According to a recent study by KPMG, consumers are becoming increasingly concerned with and distrustful of how companies safeguard their personal data against misuse and theft. Companies must take steps now to keep pace with expectations, or risk losing access to the data that increasingly drives business strategy, insights and success.
To learn more about how consumers are thinking about data privacy and what they expect from corporations, KPMG surveyed 1,000 Americans. The survey revealed that consumers overwhelmingly agree that data privacy is important, and that they want corporations to take significant steps to better protect, manage and ethically use their data.
- 91% say corporations should take the lead in establishing corporate data responsibility
- 87% of consumers say data privacy is a human right
- 68% don’t trust companies to ethically sell personal data
- 65% of Americans reported avoiding opening email attachments from unknown senders
- 56% say companies should prioritize giving consumers more control over their own data
“Getting data protection and management right isn’t optional,” notes Orson Lucas, Principal, Cyber Security Services, KPMG. “Corporations rely on the insights they get from customer data to sharpen their strategy and enhance the customer experience. But with access to that data there is an obligation to protect it. Ultimately, consumers will hold organizations that fail to do so accountable.”
The KPMG report also found that despite their concerns about data privacy, consumers have to do their part. About three-quarters of survey respondents say they consider it risky to use the same password for multiple accounts (78%), use public Wi-Fi (75%), or save a credit card to a website or online store (74%), for example. Yet more than 40% do each of those things.
Sixty-one percent of Americans don’t use computer security software or, when available, multifactor authentication. Additionally, 69% of consumers chose not to install mobile device security software when available.
Nevertheless, 90% of survey respondents agreed that all citizens should enjoy the following rights, currently accorded to California residents under the California Consumer Privacy Act (CCPA):
- The right to delete personal data (91%)
- The right to know how their data is being used (91%)
- The right to opt-out of having their data used (90%)
- The right to nondiscrimination in the use of their data (89%)
KPMG notes that data privacy is a dynamically changing expectation that will be a reality every organization will have to deal with. Large organizations are already grappling with disparate regulatory requirements here and abroad and more are on the way. But there’s still time for companies to get on the right track. KPMG recommends the following measures employers can take now:
- Adopt a principles-based approach to data privacy and security.
- Leverage emerging technologies to better protect and manage customer data.
- Conduct privacy impact assessments, especially as new return-to-work solutions are introduced amid the COVID-19 pandemic.
- Make sure consumers know about your data privacy strategy.
State of Awareness
Overall, consumers have increased their awareness of data privacy issues. They are beginning to demand more and this is being reflected in new laws at the state level. At the Federal level, Congress has had some success in mandating data privacy, notably through the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
But much has changed in the last 24 years. A new business model has arrived that relies on the automated collection, deep analysis and sale of voluminous consumer data – all occurring without our knowledge or consent – for the purpose of manipulating and predicting our behavior. So far the States and Congress seem to have no awareness of this new brand of capitalism, much less understand the economic, political and societal dangers posed by the continued development and use of the underlying technologies. Thus, we may already be at a point where real data privacy reform will be forever elusive.
Nathan Muller is the author of 29 technical books and over 3,000 articles that have appeared in 75 publications worldwide. He also writes articles, blogs and social media content for tech companies and their executives.