The New Data Privacy Paradigm
2018 was a pivotal year in data developments; the GDPR entered to shake up the privacy landscape and usher data minimization and improved data privacy experiences into the forefront of global awareness.
Four years later, data privacy continues to be a hot topic and a source of pervasive concern for internet users and businesses alike. With digital activity showing no signs of cessation after the initial explosion at the onset of the pandemic, the demand for even greater control over personal data remains a spearhead of industry discussion. Consumer mistrust is rampant, regulatory policies are quickly changing, and organizations are increasingly vying for customers in already over-saturated markets. All of these factors have set the wheels of the new data privacy paradigm into motion.
As a Mine partner, Ronald van Loon had the opportunity to interview Gal Ringel, CEO of Mine. The discussion focused on the critical role businesses must play in the growing movement towards improving data minimization and data privacy and how to address the associated challenges.
In an age of growing demand for more robust data privacy practices, organizations have to do everything possible to improve data access and transparency and seize new opportunities to build their brand as trusted industry leaders. Simultaneously, consumers must understand what data privacy empowerment opportunities are available that allow them to exercise more authority over their personal data.
Digital Footprints & Risk Exposure Increases
Traditionally, data sharing has often been a one-way commercial street; personal consumer data was collected from a near limitless variety of online sources and transactions to fuel customized digital services, marketing campaigns, company innovations, and market forecasts. Though user data was the product of an individual’s unique online behaviors, the data was frequently perceived and treated as a business’s proprietary resource.
The data economy is evolving to reflect new regulatory changes that are emerging on both a global and local scale. According to Gartner, 75% of the global population’s sensitive data is anticipated to be covered by modern privacy laws, which is the business driver for privacy operationalization. Many organizations still struggle with a lack of dedicated privacy protocols and as regulations expand, businesses are under urgent pressure to solidify their privacy strategies. This creates even more challenges considering how essential data-driven analytics have become to a company’s success.
The GDPR and other privacy regulations, like the California Consumer Privacy Act (CCPA), introduced a new era of privacy consciousness surrounding legal rights to how consumer personal data is being accessed, gathered, used, and erased, should they so choose. The accessibility of these rights, however, has been a difficult terrain for consumers to navigate. It can also lead to consumer burnout and acceptance of general opt-ins rather than dealing with the tedium of manually managing these options.
For organizations, regulations are an equally complex area to traverse as these new privacy laws had to be suddenly managed without any real helpful guidelines or standardized practices. But data privacy and data minimization are more crucial now than ever.
“As someone with years of experience in the cybersecurity world, I can say that no company can truly protect itself against data breaches; collecting an excess of consumers’ data will put the company and the customer at a higher risk,” Ringel states. “Therefore businesses should also be proactive about their customers’ data privacy and protection and review their data minimization and retention strategies. This might seem counterintuitive initially, as a lot of data is often collected for sales/advertising/marketing optimization purposes and market research. But, this can protect them from brand damage in the future.”
For businesses and consumers, this is two sides of the same coin. Consumers need to know where their data is delivering real value and where unnecessary data can create vulnerabilities. Organizations need to mitigate security and compliance risks while overhauling their data minimization and retention strategies to protect both their company and their customers – and cultivate customer trust.
The Data Privacy Dilemma
Personal customer data is now viewed as a valuable commodity owned by those who generate it. To earn the right to consumer data, organizations must win and maintain their customer’s trust without impeding business innovation and growth.
“Providing consumers with data ownership and protecting their data privacy is more than just a compliance need; it elevates brand reputation and trust. Consumers will choose companies that provide transparency, easy access, and control over their data, making data privacy and ownership a brand necessity in 2022,” Ringel explains. “It’s no coincidence that tech giant Apple has been doubling down on its privacy focus and making it one of its key differentiators. Businesses that actively show consumers that they care about privacy by providing an easy way for customers to exercise their rights will be rewarded by higher consumer trust.”
Digital trust is synonymous with a brand’s reputation. In fact, 87% of executives revealed that reputational challenges are more critical in today’s economy than strategic risks. But digital privacy laws are extremely diverse depending on the jurisdiction. For example, the U.S. does not have a cohesive federal digital privacy law yet; organizations might be subject to numerous privacy regulations according to their offices, customer location, and industry. The upcoming American Data Privacy and Protection Act(ADPPA) in the U.S. could change this. This bill is great because it relies primarily on a data minimization approach.
Furthermore, 97% of Americans are worried about data privacy and 87% believe it’s a human right, and are therefore more discerning about the type of data they’re willing to share. Consumers are also taking more proactive measures to secure their personal data but 90% are very willing to share their information given the right incentive.
Organizations want to deliver a trusted customer experience, maximize the value of data, and maintain compliance. To achieve this end, many organizations are prioritizing their dedication to weaving data privacy into their brand’s very DNA.
Some key components to building customer trust include:
- Share any investments, advancements or achievements your company has executed in addressing any data privacy gaps or issues – this could be as simple as a social post.
- Be aggressive and proactive in championing the latest privacy standards using proper solutions fit for the ever-changing legal landscape.
- Stay educated on the latest data privacy regulations, innovations, and improvements.
- Be transparent about where customer data is used and ensure it is readily attainable by consumers. This can be accomplished by creating & maintaining your website’s privacy center form allowing your users to control their privacy choices and easily submit standardized data access or erasure requests.
As more consumers exercise their data privacy rights, managing an abundance of consumer data requests can be a challenging undertaking for businesses – particularly as there’s currently no industry standard in place for dealing with privacy requests. Furthermore, there’s no efficient means to validate and verify the requests, which can create unwieldy processes for organizations.
Basically, companies are awash in data, data sources, and channels and it’s difficult to handle data privacy requests across a massive tech stack.
The Opportunity to Innovate in Digital Trust
Data minimization and the accompanying business challenges that arise when attempting to manage privacy requests were central to the development of Mine’s solutions.
“For many years, privacy was always about building fences around consumers to keep their data ‘safe,’ but no one wants to give up the internet to protect their privacy,” Ringel shares. We decided to change this by discussing data ownership and looking at data privacy online from a value-based perspective.”
Mine’s smart data assistant enables internet users to freely exchange their data for improved experiences and thus use the internet with more confidence by:
- Monitoring their digital footprint.
- Clearly identifying which entities they’ve shared their data with.
- Better comprehending any digital risks.
- Mitigating digital exposure and risks by sending deletion requests.
From a business perspective, the difficulties and wasted resources stemming from identifying users and the kind of data interaction that occurred, and erasing the user’s data from specific data sources, demanded a more seamless process. Email Evidence, part of Mine’s PrivacyOps platform that offers automation, pre-built workflows, live-generated data mapping and real-time visibility into all data sources, allows businesses to:
- Standardize consumer data privacy requests’ handling.
- Minimize the resources and time involved with accepting and verifying privacy requests.
- Get visibility with a live blueprint of all data sources and collected PII.
- Make use of a central hub that automatically generates records for audits and compliance.
- Develop more streamlined privacy processes while ensuring compliance with relevant privacy laws.
These solutions are intended to highlight the company’s mission of helping the entire data privacy operation so both individuals and businesses can have peace of mind regarding their data, reduce online exposure of personal data and generate improved privacy experiences for everyone.
Solidify the Future of Data Ownership
Globally, the data privacy playing field is far from being leveled. The stakes are rising alongside the continued convergence of our digital and ‘offline’ lives. Both consumers and organizations must be active participants in building a data privacy community defined by simplified, accessible data privacy rights, minimized exposure of personal data, and excellent privacy experiences. Organizations must act on every opportunity to continuously build digital trust and champion exceptional privacy standards.
By Ronald van Loon