Data privacy is a challenging landscape to navigate right now. You’ll hear some people talking about data privacy before COVID-19, and others talking about it after COVID-19.
With the government looking to launch contract tracing apps, and consumers questioning what this means for their privacy – it’s important we all remember, that regardless of the circumstance, regulations like the General Data Protection Regulation (GDPR) were put into place for a reason, and right now, it’s more important than ever that businesses consumer and employee trust by complying with these regulations.
With more consumers mobilising behind a simple, but powerful, rallying cry of ‘Our data belongs to us’, businesses need to recognise that the consumer is ultimately, the rightful owner of their own data, regardless of the situation.
This means that the role of the business, is to become the custodian of that data, using it for only specific and legitimate purposes. Failing to do so can be dangerous, with individuals willing to take action against companies that contravene their rights.
In fact, according to a recent study of 2,000 business executives from PwC, more than eight out of ten (83%) agree that consumers are demanding more control over their personal data – so businesses need to take heed.
Right now, the Chief Data Officer (CDO) needs to step up, become a ‘consumer champion’ and listen to the views and feelings of consumers to shape corporate policy around data. It’s transparent, ethical and builds trust in the brand – particularly at a time when trust is low. To achieve these goals, there are three necessary steps that a CDO must take.
1.Know exactly where in the organisation data relating to customers is kept: Many organisations struggle to get a clear picture of where data relating to customers is stored - and replicated - across all of their cloud and on-premise systems. Nor can they keep track of how it proliferates across different systems or which line of business unit stores and uses it.
A company can therefore hardly claim to be acting as a responsible custodian. This is where a data-discovery process can reveal the extent of the problem and identify disparate repositories of customers’ personal information. This is a task where automation should be allowed to take the strain.
A data discovery tool based on artificial intelligence (AI) will do a far more thorough job of spotting this data, than a human employee could ever achieve - all whilst building a complete catalogue of where data resides in the organisation, including mapping it to identities.
The net result is you’ll be able to operationalise capabilities that give you the data transparency needed to efficiently respond to enquiries – including Data Subject Access Requests (DSARs) – that if left up to manual processes and procedures, incur tremendous costs and possible privacy mandate compliance violations that comprise business and customer trust.
2.Apply strong rules and standards around how customer data is handled: Governance is key, and strict rules should be applied across the entire scope of the company’s catalogued data assets. This is best achieved through the implementation of a centralised data platform that provides a single view of these assets and a centralised point for the application of rules.
These might dictate, for example, how long certain data types can be kept, who can access them and for what purposes they may be used. The task of overseeing data quality should be devolved to line-of-business managers, who understand the context in which data is collected and managed. In this way, a business can democratise the good custodianship of data and make it an integral part of the organisation’s culture.
3.Maintain consumer data over time: Good governance over consumer data is an ongoing process. As new consumer data is amassed by the company, it should be checked for data quality issues and catalogued, so that the centralised data platform always provides an accurate ‘single’ view of an individual customer, their interactions with the company, products they’ve bought and the channels they’ve used.
Automated tools - in areas such as data masking and encryption, archiving and deletion - can be a big help in ensuring that compliance goals are met. The consumer sees that they can trust the company to use data shared to know and understand them better.AI can help by automatically spotting changes to the data landscape that may require human attention and decision-making, ensuring that data is not duplicated, in order to reinforce a single view.
The trust dividend
Ultimately, even the most data-conscious consumers are happy to share data in return for more personalised customer experiences as long as they trust the brand.
Their consent, once gained, will help companies to explore more data-centric market opportunities and new business models. From a customer’s buying history, for example, an organisation might identify opportunities for add-on sales of products and related services. Or, from their web browsing patterns, the organisation might be able to make more accurate product recommendations with better targeted offers.
At the same time, the consumer sees that the organisation has an accurate picture of who they are and what they need from it, at a time when their level of trust in an organisation is fast becoming an important criterion in purchase decisions.
Ultimately, trust must come first – especially during times of crisis like these. Companies that refuse to acknowledge this fact will walk an extremely slippery path between privacy and personalisation and maybe risk losing even their most loyal customers to rivals that take a more respectful, responsible approach.
At the end of the day, consumers are always going to remember how they were treated, during periods of unease and confusion – so show them that you are there for them.