to transparently communicate the details of their customer data practices, and share with them the information they are seeking, can place a reputational stake in the ground that their peers won’t be able to match.
And that could create a huge competitive advantage.
In the wake of Ketchum’s second annual survey of consumers on data security/privacy issues, we have been thinking a lot about the role communicators must play in preparing their organizations to tackle (or respond to) consumers’ data concerns.
As in last year’s survey, when we identified a tech-savvy subset of consumers – Techruptors – who are especially passionate on these issues, consumers are torn on this topic. While technology is a vital component of their lives, nearly half of consumers and Techruptors don’t believe companies when they say their data is safe or data breach issues are resolved. This major gap in confidence levels has many Techruptors taking action – by deleting apps, turning off location tracking from their devices, or using social media less frequently.
And they are unlikely to stop there. Perhaps most disturbingly to data-centric companies, 87% of Techruptors say they believe there should be more legislation around data privacy; and the general population (89%) isn’t far behind. What’s more, a majority, 51% of Techruptors, believe that large tech companies should be broken up.
Communicators must act, now.
Given this emerging firestorm of data protection activists, what can communicators do to prepare their organizations for advanced levels of scrutiny or even consumer activism? We believe there are five key steps they must take, right now:
1. Alert the C-suite.
Communicators need to insert themselves into conversations on this topic at the highest levels of the organization. Discussing the results of this study might be a good place to start.
2. Analyze your stakeholders.
By auditing what consumers – and your employees – know or don’t know about your company’s data-related activities, you’ll have a better understanding of potential problem areas to address. Relatedly, identify who among your stakeholders are Techruptors and engage with them, listen to them, sooner vs later.
3. Conduct a risk assessment.
Building on the previous step, conduct a thorough risk assessment based on stakeholder knowledge and concerns about your data practices, as well as the strengths of the practices themselves. Once you’ve identified the key risks, you can develop an approach to address those topics with these constituencies, especially the Techruptors.
4. Fight for transparency.
This may be your toughest challenge. But if you can convince internal stakeholders to proactively share transparent data policies and practices, that will eliminate much of the mystery surrounding them – and convince stakeholders you care about, and are taking steps to address, their data concerns.
5. Don’t hide behind legal speak.
Multi-page consent forms no one reads won’t save your reputation long-term. Data collection today is protected by legal speak, but your reputation needs to be protected by honesty and transparency.
In our view, consumers will ultimately be forgiving (albeit unhappy) if your company is the target of a cyberattack. That means you’ve been the victim of criminal activity.
But if their data privacy is compromised because your company chose to sell it to enhance its revenue stream, they will be less understanding. That was a choice your company made; a choice made, in many cases, without consumers’ knowledge or explicit consent.
Data privacy is a Pandora’s box of problems that is just beginning to open. If you’re concerned about the risks it presents for your company, let us know. We’d be happy to help you assess the situation and take appropriate action.
1 Ketchum’s Analytics team conducted the second annual Social Permission and Technology Study, an online omnibus survey of 1,022 adults age 18+ in the United States, between August 20th, 2019 and August 23rd, 2019. When necessary, the data was weighted to be nationally representative of the U.S. population as it relates to age, gender, region, race/ethnicity, education and income. The margin of error for the total sample is +/-3.1 percentage points at the 95 percent confidence level. Smaller subgroups will have larger error margins.