Call 1800 POD LEGAL   

Will Your Data Mean Less Customers?

Information is now currency but in the ‘data economy’ brands must comply with privacy laws, not just to avoid legal risk, but to maintain trust and win more business.
Pre-internet, we shared our personal information with a handful of official agencies and businesses such as the tax office or our bank. How it was used, and whether it was abused, rarely crossed anyone’s mind, let alone made headlines.
We assumed that the bodies we entrusted our information to would keep it safely locked in filing cabinets until the paper yellowed or we filled out another form to update our details.
Nowadays, however, data has become big business and the words ‘personal information’ are bordering on becoming an oxymoron.
Most of us, if we are honest, have lost track of exactly who has our ‘personal information’, even if we think we haven’t. We have spread it across social networks, freely given it away on websites or to apps.
Now information ranging from our gender to our medical history sits somewhere on ‘the cloud’ and our mobiles reveal our geo-location at the tap of an ‘accept’ while we rely on the businesses that our data to do the right thing and comply with our legal rights.
We’ve given our data away so freely because ‘personal information’ has ceased to be personal, now it is a currency, something we exchange online for something else. We freely hand it over via website registrations or e-newsletter sign-ups, for offers, discounts and deals and for the ‘chance to win’.
But whatever we exchange it for, what we get in return isn’t as valuable as our data is to businesses and companies that are using it to drill deeper and deeper into our buying habits and preferences.
And yet a surprising number of them have little understanding – or choose to ignore – obligations they may have under the Australian Privacy Act 1988, and even fewer would understand the complexities of Australian law and the ‘cloud’ servers that hold Australian citizen’s information on servers situated in other countries.
However, businesses and brands need to be clear; the law doesn’t have quite as relaxed an attitude when it comes to protecting our data as individuals do.
Its main concern is in how it is collected and how it is subsequently used – as Tiger Airways recently discovered when it was fined $110K for spamming customers who had unsubscribed from its email services.
As Richard Bean, Australian Communications and Media Authority (ACMA) deputy, pointed out at the time, brands cannot have a “set and forget” attitude.
But perhaps it is more of a “get and forget” problem; most brands collect huge amounts of information, making ‘big data’ buzz words for a digital future, but keeping track of it can be challenging. Even companies in the business of information can fail – as Telstra did by allowing personal information relating to over 700,000 customers to be publicly available for 10 months in 2011 (the Telco narrowly avoided a fine by the ACMA in October, a lenient decision that might have been different if the more rigorous Privacy Amendment (Enhancing Privacy Protection) Bill 2012 makes it through Parliament).
Telstra isn’t alone, in the past 18 months or so brands such as Google and Barnes & Noble have fallen foul of privacy standards around the world, a signal of the massively increasing amount of data companies are now dealing with.
The threat of regulatory fines and possible lawsuits isn’t the only issue; deal badly with data and brands will experience a ‘trust gap’ between them and their customer, a loss of public confidence which can be difficult to win back.
Businesses then, face three issues around data: trust, technology and compliance. A trio of issues that demand every business, no matter how large or small, consider creating a ‘privacy management strategy’ to evaluate their risk and have contingencies in place should anything go wrong.
The logical place to start in building a privacy strategy is with compliance. If you are seen to be operating within the law other breaches driven by faulty technology for example, may be more easily forgiven (Telstra’s glitch was a rogue link rather than wilful defiance).
It breeds trust as well; a recent paper from Southern Cross Business School which looked at consumer behaviour around e-commerce found that privacy statements are one of “the most influential components on a website for increasing overall trust.”
In this instance, compliance isn’t just a tedious legal process to endure but a selling point that can help win more customers and, of course, lead to yet more data ‘currency’ being collected by the company they have chosen to do business with.