How to Use Privacy as a Business Differentiator & To Maintain Trust

A recent news report from New Zealand, “Safety of personal info worries Kiwis” highlighted how business safeguards and privacy practices impact customer trust, and subsequently retention.
A recent New Zealand Privacy Commissioner survey found, among other things:

  • 90% of respondents would be concerned, and 74% very concerned, if a business they did not know got hold of their personal information.
  • 86% were concerned if information supplied to a business for one purpose was used for another purpose.

It’s an interesting read; give it a look.
I discuss the relationship between privacy and customer trust in the first section of my article, “How to Use Privacy as a Business Differentiator” within my September issue of IT Compliance in Realtime Journal.
Here’s the unformatted version of that first section of the article; download the PDF for a much nicer looking version…
Most organizations do not view the activities and security safeguards involved with implementing privacy protections as an asset to their company. Too often they view it is a necessary evil now required by numerous laws, regulations, and industry standards. This is too bad, because effective privacy practices supported by comprehensive information security practices that prevent information security incidents and privacy breaches will help to not only gain but also firmly maintain the trust of your customers, personnel, business partners, and consumers at large.
Customer Trust
Organizations can use their privacy initiatives and information security practices as drivers to build customer trust. Think about it; there are more and more reports of credit card fraud, identity theft, medical identity theft, phishing, and other crimes and misdeeds related to the unauthorized use of personally identifiable information (PII), often because organizations had substandard safeguards in place that allowed for privacy breaches to occur.
There have been many studies related to customer trust, and they all reveal the importance of maintaining customer privacy through the use of effective safeguards to keeping customer trust. Consider just a few recent ones:

  • According to a survey published in July 2008 by, 98% of online shoppers check for some kind of security before making a purchase. More than 90% look at three or more security features before deciding to make a purchase.
  • A survey conducted for the Office of the Privacy Commissioner of Canada reported that 52% of consumers have refused a retailer’s request for PII before first asking why the information is needed, 45% outright refused to provide requested information, and 13% intentionally provided incorrect information because of their concerns over the security, or lack of, that would be in place for their PII.
  • Almost 75% of Europeans are concerned about the risks of providing PII through the Internet, according to a late- 2007 survey by the European Commission’s directorate general for justice, freedom, and security. 67% are concerned about data protection issues and providing PII to other organizations.

It is no wonder customer trust is nose-diving. Take a University of Michigan research report; using 2006 data, a research team found that more than 75% of the 214 bank Web sites they surveyed had one or more design flaws that left customers vulnerable to electronic theft of money in their accounts, their identities, or both. Incredible, isn’t it? Consumers have good reason to be concerned when e-commerce Web sites are rife with security vulnerabilities that leave their PII exposed for criminals to easily take and use at will.
The Federal Deposit Insurance Corporation’s (FDIC) second quarter 2007 Technology Incident Report supports the findings of the University of Michigan study.
The FDIC report, which was created using banks’ quarterly suspicious activity reports, recognized 536 cases of computer intrusion and an average loss per incident of $30,000, which is a total loss for the quarter of $16 million. The report also indicated the incidents were up 150% between the first and second quarters of 2007. 80% of the cases identified in its report resulted from intrusion from an unknown source that occurred during online banking.
Consumer awareness of privacy issues, and the need for businesses to have comprehensive information security programs in place to effectively protect their PII, is higher than ever before and is getting higher. When organizations experience privacy breaches, the public usually punishes them with anger and stops giving them their business, subsequently devaluing the company’s public image, reputation, and brand image and resulting in lost customer trust. Lost customer trust results in lost customers.

Tags: , , , , , , , , , , ,

Leave a Reply