Sharing data, protecting privacy, transparency and trust
The Deloitte Privacy Index 2018
18 May 2018: Deloitte’s fourth annual assessment of the privacy practices of the top 100 brands in Australia reveals that consumers choose brands that are transparent about what they do with their data.
“Australians want to know how their personal information will be used. And how it will be protected,” Deloitte national Cyber Risk Services lead partner Tommy Viljoen said. Adding that: “Honest communication about which data is being used for what, and why, will be essential for future value exchange.”
The 2018 Deloitte Privacy Index considers the reality that as technology, consumer demands, and business models continue to evolve, brands are collecting vast amounts of personal information, which increases exponentially each year.
Viljoen pointed out that: “Each brand will use this personal information differently. Some will commoditise it, others will use it to create a more customised experience. In either case, transparency with the consumer on how their personal information will be used and protected is critical.”
David Batch, Deloitte’s new National Privacy and Data Protection Lead, explained that the professional services firm conducts an annual assessment of the public face of the privacy practices of the top 100 Australian brands each year, ranking each sector according to its stated actions.
“There were some big changes in the sector rankings this year given the focus on transparency of personal information processing. This meant that brands that offer primarily digital goods and services ranked better on transparency measures and Information Technology operations was the stand out rising from 9 out of 10 to #1 and top of the index.
“Despite all the media attention for the financial services sector, the good news for them is they stayed close to the top, ranking #2.
Batch said: “We also asked 1000 Australians over 18 years old, across regions and genders, to tell us what data they provided to the brands in return for goods and services. And what factors influenced their decision to share their personal information. We wanted to understand the trust relationship and what factors influence the increase or decrease of consumer trust in brands.
“We also asked consumers to consider their knowledge of privacy and tell us how they would feel if their data was involved in a breach and what their expectations were for the brands to respond to such incidents.”
- 69% believe that trust in the brand is most important when making a decision about sharing personal information, followed by the benefits received, such as discounts, personalised service and rewards
- Brands are more likely to lose consumer trust and damage their reputation if customer data is used for direct sales (68%), inappropriate marketing (58%), and cross-selling of personal information (54%)
- Consumers are aware that their personal information may be shared with third parties and 41% are comfortable allowing a brand to transfer their data if they trust the brand and there’s a benefit for them
- 58% of consumers are unaware of the requirement by law to notify them of any data breach under the 1988 Privacy Act if their data is likely to be misused
- 90% of consumers still expect to be notified if their personal details are involved in a breach
- 76% of respondents indicated that they would be more likely to trust a brand after a breach if there was timely notification of the breach, a detailed explanation, detailed remediation plans, and ongoing notifications on progress.
Viljoen said: “As the relationship between brands and consumers constantly evolves, brands have to amend their privacy practices to meet both consumer expectations and regulatory change. The increasing emphasis on consumers ‘owning and having control over’ their data is a seismic change to the status quo.
This year’s Deloitte Privacy Index results clearly establish that trust and transparency play a vital role in determining the strength of any potential symbiotic relationship between the brand and its consumers.
As the Australian Privacy Commissioner Timothy Pilgrim said when commenting at the commencement of the Notifiable Data Breaches scheme: “The success of an organisation that handles personal information, or a project that involves personal information, depends on trust. People have to trust that their privacy is protected, and be confident that personal information will be handled in line with their expectations.”