Breach of trust measured in loss of business, Deloitte reports
90% of Canadian consumers would sever ties with an organization if it was revealed that the company used data unethically
Toronto, May 18, 2017 – Breaching trust can now be measured by the loss of customers and business. In its recent report, Privacy for sale – to the highest bidder Deloitte found that ninety percent of Canadian consumers would sever ties with an organization if it used data unethically. In essence, the cost of a privacy breach can be measured in the cost of customer acquisition—which can range from five to 25 times more than retaining an existing customer.
"In today’s increasingly global business environment, the sheer quantity of available data is growing exponentially and this in turn is increasing the potential that organizations inadvertently violate customer expectations and misuse data. Organizations that fall short of this expectation do risk customer loss," said Anthony Viel, Managing Partner, Financial Advisory and National Analytics Leader at Deloitte in Canada. "To effectively mitigate breaching stakeholder trust, organizations must devise a strong governance model to ensure employees are managing and using data in a responsible manner to give their customers more value."
Deloitte conducted a global survey of approximately 6,000 individuals across Canada, Chile, Germany, Japan, United Kingdom and the United States. The report examines global consumer attitudes as they relate to how their personal data is collected and used by organizations and how those attitudes shift in exchange for perceived value or incentives.
Despite increasing cyber-attacks and security breaches, the majority of Canadian consumers (73 per cent) are not concerned with their data privacy on a day-to-day basis. The report found that while customers aren’t completely comfortable giving their personal information away, they’re reluctantly willing to do so if it allows them to transact conveniently—even if there’s no other perceived benefit.
"Most consumers don’t actively pay attention to how their information is being collected and used, because they trust that their data is managed in a responsible manner that aligns with their expectations," said Sylvia Kingsmill, Partner, Financial Advisory and National Leader of Deloitte's Data Protection and Privacy Practice. "This approach has the potential for serious misalignment between consumers and organizations and their understanding of the ‘ethical use’ of data."
Deloitte found that how organizations define what it means to be ethical is based on what consumers feel an organization "should do" compared to what the law dictates, to mitigate risk where privacy and security are concerned. Consequentially, organizations often find themselves navigating grey zones—areas that are legal from a data privacy perspective but could be interpreted as ethically questionable by customers. To avoid missteps, companies need a clearer understanding of their customers and the cultural nuances that influence their ethical norms.
"By creating and promoting a company-wide culture that treats consumer data with integrity—and enforcing it with appropriate policies and procedures—savvy organizations will not only be able to preserve their customers’ trust, they will also have the confidence to connect with those customers in new and innovative ways to deliver them more value and a differentiated customer experience," said Viel.
Deloitte, one of Canada's leading professional services firms, provides audit, tax, consulting, and financial advisory services. Deloitte LLP, an Ontario limited liability partnership, is the Canadian member firm of Deloitte Touche Tohmatsu Limited.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/ca/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.