Risky Business | Consumer Products | Deloitte Netherlands


Risky Business

Keeping up with the changing consumer

Consumers expect more and more product customization and innovation, but have also become more critical about the collection and use of their personal data, including identity theft. They abhor the idea of a Big Brother watching them all the time, and are very aware of the dangers of data leaks. How to (re)build consumer trust and turn the risks of collecting consumer data into added (customer) value? Here are a few tips.

March 26, 2019

Intimacy can be creepy

Customer intimacy has become key in consumer business. During the last few years, all kinds of new technologies have been adopted to offer more personalized offers and products to consumers. Actually, some retailers are already able to predict what a customer might need before the customer knows this himself or herself.

But do consumers really want this type of intimacy? When does customer intimacy turn into creepiness – and when do you run the risk of losing them because they appreciate their privacy?

What you don’t collect, can’t be leaked

One of the things to consider, is: only collect the data you really need. Businesses tend to collect huge amounts of data. Some of these are pivotal for product development and innovation. Other data is collected, stored and never used. This is not only costly, but also risky if consumers are not aware of this. In case of data leakage – for which unfortunately the rule applies: not if, but when – consumers and media will find out about the extent of their personal data being collected. Or maybe an employee disapproves of the storage of unnecessary personal data and becomes a whistle-blower. Either way, the result may be reputational damage or even loss of consumers’ trust. On the other hand, if you have given data collection ample thought and are transparent about this to your consumers, they will certainly appreciate the efforts you make to inform and protect them.

Privacy by design

What helps, is considering from the very start how to design products and services that not only comply with rules and regulations, but also with your own ethical standards and with consumer expectations. Instead of adding privacy and security measures to an already finished product or service, opt for ‘privacy by design’ and ‘security by design’. Probably even better is to involve consumers in this process. After all, if they are involved in panels to express their opinions on the product or service itself – during the development process – why not also ask them what information they are willing to share and what not? What is the balance they are comfortable with between privacy and added value in the shape of personalized offers and products? 

Be transparent & resilient

Along this line of thought it is also recommendable to involve the marketing and communications department from the start. They are the ones who know how to communicate with your target group and will probably have the best ideas of how to be transparent about data sharing. Consumers might be very interested in receiving certain personalized offers, but need to know what the consequences are in the field of privacy. A (lengthy) privacy statement might not be the best solution. Providing such a statement might comply with rules and regulations, but does not mean that consumers have actually read it and understand what they are in for. To avoid a sense of ‘creepiness’ afterwards, it is wise to consider how to explain the pros and cons of sharing personal data in a ‘language’ your customers understand. For some brands and products that could be a website, for others it might be an instructional video, or even a poster campaign.

Again, as said before: incidents will occur. Since 100% prevention is an illusion, it is pivotal to be well-prepared and to be resilient. For instance, when we get into our cars, we know we run the risk of being involved in an accident. So we wear seatbelts, have airbags installed, we avoid heavy weather when we can, and don’t allow ourselves any distractions while driving. That is how we keep ourselves safe. Businesses can minimise risks by offering awareness trainings to their employees, protecting most critical data assets, monitoring for cyber security risks, and taking immediate action whenever incidents occur. It is crucial to manage the risk of cyber security incidents with confidence. This also includes transparency about these incidents and learning from them. That will build and, if needed, restore consumer trust.

Managing consumer data: from risk to added value

A final piece of advice: please find the latest developments in the field of consumer trust and privacy in our report Risky business – Keeping up with the changing consumer with figures and insights on e.g. how consumers feel about who is responsible for securing user data, boycotting companies that breach General Data Protection Regulation (GDPR) rules, and other consumer concerns in this field. What do the findings in the report mean for particular consumer business companies and target groups? And what opportunities do they offer? If consumer businesses use these insights well, they might help to turn risks into added value for consumers – and for themselves.

Did you find this useful?