A Private Moment: Consumer Angst over Personal Data

While Cambridge Analytica has filed for bankruptcy, the outcry over the revelation that it used data must remain at the forefront of businesses' concerns as they claw back trust from their customers. Hundreds of millions of consumers have willingly shared personal details with Facebook, Google, Amazon, and others for many years with little concern.

Now, an increasing awareness of the power of consumer data and the nefarious or even destructive uses to which it can be applied takes consumer privacy from a regulatory hurdle to an integral concern for companies, effecting everything from selecting and implementing technology vendors, customer engagement strategies, data partnerships, and advertising campaigns. At the same time, there are cumbersome burdens being imposed on companies by the imminent European Union General Data Privacy Regulation. Those new regulations, particularly the requirement for companies to disclose every potential use of consumer data, will turn Europe into a test lab for consumer comfort with limitations.

Impact on Consumer Attitudes

We are witnessing a dramatic shift in the balance of power between organizations and their customers across virtually all industries. Price and products are no longer enough; customers value experiences. With the growing amount of digital data that can be harvested from websites, smartphones, connected TVs, game consoles, point-of-sale systems, and basically every digital touchpoint, it creates a plethora of opportunity to intelligently personalize the customer journey. Especially as technology becomes increasingly central to how individuals experience the world around them, businesses have focused on initiatives that cater to consumers' preferred ways to provide unique engagement strategies as a critical part of a strategic value proposition and competitive differentiation.

Yet, targeted advertising and personalization strategies are now in jeopardy of breaking consumer trust. The current dilemma is a cautionary tale of the importance of transparency, especially in the context of GDPR. Over the past few years, our "Voice of the Connected User Landscape" data has shown a steady growth in customers' willingness to share personal data for something of value. The figure below shows that age matters. In our latest Q4 2017 survey, we found that 36 percent of respondents ages 18-34 are willing to share personal information for better rewards. However that lowers to 19 percent for consumers over the age of 55. Additionally, 38 percent of respondents in the 18-34 bracket want to receive personalized information (local offers, mall promotions, etc.) based on immediate location, compared to 22 percent of the over-55 group.

Figure 1. Willingness to Share Personal Data

Source: 451 Research, Voice of the Connected User Landscape, 2H 2017

The reality of delivering more personalized experiences demands that businesses use real-time intent data to create hyper-personalization strategies. Data-driven individual experiences require information that is updated constantly (e.g., transactions, events, contexts, interactions, and behaviors) and tied to a unique identity for each customer to build a complete customer profile. Then that information and identity must be turned into prescriptive insight using machine-learning-based algorithms to identify customer opportunities and determine how to best engage with customers across multiple channels and devices.

Average consumers have been blissfully unaware of the breadth and depth of their online data profiles. We fully expect that the industry will take two steps back as consumers begin to demand full transparency of exactly how, when, and why businesses use their personal data.

Businesses Must Build Back Trust and Transparency

Businesses already embrace policies regarding opt-in consent, but many times it's littered with technical and legal jargon that the consumer doesn't understand. Many times it is also an overarching statement that covers multiple use cases stated by the business. For example, businesses commonly claim that data will be used to improve customer experience.

Businesses must adopt new policies and technologies to ensure that they can regain customer trust through more robust consent and profile management, robust security, and portability of personal data. Consent must be explicit and customers must be able to manage specific details of the data collected.

Business will be called on to not only allow customers to demand the right to be forgotten, but also to modify and/or delete specific data. Delivering on these new requirements will demand businesses invest in a single source of the truth with a unified view of customer profiles across the entire enterprise and design experiences with a privacy-first approach.

Technology vendors have already begun to ensure their customers are GDPR-compliant by adjusting their readiness programs and application platforms with improved process automation, granularity to manage multi-level consent, and intelligent data platforms that provide secure identity management and robust capabilities to handle vast amount of raw un-aggregrated data.

It will take a while for consumers to understand the role they play in taking back control of their data. Central to their willingness will be the value consumers receive in return. If an organization is using data to manipulate end-user behavior, such as shifting the result of political campaigns, it will be a long and drawn-out battle to regain trust. However, if data is used truly to deliver relevant information or measurable value exchange, consumer willingness will eventually return.

The empowered customer is in effect forcing evolution of the entire technology stack to enable real-time, contextually relevant experiences. Yet, many customers don't realize the data required to create it. The result elevates the need for businesses to have proper information governance controls in place by expanding the realm of data governance to account for the explosion of unstructured data. That includes identifying and mapping personally identifiable information in structured and unstructured data, de-identifying and anonymizing customer information where necessary, and applying encryption and pseudonomization techniques to comply with data privacy requirements. The future will certainly be interesting as empowered customers take back control.

Sheryl Kingstone is research director for business applications at 451 Research.