Join our Waitlist for Expert Advice!

Does Customer Data Privacy Actually Matter? It Should. Big tech has lost the confidence of consumers but seems to be awakening to what a problem that is.

By Keith Casey Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

Urupong | Getty Images

It's only April and 2019 is already shaping up to be a banner year for the lack of data privacy. Not a day goes by where our mortgage information, our passwords, and even our old Hotmail emails aren't wrapped up in some sort of security failure that flouts our digital privacy.

The cynic would suggest this is the new normal--that we have made a Faustian bargain with big tech to choose convenience over security and privacy. But while news reports highlights companies behaving badly, change may be on the horizon, both in terms of companies' attitudes towards customer privacy and in the regulatory compliance landscape. While fines and further legal ramifications should be enough to drive businesses to take customer privacy seriously, customers have a seat at the table and can also push change.

Related: No One Is Safe From the Data Breach Epidemic (Infographic)

The regulatory landscape

Everyone on the internet has heard of General Data Protection Regulation or GDPR, which is the European Union's (EU) relatively recent privacy regulation. The GDPR arose as a holistic way to update existing, inconsistent and conflicting laws and regulations across the EU to strengthen the protection of individuals' personal data. GDPR serves as the foundation for European consumers to take more control of their privacy and it's just the first of many laws on the way.

The California Consumer Privacy Act (CCPA) came on the heels of the GDPR and offers similar protections for California consumers. The CCPA goes into effect on January 1, 2020. The regulation puts guidelines on personal information collection and usage by businesses, giving Californians significant visibility and access to what data is gathered, how it is shared and control over its deletion. Other states like Washington, Maryland, Massachusetts, Hawaii, New Mexico, and Rhode Island have also introduced legislation around privacy, opening the door for more potential statewide privacy compliance challenges for businesses.

These regulatory shifts on the international and state-wide level may prod action at the federal level, where a number of competing bills have been put forth, but progress has been limited.

While the private sector waits for potential federal legislative movement on privacy, it's worth asking how businesses consider user privacy, and if there are any practical cues to take. Okta published its Digital Enterprise Report in early April -- a survey of 1,050 technology decision makers at organizations with $1 billion in revenue or greater -- and sought to understand more about how these organizations were thinking about privacy regulation and practices.

With such a rapidly-changing regulatory landscape, compliance is and will continue to be a substantial challenge for businesses of all sizes, so it's no shock that over half of survey respondents said a federal privacy law would make compliance easier. The alternative? Organizations reckoning with the byzantine nuances of differing state laws.

Related: The Equifax Data Breach Shows the Limitations of How Our Data is Stored

Compliance and opportunity

The effect of regulation and the varying interpretations will have an impact on how organizations act with regard to privacy, but it's not the only thing impacting actions. After a year filled with privacy breaches and scandals across the technology landscape, companies are recognizing the need to make privacy more of a focus and potentially a strategic differentiator. While nearly half of Digital Enterprise respondents said they give customers only limited control over what data they share with their organization, nearly half again said they expect to provide more control over data privacy in the coming year.

Perhaps surprisingly, topping the list are the industries who have historically collected customer data to sell goods and services: technology, retail, manufacturing and automotive. In the case of technology, these repeated breaches -- both accidental and purposeful -- have destroyed trust, created legal issues and hurt their bottom lines. According to the Edelman Trust Barometer -- a global survey of consumer trust done annually -- only 55 percent of respondents think technology is performing well on protecting consumer data.

Related: Personalization and Privacy in a GDPR World

All of this is to suggest that privacy is becoming a front and center issue for businesses and governments alike. But can it be a strategic advantage? According to TrustArc, 92 percent of US consumers worry about their privacy online, and more importantly, 89 percent say they avoid companies that do not protect their privacy. Handling privacy proactively and transparently offers significant upside to businesses of all sizes. This means understanding how to practically think about protecting customers' data, and there are some broad, simple rules that make data privacy and transparency significantly easier for business builders:

Don't collect unnecessary data. If you don't collect it, you can't leak it. It's a prudent, responsible decision that reduces risk for companies, teams, and individual employees.

Don't share unnecessary data. There are times when you must collect the data but that doesn't require you to also share it. Data sharing needs to be scoped to a specific use case and dynamically shifted when necessary.

Recognize the need for continuous monitoring. Too many apps are built, launched, and then neglected without another thought given to what information those apps hold. Developing a baseline of "normal" and investigating anything beyond it is key to limiting unwanted exploitations of privacy and data.

Be transparent. Beyond taking proper steps to protect and limit sharing data, entrepreneurs should take steps to proactively engage with their customers around data privacy, creating privacy policies and statements on digital properties with clear language.

As is always the case, the devil is in the details. But proactively considering data privacy offers a business builder a chance to showcase commitment and transparency to customers in an age of waning trust, in addition to avoiding the regulatory headaches of an increasingly complex compliance environment.

Keith Casey

API Problem Solver

Keith Casey currently serves on the Platform Team at Okta working on Identity and Authentication APIs. Previously, he served as an early Developer Evangelist at Twilio and before that worked on the Ultimate Geek Question.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Growing a Business

Treating Your Business Like a Temporary Endeavor Can Boost Your Entrepreneurial Success — Here's How

Here's the mindset shift you need to make to truly succeed as an entrepreneur.

Business News

Want to Keep Your Customers? Keep It Simple — Here's Why.

Removing simplicity from your business is one of the easiest traps to fall into — too many offerings, too complicated to purchase, and not solution-orientated enough to solve problems. Return to simplicity, return to profitability.

Starting a Business

She Started a Business With $300 After Getting Laid Off. It Made $300,000 in Year 1 and Became a Multimillion-Dollar Company.

Bobbie Racette wanted to revamp the virtual assistance space — and provide job opportunities for underrepresented communities at the same time.

Data & Recovery

Keep Your Company's Data Locked Tight With Lifetime Password Protection

Get lifetime access to a secure password manager for just $25.

Leadership

Remote Workers Aren't Lazy — They Need Empathy. Here's How to Build Emotional Resilience in a Remote Environment

Given the increasing prevalence of remote work, especially in light of the pandemic, this article delves into the various aspects of working from home, with a particular focus on emotional resilience. It draws from Dr. Emmy E. Werner's pioneering research on resilience and aims to provide guidance to organizational leaders seeking to effectively engage with remote employees by prioritizing empathy and support.

Side Hustle

Want to Turn Your Passion Into A Business? Follow These 3 Important Rules

We helped an artist turn his art into a business — and you can do it too