Site Search

Menu

Topics

Loading Results

What new laws mean for customer data

Key takeaways

  • Consumers are paying attention to what businesses are doing with their data.
  • As new regulations come into play around the world, companies must make sure they’re not only compliant, but sensitive to customer understanding.
  • Transparency, communication and user-control will help build trust and enable deeper customer engagement.

The world is changing when it comes to data privacy. In Australia, the Notifiable Data Breaches scheme is barely a month old. In Europe, the EU General Data Protection Regulation (GDPR) comes into effect next month. As the public, and the media, focus on where customer data ends up, what does it all mean for business?

Consumers are taking a closer look at just what information companies have on them and it’s often more information than they otherwise assumed. Whilst users consent to data collection by agreeing to company terms and conditions, they often do so without understanding the implications.

Why should business care?

There are a number of reasons why businesses should be concerned when it comes to the misuse of customer data or breaches.

The PR fallout from exposing customer data to purposes they did not believe they signed up for can be immense, culminating in lost users, stock price plunges, regulatory action or lawsuits. If that weren’t worrying enough, PwC studies have confirmed that customers do not take kindly to breaches of their data, and they will take their business elsewhere.

For companies that collect customer data in some form or another, how they use it and who they share it with can be a minefield. How many businesses are allowing third-party access to customer data in order to improve or even run their product? In many ways, doing so is essential, particularly to companies who want to scale but are not, nor should be, experts in every area of their supply chain.

Avoiding the use of third parties to implement business imperatives is not possible. Yet doing so opens businesses up to breaches of trust (at the very least) that may not come about from breaking the rules of a collection policy, but instead go against the public’s perception of what the rules’ intentions should be.

Is regulation the answer?

Unfortunately, there is no easy way to simply protect customer data. Regulation is one option. The GDPR and Notifiable Data Breaches scheme are two such initiatives to protect citizens when it comes to their data privacy.

In the United States, however, such privacy laws are often nebulous, dependent upon state laws and context. Elsewhere in the world privacy laws are often non-existent.

Much of this argument revolves around the idea of informed consent. Can a customer be expected to understand the legalese that pops up (often in the hundreds of pages) when clicking accept to access an online service?

It’s a question that hasn’t yet been answered, but clearly, when it comes to apps using information for purposes that customers think is outside the realm of their service, there is a fine line between what they believe is acceptable and what isn’t.

For a business then, even adhering to regulation may not provide complete coverage.

What should business do to protect customer data?

It should go without saying, but companies need to prioritise their cyber security and data privacy. This is a matter of business strategy, given the implications, and shouldn’t be thought of as simply an IT box to be checked. That security needs to be built on proven tactics and transparently communicated to customers to ease their concerns.

Trust can only be built with time and action. Particularly given new data laws, customer’s need to be able to access the data that you keep on them, and be able to control how it is used.

Regulation is not the be-all and end-all, and many companies that end up in the headlines have not broken any laws, or willfully deceived customers – after all, customers will often sign up to a service and willingly part with their data to do so. This doesn’t mean they necessarily understand the extent of that contract. While legally, this might protect the business, perceptions matter and customers can still vote with their feet to go elsewhere.

Importantly, businesses need to put themselves in the shoes of their customers. Understanding how they feel is a big part of being able to plan ahead, negate any issues and build goodwill that will be necessary in the event of a breach.

Data do, data don’t

There’s no question that in the world we live in, businesses need data in order to thrive. Data informs business decisions, product development, optimisation and marketing. Sometimes, that data needs to be shared with third parties in order to do business.

People are willing to part with a certain amount of data in order to get a better customer experience, but this isn’t an unlimited honey pot.

To cement trust and engage with consumers on a deeper level business needs to be transparent over where and how that data is being used. This includes who is using it, how it is being protected, and notifications if changes are made or, if disaster strikes, if breaches occur.

For further suggestions on data protection and background information into how customers will react to the misuse or breach of data, visit our Consumer Intelligence Series report, Protect.me.

{{filterContent.facetedTitle}}

Related Articles
heading
Digital Pulse shares insights from PwC experts to empower your digital journey. By exploring stories at the intersection of humanity and technology we help you solve today’s business challenges to unlock the possibilities of tomorrow.
sitelinks Home Topics About
policylinks PwC Consulting Privacy Legal disclaimer
sociallinks Connect with us Email Twitter
subscribe Get the latest in your inbox weekly. Sign up for the Digital Pulse newsletter.

© 2021 - 2024 PwC. Digital Pulse shares expertise from PwC consultants and wider industry networks to provide thought leadership and actionable insights to empower your digital journey. We focus on transformational change and how this impacts consumers and business alike.

Industries
Agribusiness and Food Banking and Capital Markets Construction and Transportation Education and Skills Entertainment and Media Government Insurance Power & Utilities Retail and Consumer Real Estate Telecommunications
Asset Management Charities and Not-for-profit Defence Energy (Oil & Gas) Financial Services Healthcare Mining Infrastructure Superannuation Technology
Capabilities
Asia Practice Assurance Business Align & Connect Consulting Cybersecurity and Digital Trust Deals Digital Transformation Energy Transformation Environment, Social and Governance (ESG)
Future of Work Indigenous Consulting Integrated Infrastructure Legal People & Organisation PwC Private Strategy Tax
About Us Alumni Governance Board Diversity and Inclusion Executive Board Non-executive Director Centre Social Impact Suppliers of PwC The New Equation
Media
Insights
Careers Student careers Graduate careers Experienced careers
Contact Us Local Offices Sitemap
Digital Pulse Topics About us Subscribe

© 2017 - 2024 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details. Liability limited by a scheme approved under Professional Standards Legislation.