The value of privacy & brands that are getting it wrong

by: on 08 April 2015

Looking at Sony, Snapchat and JPMorgan, Joe Reid from Krux looks at the fragile construct of online privacy

"It’s not just about giving consumers a way to opt out of targeted advertising. It's about giving them choice, control, and transparency over when and how their data may be used."

Joe Reid, Krux 

With British Airways recently announcing a possible breach of their frequent flyer account system, we are reminded once again that digital privacy is a fragile construct. As technology and user generated data becomes more ubiquitous, data privacy concerns among consumers and businesses is soaring. A spate of high-profile hacks in recent years – at Snapchat , JPMorgan and Sony to name just a few – have exposed the vulnerability of customer and company data and the serious consequences of not properly safeguarding it.

Eighty seven per cent of consumers believe adequate safeguards are not in place to protect their personal information, according to research by Accenture. Trust in brands that hold personal data has been eroded and once gone this can prove extremely hard to win back.

At the very end of 2013, TechCrunch reported that a site called had the saved usernames and phone numbers associated with 4.6 million Snapchat accounts and made the information available for download. In a statement to the website, SnapchatDB said that it had got the information through a recently identified and patched Snapchat exploit and that it was making the data available in an effort to convince the messaging app to strengthen its security. 

In 2014, JPMorgan, the US’s largest bank, revealed that it had suffered a massive cyber-attack on 76 million private and seven million business customers. The attack exploited an overlooked flaw in one of the bank’s websites. From there, the hackers penetrated the bank’s corporate network and with sophisticated tools reached into the bank’s infrastructure, silently siphoning off information, including customer-account data, until they were detected.

The consequences of a data breach are both reputational and financial. Sony, for example, was fined £250,000 by the Information Commissioner’s Office (ICO) for a data breach on its PlayStation network in 2011, which compromised the personal information of millions of customers, including their payment card details and dates of birth.

Meanwhile, eighty nine per cent of customers who have an unsatisfactory experience will take their business elsewhere, according to research by Harris Interactive. The problem is twofold as the cost of reacquiring the customer will be substantially more expensive.

Although consumers do continue to entrust brands with their personal data, eighty-three per cent claim they are more likely to give their business to companies they trust will use their information appropriately, according to research from GfK.

The ability of a business to keep its customer data safe is increasingly becoming a differentiator, with consumers preferring to engage with businesses they feel will adequately protect them and their personal details. It’s not just about giving consumers a way to opt out of targeted advertising. It's about giving them choice, control, and transparency over when and how their data may be used. It's also about giving businesses the tools they need for responsible stewardship and protection of consumer data.

And it’s not only consumers, but regulation reforms like the EU General Data Protection Regulation that are forcing brands to tighten up security.

“Citizens and businesses are waiting for the modernisation of data protection rules to catch up with the digital age. New technologies are emerging fast and have enormous potential for our society and economy. This potential can only be fully realised if people can trust the way their personal data is used. Ensuring trust will allow the European Digital Single Market to live up to its full potential,” explained European Commission Vice-President Andrus Ansip and Commissioner Věra Jourová on European Data Protection Day, which took place on 28th January 2015.

The rise of data management platforms is meeting a growing need for brands to house, sort and activate the large volumes of first and third party consumer data they are amassing. DMPs do not buy or sell media or data, but are the piping that moves data from one place to another, intelligently, securely and in line with market regulation.

It is absolutely critical that the technology partners with whom organisations choose to work prioritise privacy and data governance. There are several options to illustrate this commitment, for example undergoing thorough examinations of data practices, or being awarded the ePrivacyseal seal following a technical and legal review to ensure data practices comply with German and European data protection laws.

The emergence of the consumer web has given rise to a new normal. Portable computing, always-on communication and universal network connectivity have transformed people’s expectations and reshaped how they conduct their lives. When it comes to interacting with businesses, people want information that is relevant to them. And they want it now. On whatever screen they happen to have in their pocket or bag.

An inversion of the business world is upon us. People Data Management systems, a new class of business software, will help companies succeed in this new normal. It will deliver what people want anytime, anywhere and in any context, while respecting their right to privacy and choice.

By Joe Reid, MD, Krux