Data Privacy and Consumer Trust Part I

In this three-part blog series, we explore how data collection in the digital age has led to a breakdown in consumer trust, how blockchain technology seeks to solve that problem, and how to address the limitations of the blockchain solution.

Part I addresses the ethics and security issues of consumer data collection. Part II coming soon.

In today’s hyper-digitalized world, everything you do generates data. Each time you purchase something online, post on social media, or even simply view a webpage, your actions leave a trail of data behind you. Though it may seem trivial to the average person, this data is extremely valuable to businesses seeking to understand and influence consumer behavior. As the amount of consumer data collected by businesses has grown, so too has public concern about privacy and the misuse of personal data.

The agreement between businesses and consumers is being renegotiated. Consumers are becoming increasingly aware of how their personal information is being used and are demanding more transparency from businesses. In response, businesses are exploring new ways to manage data and balance the needs of their customers with the potential value of the data they collect.

Data collection and consumer concern

The amount of personal information being collected and stored by companies has exploded since consumer data collection began in the 1980s. Consumers are more aware of and concerned about the protection of personal information than ever. A 2014 survey conducted by the Harvard Business Review found that 97% of consumers are concerned about the misuse of their personal data. 

The average consumer is demanding greater transparency and control over their personal data, and is becoming increasingly wary of companies that collect and use their information without their knowledge or explicit consent. Businesses across all DTC industries are witnessing a breakdown in consumer trust as individuals become more skeptical of the way their personal information is being used and more cautious about sharing it.

What happens to the data?

Consumer caution around data sharing is not unfounded. Companies, especially in Big Tech, are regularly accused of abusing and mismanaging the data they collect from their users. And when they do, they pay the price. In 2018, Facebook made headlines when a former Cambridge-Analytica employee blew the whistle on the tech giant for its non-consented collection and selling of user data to the British consulting firm for the purpose of political advertising, a move that eventually cost Meta $725 million. In 2020, Google was fined $57 million by the French data protection authority for not acknowledging how it used personal data. 

Data mismanagement

Data misuse can range from selling your personal information to advertisers without your consent, to tracking your location outside of permissioned applications, to using digital assistants to listen in on your conversations. If the idea of those things happening to you makes you uncomfortable, you’re certainly not alone. How many times have you mentioned out loud that you’re craving pizza, only for a Pizza Hut ad to show up on your Instagram feed just moments later? Though it’s thoroughly denied by the alleged perpetrators, many consumers believe that incidents like this are no coincidence. The reality is, the management of our data happens behind closed doors in black-box systems, and we have no idea the exact extent to which our personal data is being used against us.

"The management of our data happens behind closed doors in black-box systems, and we have no idea the exact extent to which our personal data is being used against us."

Regulation and privacy laws

Some governments, namely the EU, have taken strong positions in favor of individual privacy. In 2018, the EU passed what’s widely known as the strictest privacy law in the world. The General Data Protection Regulation (GDPR) levies substantial fines against companies that violate the privacy standards put in place for EU citizens. In the United States, no such law exists. Instead, privacy is guarded by a mix of laws including HIPAA, FCRA, FERPA, GLBA, ECPA, COPPA, and VPPA. And while these laws may discourage businesses from misusing consumer data (with varying degrees of success), they don’t protect against the arguably even greater threat: data breaches.

Data breaches

Even if a business is perfectly compliant with privacy laws and ethical standards, the systems in which they store and manage that data are still vulnerable to hacking and breaches. When you provide information like your age, address, and social security number to, say, your credit card company, you trust that they’re managing that data appropriately (and hopefully they are). But in the event of a hack, that important private data is suddenly in the hands of a malicious actor, with no real recourse available to you. And unfortunately, that sort of thing is happening, well… all the time. In 2021, the number of data compromises was 23% over the previous all-time high. Even as recently as September 2022, Plex, a popular streaming app, was involved in a massive breach that affected over 30 million users.

Consequences for businesses

As a business, failing to protect and properly manage the consumer data you collect will cost you, and not just in fines. IBM estimates that the average cost of a data breach in the United States is just under $10 million dollars. More importantly, data misuse and data breaches directly lead to a devolution in one of the most valuable assets a business can hold: consumer trust.

In Part II, we’ll examine the value of consumer trust and explore the relationship between privacy and trust.