Half Full or Half Empty: Is Your Business Viewing Privacy Through the Right Lens?
Data protection and privacy are urgent issues for both consumers and businesses. Customers increasingly worry whether their personal information is secure, while companies are concerned about protecting data and complying with regulatory requirements.
But are business leaders looking at the glass half empty?
By considering only what privacy safeguards can prevent—customer loss, brand damage, fines and litigation—they are missing a big opportunity. Customer data is one of an organization’s most valuable assets. A business’s strategy to manage this data can set it apart, helping to build customer trust and enhance its brand. And a safe and smart approach opens the door to new ways of doing business and engaging customers.
PwC recently completed a survey of privacy professionals across the U.S., with the respondents being a mix of those responsible for oversight of privacy programs as well as practitioners involved in day-to-day privacy operations. The survey data provide a benchmark that can be used by organizations to evaluate how they are positioned compared to their competitors.
Why do so many companies fail to see the big picture?
Company leaders may be viewing data privacy and security solely through a risk lens, unknowingly stifling innovation and growth. Those that are able to find the right balance between protecting data and enabling its use in new ways and viewing it through the lens of trust and opportunity will emerge as leaders in their industries.
So how do companies find the right balance and the right strategy?
Understanding the privacy landscape at other companies and getting a sense of what other businesses are doing in this space can provide some clues. For example, what is the most commonly used reporting structure, or which organizational model is the most efficient? What are the most effective communication strategies to keep the c-suite informed? Does the c-suite share the same priorities as the practitioners when dealing with issues such as compliance, governance, transparency and brand reputation? Which issues are top of their mind for investment in the program? What is the right frequency of validating privacy controls? And which communication channels do customers most utilize to provide feedback about the privacy program?
The results of our benchmarking survey highlight the importance of viewing consumer privacy from more than just a compliance lens and developing a strategy and action plan that will help businesses lead on data privacy. It reveals the high level themes and issues that boards and c-suites should be aware of, including but not limited to, areas such as changing landscape of data privacy (and why just regulatory focus is not enough), the importance of consumer trust (and how to earn it), the emerging data economy (and how to compete in it) and taking the lead on privacy (and how to structure your privacy function).
Perhaps, by looking beyond consumer privacy as simply a compliance issue, business leaders will start to look at the glass as being half full.
Note from the Editor:
Aaron Weller, CIPP/US, CIPP/IT, managing director at PwC, will share the results during his presentation, “How to Get the C-Suite on Board (and Make Them Think It Was Their Idea)”, at the Privacy Academy in Seattle, WA., next week. A full survey analysis will be published this fall and posted on Privacy Perspectives.
About the Author
Rafae is a Manager in Data Protection and Privacy practice at PwC where he is also responsible for national thought leadership efforts for the firm. Prior to PwC, he was a Manager in Cyber Security R&D at Accenture Technology Labs, where he helped guide the Lab’s strategic vision around data privacy. In other roles, he is also an author and part-time educator and has a passion to share knowledge and engage with the community. He currently lives in the San Francisco Bay Area. Rafae received a Ph.D from Purdue University in 2006.