Protecting privacy, Building transparency and creating trust when sharing data


Protecting privacy, building transparency and creating trust when sharing data

The Deloitte Privacy Index 2018

This year’s Deloitte Privacy Index results clearly establishes that trust and transparency play a vital role in determining the strength of any potential symbiotic relationship between the brand and its consumers, writes David Batch

Deloitte’s fourth annual assessment of the privacy practices of the top 100 brands in Australia reveals that Australian consumers favour brands that are transparent about what they do with their data.

As technology continues to evolve and Australia’s big brands collect vast amounts of personal information, how they use it will depend on the industry, sector, and the individual business model. The general split tends to be between commoditising the data or creating a more customised experience.

In either case, letting the customer or consumer know how you intend to use their data are using in a truly transparent way will be critical. As will how you, as a brand, propose to protect their data.

Given this focus, the Deloitte Privacy Index assessed the public face of the privacy practices of the top 100 Australian brands each year, ranking each sector according to its stated actions to its customers and consumers.

And there were some big changes in the sector rankings this year. Brands primarily offering digital goods and services rose to the top of the rankings as their transparency measures were best. This enabled Information Technology operations to be the stand out sector for the first time, rising from ninth place out of ten to the top of the index.

The good news for financial services is…

And despite all the media attention for the financial services sector, the good news is they stayed close to the top, ranking #2, a ranking they have hovered around for the past three years coming in top last year and #2 the previous year. Government, which is also highly regulated, came in at #3 on the rankings, and Telecommunications and Media was a close #4. The biggest fall was in the energy and utilities sector which fell to bottom of the list #10 from #4.”

In addition to these public statements of data care and privacy practice, we also asked 1000 Australians who were 18 years and older, across regions and genders, to tell us what data they provided to the brands in return for goods and services. And what factors influenced their decision to share their personal information.

We wanted to understand the trust relationship and what factors influences the increase or decrease of consumer trust in brands. And to really determine what matters to customers and consumers when it comes to feeling they are receiving a truly fair value exchange.

We also asked consumers to consider their knowledge of privacy and tell us how they would feel if their data was involved in a breach. Also to specify their expectations if this occurred and how they would like the brands to respond to such incidents.

Key findings
  • 69% believe that trust in the brand is most important when making a decision about sharing personal information. This was then followed by the benefits they received, such as discounts, and then personalised service and rewards.
  • 68% of the representative sample said that brands are more likely to lose their trust and to damage their own reputation if customer data is used for cross-selling their personal information or used for inappropriate marketing (58%), or traded to enable sales (54%).
  • Consumers are aware that their personal information may be shared with third parties and 41% are comfortable in allowing a brand to transfer their data if they trust the brand and there’s a benefit for them.
  • Of concern was that 58% of consumers are unaware of the requirement by law to notify them of any data breach under the 1988 Privacy Act if their data is likely to be misused.
  • That said 90% of consumers still expect to be notified if their personal details are involved in a breach.
  • 76% of respondents indicated that they would be more likely to trust a brand after a breach if there was timely notification of the breach, a detailed explanation about it as well as detailed remediation plans, and ongoing notifications on the progress.

As the relationship between brands and consumers constantly evolves, brands have to amend their privacy practices to meet both consumer expectations and regulatory change. The increasing emphasis on consumers ‘owning and having control over’ their data is a seismic change to the status quo.

Five ways to ensure an effective, transparent symbiotic relationship:
  1. BE UPFRONT You’re good at marketing the consumer benefits of sharing data; become good at including the benefits you obtain in that communication. Do this before you collect a consumer’s personal information. Footnotes, links to and off-site references can seem like you are trying to hide something.
  2. ENSURE YOUR PRIVACY POLICY IS CONCISE, DIRECT AND FOLLOWS THE OAIC GUIDELINES Too many privacy policies are missing key transparency elements and are legalistic, vague and difficult to understand. The consumers who do take the time to read your policy are probably most likely to exercise their rights. Look at ways to be more direct and explore other ways to deliver the message, like a video or layered notices.
  3. DON’T RELY SOLELY ON YOUR PRIVACY POLICY OR TERMS AND CONDITIONS Consumers have indicated that they are unlikely to read these, so explore other options for communicating your plans for personal information use in order to maintain trust.
  4. BE CLEAR HOW YOU WILL USE PERSONAL INFORMATION Using vague or highlevel terms can be misleading. Be clear on what, where, when and how a customer’s personal information will be used.
  5. DEVELOP AN INTERNAL DATA RETENTION AND DESTRUCTION POLICY AND PROCEDURE Many companies are unable to be clear about how long they will hold a consumer’s data and whether it will be destroyed or permanently deidentified. This is typically because there is no internal policy or procedure to help define this. Once internal data retention policies and procedures are developed, these will enable consumer facing privacy policies and other communications to be clear about how and when data will be retained and destroyed.

Mutuals Eye AI

A group of Mutuals will be coming together to assess the application of artificial technologies to their operations. Gateway CEO Paul Thomas said the project is expected to take over 12 months. The project has been initiated to understand how robots and AI can be used to improve processes. Without wishing to preempt what the broader group of mutuals will decide, Thomas is clear what AI means for Gateway. “We are of the mindset that AI can be deployed in the back office rather than focusing on the front office.

“These technologies will allow organisations to automate and improve back office processes allowing staff to focus on areas that provide a better service to people,” Thomas said. In terms of how such innovations will impact staff morale, Thomas believes that artificial intelligence and automation will create more jobs than it destroys but says it is also important to frame the debate in a proper way.

“The AI term scares people. There is always a concern that flesh and blood employees will be supplanted by robots. At Gateway, however, we believe we need to embrace technology. This technology can be banking apps or AI,” he said.

Mutuals better placed

Thomas is of the view that mutuals are better placed to deploy this type of innovation. “The mutual sector excels in customer service. This has been consistently revealed in industry surveys. “We can effectively balance the human touch with providing automated services. When you phone Gateway, a human still answers the phone,” he said.

These technologies will allow organisations to automate and improve back office processes allowing staff to focus on areas that provide a better service to people,” Paul Thomas, Gateway CEO

This article was first published in Asia-Pacific Banking & Finance.

Published: June 2018

Did you find this useful?