What a perfect day in data privacy looks like
Everyone wants extraordinary online experiences without sacrificing the security of their personal information. Yet according to Ping Identity’s 2022 Consumer Survey, 77% of people feel they will never be in full control of their privacy online and still blindly accept the fine print terms and conditions that allow businesses to profit from their data.
In a perfect world, businesses would provide complete transparency about how they collect, store, manage and share a person’s data, while making it easy for them to control their privacy settings. Unfortunately, too many businesses don’t fully reveal how customer data is being used, often exploiting gaps in regulations and public awareness.
Cybersecurity and privacy leaders should realize that as consumers become more aware of their data autonomy, enhanced data privacy can offer a real competitive business advantage. If businesses want to earn consumer trust long-term, they need to make data privacy a matter of choice in the near term. With every digital interaction, there is a new opportunity to not only keep customers happy and protected but help the business stay ahead of the competition.
The challenge is that in this digital-first economy, most consumers experience dozens of online interactions every day. As data becomes embedded in each interaction, numerous data privacy concerns come into play throughout. And there’s no clear and easy understanding of what and where your data is being collected and shared.
But what if there was?
Imagine how a perfect day in data privacy would unfold when businesses implemented privacy measures that consumers want.
Progressive profiling is a good start. It limits what data is collected about the consumer by gathering smaller amounts of information incrementally instead of all at once. Rather than inundate new users with questions and sign-up forms, businesses that adopt progressive profiling collect personal data gradually over time as a customer uses their product or service. It minimizes friction while delivering a happier customer experience. Businesses can also incentivize consumers to share more information as the relationship and trust grows.
Consumers will also be able to clearly see when their data is being collected and shared by a business when they interact. They can retrieve their personal data easily from every business, revoking or setting preferences for how it is used.
Consumers would no longer feel like their digital devices are spying on them, even at home. Devices that listen and even watch – such as smart speakers and smart TVs – are ubiquitous. Consumers would no longer experience the intrusive pop-up ads and emails for products or services that they just casually mentioned in conversation.
In fact, on a perfect day, consumers would not receive any unsolicited emails and texts that they must delete or ignore while they overtake their inboxes. When making a one-time purchase from a business that they probably will never engage with again, they won’t receive any emails or texts from the business offering deals and discounts.
Consumers visiting websites for the first time aren’t forced to respond to any website requests for cookies. Or at the very least, when presented with a cookie banner, consumers can simply click a “reject all” button rather than having to check/uncheck a long list of preferences.
Consumers can also do a quick review in a credentialed, digital wallet to see which businesses have access to their data. The digital wallet can identify which businesses no longer serve the consumer and easily revoke access.
On social media, consumers will now know what information about them is shared to tailor targeted ads and provide easy ways for them to update that information whenever they want.
Businesses will have stopped the practice of collecting and hoarding every item of information from a user, only to figure out how to monetize it later. Instead, they collect the bare minimum, provide consent and data management controls on the fly, and dispose of any collected data that is not used within a limited period.
Data privacy policies will also be easy to understand. When businesses disclose their policies on the website, consumers are not confronted with pages of legalese, often so complicated that individuals simply give up and accept.
For US consumers, a new national privacy law similar to the European Union’s GDPR is in effect rather than the menagerie of state- and sector-specific laws that comprise US data privacy regulations today.
And on a perfect day, no personal data is sold or shared between other entities without notifying consumers and gaining their consent.
Sounds great, right? Now, how can we make it a reality?
Consumers feel helpless every time they are required to provide information to businesses or when data is passively collected without transparency, fearful of how that data may be exploited. Yet they also expect engagement with a business online to be seamless, secure, and personalized – all of which require some collection of a person’s data. It’s a difficult balancing act for businesses to achieve.
But businesses can earn trust by making privacy terms transparent, allowing consumers to understand what personal data is collected and how it is being used. And most importantly, providing the controls to put them in charge of their own privacy preferences.