Data privacy and security scares are rarely out of the news and hardly a week goes by without yet another report of data breaches and misuse, with both Apple and Facebook making recent headlines. A glitch in the Apple FaceTime feature on iPhone iOS 12.1 has made it possible to access FaceTime audio and video conversations without consent, putting the data privacy and security of millions of iOS 12.1 users at risk. The flare-up for Facebook has come with the company's plan to merge Facebook Messenger, WhatsApp, and Instagram, which has raised questions about privacy in the context of how data could be shared across the blended properties. The fact that data privacy and security scares are commonplace is alarming, doubly so in that they appear to be getting worse rather than better, despite regulations and industry initiatives designed to address issues on this front. Further action is urgently needed – or consumer trust and confidence will continue to crumble and in ways that hit service providers where it hurts.
Consumer disquiet about data privacy is no longer new, and the sharpest pain points are becoming entrenched. Key issues for consumers include data fraud and misuse, lack of control over whom their data is shared with and how their data is used. Ovum's survey on data privacy also shows that consumers do not trust the vast majority of organizations with their personal data. Outside of banks, most providers score very poorly in the data trust stakes, particularly OTT players (e.g. social platforms, media streaming services, and consumer tech firms). The least-trusted organizations, when it comes to data privacy, are music-streaming providers (2%), with app stores, telcos, and retailers only doing marginally better (3%). Although most consumers put up with poor safeguards and do not alter their behavior, a significant proportion are becoming less tolerant and, as a result, changing how they interact with services, using them less or not at all. In the case of social platforms, concerns over data privacy have prompted 10% of respondents to churn, while 20% use services a lot less (as shown in Figure 1). Consumer concerns over weak data privacy and security are also a major factor in the non-adoption of key services, including digital assistants, chatbots, and mobile payments.
Figure 1: Those that fail to prioritize data privacy will be hit where it hurts
Source: Ovum's Digital Consumer Insights 2018, N=5,122
In the European Union, the General Data Protection Regulation (GDPR) has tightened consumer data privacy safeguards, particularly rules around consent and accountability. But we recommend that all organizations embrace accountability, even if they are not required to by specific regulations. At the same time, service providers and other stakeholders should treat regulations like GDPR as the starting point, not the end game for consumer data privacy. It is probably fair to say that most organizations treat GDPR as a box-ticking exercise with little real understanding of what data privacy means to consumers. The ultimate goal should be to change the dialogue around data privacy from negative to positive, by presenting data privacy as a source of benefit and value to consumers. Approaching it in this way can potentially be a point of differentiation for service providers.
Service providers also need to take a much longer-term view of data privacy and how the dynamics are changing. The breadth and depth of consumer data insights will become ever more granular going forward, upping the data privacy stakes and making it even harder to manage. This is being driven by increasing connectivity across multiple consumer touchpoints and domains, along with advances in artificial intelligence (AI), particularly machine learning. This has the potential to benefit both service providers and consumers in terms of service innovation and advanced personalization, for example. But the benefits can only be realized if service providers and other stakeholders treat data privacy as a long game and plan now for the challenges ahead.
Straight Talk is a weekly briefing from the desk of the Chief Research Officer. To receive this newsletter by email, please contact us.