Technology innovation and the power of data analytics present tremendous value, but also new challenges. While a digital economy requires businesses to rethink priorities and practices, this doesn’t have to be a burden. Instead, privacy protection should be a practice as fundamental to the business as customer service. Privacy is an essential element of being a good business partner. It may take time for this idea to sink in at the highest executive levels of some companies, but the conversation is advancing rapidly after a number of recent high-profile data breaches.
Consumers are now not only second-guessing the security of their personal information when they make routine shopping trips, but are also extending this lack of trust to how they perceive the stores and brands they once preferred. Discussions of privacy and security policies are now happening in boardrooms across the globe, and many of these conversations are zeroing in on what should be done to integrate privacy as an added value to the business.
The added value of privacy is intrinsic no matter where your company sits in the digital economy. From consumer goods manufacturers to healthcare services entities, any business will benefit from proactively tackling privacy issues in one of three primary ways: protecting your brand, offering a competitive advantage from integrating privacy and security features into products and services, and creating new products and services designed to protect personal data.
There have been many breakdowns in security or privacy causing significant, and even irreparable, damage to companies’ reputations. For context, Young & Rubicam (Y&R) estimates that brand value represents nearly one-third of the $12 trillion in market capitalization of the S&P 500.
Y&R evaluates brands on four pillars of health, one of which is esteem – the respect, regard and reputation that fulfill the promise of the brand. Most businesses, passively or actively, spend years earning the trust of their customers, partners, employees and shareholders, all of whom contribute to financial stability and growth. When an incident related to privacy occurs, it is a direct blow to the brand’s esteem and its financial value.
OfficeMax learned this lesson the hard way when last year they sent a direct mail advertisement to a potential customer, Mike Seay. Inadvertently, and through the use of a data broker, the mailing was addressed to “Daughter Killed in Car Crash or Current Business.” Just a year earlier, Mr. Seay’s daughter had in fact died in a tragic auto accident. The mailing made global news with some calling the letter a “gross insensitivity,” “tragic incompetence” or “bewildering stupidity” on the part of OfficeMax. In response, OfficeMax replied that the information came from a third-party data broker and they did not know why this form of address was used, as they had not asked for any such personal information. OfficeMax did not reveal the name of the data broker, but doing so would not have insulated OfficeMax’s brand from harm.
Subsequently, many privacy advocates and regulators have pointed to this example to highlight the need for companies to make privacy a priority. Companies need to pay careful attention to privacy-related activities before an incident like this happens. Attention includes not only putting in adequate control mechanisms to prevent issues, but also building up positive brand associations with privacy and security. There are three main mechanisms to do this, and at Intel we are pursuing all of them.
Gaining a competitive advantage. Companies can gain a considerable edge by focusing on the interests of individuals. At Intel, we focus on the individuals who use the digital devices that use our microprocessors and chipsets. We want to understand how our technology affects peoples’ lives. In our research, we consistently hear that people are hesitant to use technology in new and innovative ways because of privacy and security concerns, specifically for electronic health records and online banking. For Intel’s technology to achieve its maximum potential we need to focus on how to address these concerns and demonstrate those privacy and security controls as a competitive advantage.
Today, privacy is an active area of marketing for the technology industry. Companies compete on the basis of how long they retain personal data, whether they share data with third parties, the extent to which they encrypt data at rest and in transit, and whether they provide products and services where personal data is automatically deleted or expires.
And the protection of privacy is no longer the concern of just technology companies. The shift to a fundamentally digital economy means that, regardless of the sector you are in, your ability to protect individuals will distinguish your company from competitors who have taken a passive approach or who ignore their responsibilities.
Healthcare is an obvious example. Today’s regulatory environment increasingly encourages electronic medical records to improve service quality, increase efficiencies and reduce costs. In the not- too-distant future, some healthcare provider will surely earn a reputation among consumers and within the industry as the company that takes the greatest care to protect their patients’ information. We will likely see similar scenarios in other sectors, such as protecting the driver’s personal data in the age of the connected car and ensuring privacy for students in a digital education system.
New privacy products and services. We are already seeing new products and services from startups and established companies alike that are born from the public’s desire for privacy protections. As we move rapidly into the Internet of Things age – in which connectivity and intelligence are woven into the world around us – individuals will need products to manage their online reputations and protect their identities.
New applications for smart phones and other connected devices will allow individuals more choice over who learns what about them, and what information about them is shared with the connected environment around them. A whole new revenue stream could be generated by giving individuals the ability to keep certain details to themselves. Sure, Dunkin Donuts can offer a free donut when I’m about to drive by, but I would like to control who gets access to that information coming from my phone and how that data is used.
Other companies may focus on providing purpose-driven identification. A jazz club may restrict attendance to only those over 21 years of age, but they do not need to know my name and address to let me in the door.
Behind the scenes, new products and services will target back-end data operations, securing data at its source to prevent a breach long before a customer can be affected.
Winning with privacy. Not unlike the failure of “green washing” that has taken hold related to environmental issues, those who want only to profit off privacy and security issues without providing value will lose. They will be the exception and they won’t last long.
But the businesses who use data in responsible ways to create new solutions and business models – those who place the needs and the protection of their customers and society first – also understand that long-term success will depend on their ability to earn the confidence of their customers.
For example, a GPS application in your car could collect and provide powerful information for you and everyone else driving by, delivering real-time traffic travel route recommendations during commute hours. But a driver may be less enthusiastic to know the application is also sharing driving habits with their insurance company, which could adjust rates based on that information. The business that applies the right formula of risk and reward will win.
For decades, great customer service has been about delighting your customers with friendly staff and business policies. In this digital global economy, the game has changed.
Source - David Hoffman HBR