Beyond governance, risk and compliance: privacy, ethics and trust

We are currently experiencing the fourth industrial revolution (FIR), characterised by a blurred fusion of all things physical, digital and genomic. Each revolution has been accompanied by a privacy legislation wave, linking its governance to the accelerating pace of change. So we find ourselves in the fourth privacy wave, where technological changes outpace regulation – causing consumer fear and digital distrust, and resulting in strong ethical arguments for aggressive improvements in organisations’ privacy practices.

One of those arguments is consumer trust. The 2017 Edelman Trust-Barometer reveals that trust is in crisis around the world. To rebuild trust, Edelman argues that organisations must step outside their traditional roles and work towards a new, more integrated operating model that positions consumers and their trust concerns, at the centre of the organisations’ activities. Organisations should address data protection not just because legislation mandates it, but because empowering customers to control their data engenders trust, creates shared ‘value’, and wins consumer loyalty.

“The trust dynamic between consumers and organisations is on a knife’s edge, with consumers reporting that the values of honesty and integrity have been eroded when it comes to personal data – leaving them feeling cynical and increasingly unwilling to share their data at all”     –        Whose Data Is It Anyway? CIM Survey 2016               

Although many FIR technologies are positively transforming consumer lives, they still depend hugely on large quantities of consumer data, giving rise to increased personal data sharing. A recent study by Columbia Business School found that 75% of consumers are willing to share their data if they trust the brand and are more willing to do so in exchange for benefits, such as reward points and personalisation – but only if it’s on ethical, fair and transparent terms.

Big data = big ethics?

The more data consumers share, the more an organisation can leverage that data for personalisation and innovation, which leads to increased share value. However, according to Gartner, in 2018 half of business ethics violations will occur through improper use of big data analytics. The exponential growth in adblocking over recent years shows how consumers feel about improper use of their data (with Irish and Greek consumers topping the European average, at over 50%).

Just as consumers are known to share more information when they trust an organisation, the opposite is true with distrust. Boston Consulting Group has found that consumers radically reduce data sharing when they distrust an organisation.

Digital ethics and privacy are one of Gartner’s top ten strategic technology trends for 2019.  It writes: “any discussion on privacy must be grounded in the broader topic of digital ethics and the trust of consumers, constituents and employees. Ultimately an organisation’s position on privacy must be driven by its broader position on ethics and trust”.

Doing rights vs doing right

Shifting from privacy to ethics moves the conversation beyond ‘doing rights’ toward ‘doing right’ This ethical approach to data privacy recognises that feasible, useful or profitable does not equal sustainable, and emphasizes accountability over compliance with the letter-of-the-law. In the digital economy, the existence of, and compliance to regulation will no longer be enough to engender consumer trust.

Organisations need to find ways to let their consumers know that they use consumer data in a law-abiding and ethical manner. Organisations that ethically manage data and solve the consumer-privacy-trust equation are more likely to win loyal consumers who pay a premium for their products and services. For example, Lego has placed the protection of children’s data at the heart of its information protection strategy. It limits integration with social media, shows strong corporate responsibility regarding use of customer data by suppliers and partners, and it forbids third-party cookies on websites aimed at children under 13. Apple too, mandates that any new use of its customer data requires sign-off from a committee of three “privacy czars” and a c-suite executive.

Sustaining trust

As data stewards, organisations should understand the dynamics and profile of their consumers and the factors that lead to their trust. Organisations can then communicate their compliance initiatives in a way that can more openly nurture and sustain the trust relationship with the consumer.

This in turn will enable them to better design how and where they should communicate their data protection activities to maximum effect. It also results in a more socially responsible and sustainable privacy protection regime for the fourth privacy legislation wave.

Valerie Lyons is chief operations officer at BH Consulting and IRC PhD Scholar at DCU Business School

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.