Private information and the online world can make for strange bedfellows; people feel safe to share their personal thoughts or experiences in a social media forum but can be more cautious about what personal information they let businesses collect.
This dichotomy is hardly surprising. Consumers today have a host of social incentives to share all sorts of personal information online. What used to be kept private can now be made easily accessible and public. And the ability of companies to track, store and analyze this sort of data for targeted marketing has grown at an incredible rate.
Customers demand personalized offers but they also expect that that the privacy policies of the companies they do business with will be transparent about how personal information will be used and how it will be protected.
Privacy has become the primary consideration for digital consumers, and it is especially important when it comes to minors. Trust needs to be established before a business can push the privacy envelope, such as offering incentives in exchange for personal information.
The objective is a win-win scenario — enhanced information flows based on transparency and consent that better target the customer.
In our recent report, Customer focused growth: Rising expectations and emerging opportunities, Deloitte noted that changes in consumer behaviour and the growing acceptance of data collection, disclosure and use will compel companies to revisit their privacy policies and rules about customer consent.
Here are some important things to consider when collecting data:
Revise your privacy policies – and do it right
Most of the laws and regulations safeguarding Canadians' privacy were passed years ago, long before we'd even heard of smartphones, mobile apps, GPS location tracking and social media. Along with the corporate policies and practices that are based on them, these laws and regulations are simply outdated.
Revising their own privacy policies and procedures offers an excellent opportunity for companies to rethink their approach to privacy. Many are moving away from a compliance-based model to put customer privacy at the fore-front of what they do. This aligns with one of the seven foundational principles of privacy by design, a philosophy in which companies design their technology and organizational policies so that privacy becomes the default.
Companies would do well to consider the privacy needs of their customers and build them into processes, products and services from the outset.
Making privacy a proactive governing principle, rather than a set of rules to be complied with, helps companies avoid costly missteps.
Be as transparent as possible
Customers need to know how their data will be used, stored and shared. It's essential for companies to be crystal clear about their intentions and practices. This sort of transparency can build trust, too: 75% of Canadian consumers who trust businesses, for example, are willing to provide more personal information in exchange for relevant offers.
When explaining how customer data will be used:
Be extremely careful with minors' data
It's vital that companies take special care with the privacy of underage citizens. Strict adherence to best practices in marketing and advertising that is based on consent when it comes to minors is non-negotiable.
Embracing a privacy-by-design philosophy can help protect companies, customers and minors. By making it the main guiding principle of any initiative, businesses can make smart, ethical decisions that enable them to avoid unnecessary risk and loss of customer trust.
Remember this simple but effective rule-of-thumb: If you can't protect it, don't collect it.
Sylvia Kingsmill is a National partner and Leader of Data Protection and Digital Privacy in Deloitte’s Enterprise Risk practice. She has 15 years’ experience advising on compliance and privacy and on privacy- and security-enhancing technologies and the responsible, ethical use of Big Data.
