December 2020 | 869 words | 3-minute read
“All human beings have three lives: public, private, and secret.” – Gabriel García Márquez
Human beings are social animals, and we are wired to share our lives with other humans. As we evolved, so did our ways to share data from recitals to the printed book. With the advent of computing in the late 19th century, our rate of generating and analysing data went up with a focus on productivity.
Past decade — a game changer
The past decade has seen an exponential growth in the volume of data generated, especially user-generated data. Any transaction, click, cursor hovering on the screen, device type or for that matter any digital action generates a ‘data exhaust’ which is leveraged to know more about the consumer. When used properly, the consumer enjoys an exciting brand experience with on-the-ball item recommendations, single click checkouts, customised look and feel on web pages and many other features to make them feel like the centre of this universe.
In more recent years, society has also seen the dark side to this phenomenon. From the Equifax crisis to Cambridge Analytica, significant concerns exist around definition of private data, usage of data by businesses, security of the user data and many others. In a recent research, it was identified that 41% of consumers don’t believe that companies care about the security of their data and 73% of the consumers said trust in companies matters more than it did a year ago. The challenge is both around complexity of the problem and devising a simple, understandable solution for all of us.
Given this background, governments are drafting data privacy regulations to safeguard the interest of their citizens. These regulations empower consumers to take ownership of their data and how it can be used. For the millennials and Gen Z, where digital is default and privacy is a fundamental right, trust in a brand is expanding to include how they manage and leverage personal data. According to a benchmark study, 97% of companies recognised they were realising benefits such as competitive advantage or investor appeal from their privacy investments (~$1.2 million per company annually).
However, when new data privacy regulations were implemented, it seemed like the future of data privacy was just to receive privacy notices until the inbox fills up. While the businesses are balancing between compliance and experience, they face a ticking time bomb for implementing the privacy regulations in parallel. These regulations have checks on companies, but their focus is not to curb business. Their goal is to keep everyone honest about their obligations and rights. For data privacy implementations to be successful, the focus should be on building a robust and modular approach which should evolve as the implementation progresses to take care of new scenarios, laws, etc.
What next?
The Tata brands have always been blessed to enjoy the trust of Indian consumers. As we reimagine experiences for the digital consumers, we should leverage data privacy, protection and assurance as a competitive advantage. At the core of it, we should respect privacy as a fundamental right. Here is a set of seven easy-to-follow tenets to get us started.
1. You shall not be greedy: Ask as much data as you need, not as much data as you can get. Why ask for the hobbies when all the consumer wants is to order a burger?
2. Think before acting: As we build experiences, brands should look to incorporate privacy in the design itself and build robust consent mechanisms. These should be incorporated while building systems and not ‘layered’.
3. Glass houses are best: Adopt simple mechanisms to share the purpose of data collection with the consumer. Inform the consumers in a simple and truthful manner and be rewarded with their trust. Communicate often to convey the changes simply.
4. Build deeper connects: Businesses will need to build tie-ups, leverage data and deliver unique experiences to engage the consumer. While digital business ecosystems will be natural winners, businesses will need to exercise caution about who they partner with and have effective data sharing norms.
5. In god we trust, but still deploy the aircraft carrier: As businesses acquire more data, it becomes a fiduciary duty to protect it. Businesses will need to build enough cybersecurity measures to protect systems and data and, more importantly, the consumer.
6. Enjoy a data detox: Brands should periodically evaluate the data elements which are stored. If not being used and/or not needed from a regulatory perspective, it may be best to do a clean up to reduce risk exposure.
7. You shall not covet: Each business will have different paths to reach the holy grail of happy consumer, happy regulator and happy shareholders. What works for a business is purely dependent on its business model.
In summary, if our businesses process only the data they should, make the right asks of teams, be transparent, and carry their share of the responsibility with honour and not mere compliance, we will not only build ‘privacy’ into the DNA of our businesses but also put our brands into the baskets of the growing digital generation.
—Shibashish Roy & Burgess Cooper
