How to turn a business’ privacy weakness into a business strength?
Business is lost over privacy concerns, because we distrust most organisations in handling our personal information according to the latest OAIC privacy survey (ACAPS 2017). I believe in the opportunity to further grow online business through better privacy management with further privacy focus, transparency and giving easy control to online customers on their personal data.
The Office of the Australian Information Commissioner (OAIC) has released the Australian Community Attitudes to Privacy Survey 2017 (ACAPS). It is a great read providing a current insight on what Australians think about privacy and how privacy concerns influence their behaviours.
My key take-outs of the OAIC survey are:
- Privacy concerns are growing. 69% of Australians claim to be more concerned about the privacy of their personal information when using the internet than 5 years ago.
- Business is lost by organisations deemed untrustworthy of looking after personal information. 58% of Australians have decided to avoid dealing with a company because of privacy concerns. The trend has not improved much since 2013 (60% then).
- Privacy distrust is widespread across industries. Aside of Health services providers, which are trustworthy for privacy to 79% people (a good score I suppose), no other industry is above 60%. For example, the insurance industry only attains a 40% trustworthy score. This is a big deal that a majority of Australian distrusts how insurance service providers handle their private information.
- The eCommerce industry has a big problem with how they are perceived to handle privacy, with only 19% of people trusting them. 83% also rate online privacy risks more concerning than non-digital privacy risks.
- Privacy policies are not read by most Australians. Only 29% normally read website privacy policies, and the trend has significantly declined since 2013 (40% then). In my opinion, this is a missed opportunity to appease the concerns of at least some online users and to capitalise on it.
My recommendations to businesses aiming at valorising a better privacy handling and aiming at making privacy a business differentiator are:
- Comply with applicable privacy regulations. This is the obvious first step. Not complying with privacy regulations, whether local or from other countries that your customers are citizens of (e.g. EU citizens with GDPR), will do your business no good. You could be impacted directly (legal issue) and indirectly (less business with customers’ lack of trust). In Australia, consult with the OAIC to confirm the applicable privacy requirements to your business, and consult with the guidance the OAIC provides. Seek advice from privacy advisors in case of doubt.
- Be transparent on privacy. Clearly disclose what you do with personal information and why. Importantly, promptly report personal data breaches and promptly inform affected customers. It is more than a matter of compliance. It is also a matter of better customer service.
- Provide your customers with easy and direct control on their personal data. Allow them to easily make choices about the data they provide and what they entrust you to do with it. Your Customer Identity and Access Management (CIAM) solution should be able to offer choices and control on personal data.
Further thoughts on privacy at guinoe.com.