Building Trust in Data Protection and Compliance
Showtime reality TV show, Couples Therapy, which features couples seeking help for their distressed relationship, see individuals who have lied, cheated on their spouses, answered questions evasively, and generally disrespected a partner’s basic need for open communication and genuine connection. It’s no secret that such behaviors cause another person to experience grief, anger, hurt, disappointment, confusion, and loss. When the offending party feels guilt for their actions, it’s not only because they have hurt a person they love, but also because they have inevitably damaged a relationship that was once joyful and whole. Lack of trust is no-win game for all parties concerned.
Trust is the glue that binds people together. Trust is necessary for growth. Here are some reminders of how to build and maintain trust in relationships, within organizations, and between companies and consumers.
Keep promises. In a marriage, if you promise to “forsake all others,” do not have an extra-marital affair. Professionally, if you promise to keep client confidentiality, do not speak about them to the press. Likewise, if a company promises to respect consumer’s data privacy, they must take measures to do so.
Communicate openly. Happy couples who trust one another talk frequently and are unafraid to bring up difficult interpersonal issues. Co-workers in trusting environments are unafraid to ask questions, offer ideas, or point out errors. Companies that wish to foster trust must also communicate openly—about their mission, operations, and yes, their data policies and
Trust is difficult to establish—it takes time, commitment and consistency. Trust is not something that we can take for granted. In order to be sustained, trust must be a priority, and actions in support of a trusting relationship followed mindfully.
When it comes to the issue of Americans’ willingness to trust companies with their online activities and data collection, we are perhaps in as distressed a relationship as the couples on the reality TV show. A recent Pew Research survey found that
“roughly six-in-ten U.S. adults say they do not think it is possible to go through daily life without having data collected about them by companies. . .”
Nor do they think data collection is benign. The majority – 79% —
“are not at all confident that companies will admit mistakes and take responsibility if they misuse or compromise personal information. . .”
In personal relationship terms, that’s like saying a majority do not believe their partner will admit to having made a mistake, whether it’s having forgotten to pick up the dry-cleaning or kissing their co-worker after a few drinks at the holiday party. As far as building trust by keeping promises, the Pew Report also found a rather dismal state: when asked about their confidence in how companies handle personal data collection, a majority of Americans—57%– said they are not confident that companies actually follow what their privacy policies say they will do with user’s personal data.
Not only do consumers feel distrust and a lack of control about data collection and privacy, the topic makes them worry, according to a new Wunderman Thompson Data study . 58% of 1,500 U.S. respondents indicated they are very concerned about the privacy and security of their personal information and data. Other relevant findings in the survey include:
· 68% find Terms & Conditions and Privacy Policies “difficult to understand” and as a result, 72% only read them sometimes (25%), rarely (35%) or never (12%).
·64% say: “I worry about the security and privacy of my personal information & data, but honestly, I’ve kind of given up trying to control it.”
What can companies do to build trust?
So what can companies to do address a potentially dysfunctional relationship with their customers and manage such confusion and anxiety? A November 15 2019 Price Waterhouse Coopers survey reports on best practices and approaches by companies who are already formulating responses to data trust problems. They found that companies who are setting the pace see privacy regulations, such as the California Consumer Privacy Act, which goes into effect at the beginning of 2020, and Europe’s recently enacted General Data Protection Regulation, as an opportunity rather than an obstacle. Such companies recognize and understand that these new laws, which promise to expand consumers’ control over their data and provide new legal tools for holding companies accountable, do not create an “us-vs-them” dynamic but prompt the innovation and best practices inherent in sustaining a healthy business.
Companies that are serious about repairing or creating a trust relationship with consumers do not relegate privacy issues to the margins of their organization, but understand that privacy concerns and solutions must be built in to their product, services and business practices. They develop privacy programs, empower data governance stakeholders and privacy champions who work across the organization, and draft and operationalize policy.
They highlight transparency, provide customers with notice of how and when their data will be collected, used, and otherwise processed, and have sound mechanisms in place for the increasing number of consumers who might request access to their personal data.
Pace setting companies focus on the value of the data that customers provide. In other words, they don’t just collect as much data as they possibly can for its own sake, but instead ask: How will data be used? Why is it important and what specific benefit to the company is provided? For example, collecting data for analytic insights to improve products or user interfaces, optimize operations, provide targeted and relevant messaging may be worth acquiring (and protecting), but data that invades consumer privacy is not.
In keeping with transparency, as well as with the open communication necessary to maintain any healthy relationship, pace setters make choices and controls available to the customer; making clear where and how a customer can opt in and out of data collection or specific data usage, whether that be for analytics or marketing. Enabling clear choices around privacy is a basic tenet of respect and maintaining trust.
Pace setting companies stress security and, to that end, have adopted privacy and security engineering to make sure that security controls are well maintained and in place. They incorporate risk management to identify potential problems before they become large problems. In addition, they post regular transparency reports, and have a process to respond to government requests for user data.
Overall, these leading entities, by developing ethical principles by design, are modeling the idea that companies must consciously adopt and strategically formulate an ethical use of data as a core value. Just as companies in the past knew to earn customer trust by, for example, guaranteeing that a specific food product contained only non-toxic ingredients or that a specific power tool followed safety regulations, today’s data-driven companies must assure consumers that their privacy will be sufficiently safeguarded.
As we close out 2019, let’s commit to building trust in data protection and compliance.
#compliance #trust #PewResearch #privacy #PwC #dataprotection