14 Aug 2018, 12:00 — 8 min read
Last year alone, more personal data was harvested than in the previous 5,000 years of human history as per Forbes. Every time, we access the internet from our smart devices— be it through an app, a website or service—data about us is collected. Google has been collecting user data since over a decade to power its predictive search, syncing services and personalised suggestions.
Today, data is being collected on a scale larger than ever. With the help of smart technologies, enormous amounts of data about what customers see, hear, feel, and decide is being monitored, collected and analysed as companies strive to serve customers in a more relevant and personalised way. This brings data privacy into sharper focus today than ever before.
The whole world revolves around data being continuously collected and used, whether the customer likes it or not. This makes the customer vulnerable to a large scale of problems, from hacks to cases of identity theft. Customers may like personalised messages but there is apprehension about the extent to which companies know about them and their behaviour. There does lie a little sense of security in the fact that data collected from a customer is anonymous in an ocean full of scattered data. It remains a concern nevertheless. Even if customers trust the company to keep their data safely encrypted, the guarantee of safety from third-party attacks remains a worry. Data breaches at Facebook and Gmail are cases in point. The general thinking is: If it could happen to them, it could happen to anyone.
To allay the paranoia and insecurity, it is the responsibility of the company to make sure:
1. Customers are made aware of what is being collected and why
Do customers actually realise what they share? Are they aware that when they check in on Facebook, they are letting Facebook know where they are and with whom? Do they realise that when they use Google glasses, Google can ‘see’ everything they do? Even apps that provide the identity of unknown incoming calls do so by mining your entire contact list.
“It’s the customer who defines where lines must be drawn and it is they who decide the level of personalisation they want,” said Amit Sarda, Co-Founder of Soulflower, a company that takes personalisation to the next level by making products/fragrances based on a customer’s Sun signs and suggesting it to them as per the changing weather or time of day. It is essential that they understand the risks of every new service that they are offered. Until customers are made aware of not just the data they are sharing, but also the various uses of the same, there will remain scepticism about data collection.
2. Data is used for a set purpose
Attacks from third parties is not the only way that data can be compromised. Stealing of data by unscrupulous employees, selling of data to third parties, using it for things other than intended are all forms of data being breached. Companies must ensure strict terms of agreement and be vigilant about its execution. “If a customer shares trust with a brand, it’s the brand’s responsibility to take required efforts and maintain certain level of privacy to protect the information of its customers,” said Amit.
3. The entire organisation is made responsible
Often, the onus of protecting data and preventing misuse is on those handling the data. However, according to Hemant Agarwal, CMD, V-Bazaar Retail, “The main responsibility of data privacy is of the entire organisation, not just one department. To use data ethically we should unanimously make an efforts to stop misusing the same”.
4. Data collected is kept safe
This seems like the most basic, but it is the most critical aspect of data privacy. Company should do whatever it takes to ensure that it follows the latest standards of data security and that its systems are up to date at all times. In case of a data breach, it’s critical information about people as well as the company’s reputation on line.
“While it’s true that data privacy is about minimising damage when attacks happen, when maintaining data privacy, we should not just aim at minimising damage, but ensure that we don’t reach the stage of an attack,” said Naviin Ibhrampurkar, Head – Marketing & Corporate communications, Inorbit Malls.
Companies want to stay ahead of the competition and customers want to be pampered. The only way to achieve both is through big data. If used correctly, data can really help brands connect with the customer and serve them better, like Inorbit Mall that uses customer data to share personalised offers. “There are many advantages of data collection and we are yet to use them to the fullest,” said Hemant.
However, there is a thin line between personalisation and intrusion, which brands have to be mindful of. Innovations are inevitable, but customers must be given their space, and if required, the choice to reject.
In the words of Naviin, “It is crucial to inform customers with discrete terms and conditions as to how exactly that data is going to lead to personalised services and communication. Every time data is captured and used, there must be explicit, loud and often multiple permissions, with clear and simple processes to opt out.” Only transparency will help win trust.
GDPR: The next step towards Data Privacy
The General Data Protection Regulation (GDPR), at its core is a new set of rules designed to give EU (European Union) citizens more control over their personal data. It replaces the outdated 1995 Data Protection Directive, and aims to simplify the regulatory environment for a business so both citizens and businesses in the European Union can fully benefit from the digital economy. Under the terms of GDPR, not only will organisations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it will be obliged to protect it from misuse and exploitation, as well as to respect the rights of data owners or face penalties.
Although GDPR has been formed for the EU, it also applies to organisations operating outside of the EU, which offer goods or services to customers or businesses in the EU. This has resulted in more and more companies presenting themselves as being GDPR compliant.
“The European parliament led GDPR is going to be one of the first regulations, applicable trans-nationally and is going to be a learn- ing experience in terms of implementation,” said Naviin Ibhram-purkar, Head – Marketing & Corporate communications, Inorbit Malls. “There is a distinct possibility that countries where GDPR isn’t applicable will use it as a base framework to create their own models,” he added.
Article by Chetan Nayak published in STOrai Magazine
Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views, official policy or position of GlobalLinker.