After years of seemingly unending data privacy violations, governments around the world have begun enacting regulations intended to bolster personal privacy in the digital age.
Most prominently, in 2018, Europe’s General Data Privacy Regulation (GDPR) set a new standard for data security, prompting companies around the world to take the issue more seriously by instituting financial penalties against organizations that fail to protect their customers’ data. In the US, California’s Consumer Privacy Act is scheduled to go into effect on January 1st, 2020, bringing comprehensive regulation to the US and further promulgating the legal ramifications of data security standards. In total, 58% of all countries have some form of privacy regulations on the books, and another 10% are drafting legislation.
These laws are intended to support rapidly shifting consumer sentiments that value data protection and personal privacy, two priorities that have gone wildly adrift in the digital age. Unfortunately, despite their best intentions, there is growing evidence that privacy laws aren’t improving consumer confidence in data security. In response, every company should be mindful of this attitude, as it will inevitably shape the business landscape for years to come.
Consumers Don’t Trust Companies
Until recently, digital platforms participated in a quiet arrangement with their customers who gained free access to platforms in exchange for copious amounts of personal data. Today, that information is some of the most valuable in the world, often compared to digital gold, which companies deploy to provide targeted advertising and other personalized services that drive their bottom lines.
However, today’s consumers are well-aware of this arrangement, and many are fighting back.
For example, after Facebook’s now-notorious Cambridge Analytica scandal, nearly half of users aged 18 – 29 deleted the app from their phones, signaling a distrust of the platform’s data management standards and disgust with its practices. Moreover, after a data breach, 81% of consumers indicated that they would stop engaging with a brand online, and many consider cybersecurity a prerequisite for making purchases.
In short, today’s consumers place a high priority on data security, and few feel like companies are getting the job done in this regard. As you might imagine, this impression has been left unchanged since the implementation of privacy regulations.
Hundreds of millions in fines levied on companies like Marriot and British Airways have done little to improve consumer confidence. In a survey of 400 people issued after these fines were imposed, 71% indicated that they didn’t feel safer since GDPR’s implementation. Similarly, a UK survey on consumer sentiment found that 84% of respondents did not believe that companies were taking GDPR requirements seriously enough.
For example, Magecart and other prominent payment skimming malware have compromised thousands of company records. In total, it’s estimated that more than 50,000 companies worldwide have been impacted by payment skimming malware.
In this regard, perception is everything. Whether or not companies are improving their approach is tangential to the reality that consumers do not feel more secure.
Companies Have to Get This Right
While privacy regulations can serve as the impetus for securing data, today’s consumers want less talk and more action. A recent survey found that nearly half of consumers don’t trust brands to keep their information secure, and are unwilling to take companies for their word when they report resolving a cybersecurity vulnerability.
Simply put, privacy regulations will not bail out brands hoping to build their reputation. Instead, companies will need to take substantive action to protect customer information and sharpen their competitive edge in a world that is shining a bright light on a lapse in data stewardship.
Unless SMBs and enterprise alike begin to take cybersecurity seriously, nothing short of their very viability is at stake. As the cost of a data breach goes up, reputational damage is one of the often unseen consequences of a data breach, and it can cost companies dearly. This is especially true for small businesses, with reports suggesting that 60% will fold within six months of a data breach.
In other words, the next decade of tech innovation is likely to look much different than past ones, and data privacy will play a pivotal role in the future of digital development. By many accounts, those changes are already emerging. In a 2019 Gartner survey of global CEOs, 32% identified IT-related issues as the top priority for 2020, second only to overall company growth.
For many companies, this change is sudden and drastic. However, the good news is that nobody has to go at it alone. The ID Agent team is ready to help protect your clients and businesses with an award-winning cybersecurity suite. Whether deploying AuthAnvilTM to provide two-factor authentication or utilizing BullPhish IDTM to protect your organization against phishing attacks, our services can position you for regulatory compliance and customer satisfaction.