July 17, 2018 By David Bisson 2 min read

Although consumers have a wide range of attitudes toward data privacy, the vast majority are calling for organizations to be more transparent about how they handle customer information, according to a July 2018 survey from the Direct Marketing Association.

Previous research has shown that many companies are not doing enough to communicate and clarify their data-handling policies to customers. Given these findings, what practices can organizations adopt to be more upfront with users and build customer trust?

How Important Is Data Privacy to Consumers?

The Direct Marketing Association survey sorted respondents into three categories:

  1. Data pragmatists (51 percent): Those who are willing to share their data as long as there is a clear benefit.
  2. Data unconcerned (26 percent): Those who don’t care how or why their data is used.
  3. Data fundamentalists (23 percent): Those who refuse to share their personal data under any circumstances.

It’s not just fundamentalists who see room for improvement when it comes to organizations’ data-handling practices. Eighty-two percent of survey respondents said companies should develop a flexible privacy policy — while 84 percent said they should simplify their terms and conditions. Most tellingly, 86 percent said organizations should be more transparent with users about how they engage with customer data.

There Is No Digital Trust Without Transparency

The results of a May 2018 study from Ranking Digital Rights (RDR), Ranking Digital Rights 2018 Corporate Accountability Index, suggest that consumers’ demands for more transparency are justified. Not one of the 22 internet, mobile and telecommunications companies surveyed for the study earned a privacy score higher than 63 percent, indicating that most organizations fail to disclose enough information about data privacy to customers.

Transparency is often a critical factor for consumers when deciding whether to establish digital trust with a company or service provider. According to IBM CEO Ginni Rometty, organizations can and should work to improve their openness by being clear about what they’re doing with users’ data. Those efforts, she said, should originate from companies themselves and not from government legislation.

“This is better for companies to self-regulate,” Rometty told CNBC in March 2018. “Every company has to be very clear about their data principals — opt in, opt out. You have to be very clear and then very clear about how you steward security.”

More from

Why do software vendors have such deep access into customer systems?

4 min read - To the naked eye, organizations are independent entities trying to make their individual mark on the world. But that was never the reality. Companies rely on other businesses to stay up and running. A grocery store needs its food suppliers; a tech company relies on the business making semiconductors and hardware. No one can go it alone.Today, the software supply chain interconnects companies across a wide range of industries. Software applications and operating systems depend on segments of the software…

How CTEM is providing better cybersecurity resilience for organizations

4 min read - Organizations today continuously face a number of fast-moving cyber threats that regularly challenge the effectiveness of their cybersecurity defenses. However, to keep pace, businesses need a proactive and adaptive approach to their security planning and execution.Cyber threat exposure management (CTEM) is an effective way to achieve this goal. It provides organizations with a reliable framework for identifying, assessing and mitigating new cyber risks as they materialize.The importance of developing cybersecurity resilienceRegardless of the industry, all organizations are subject to certain…

Insights from CISA’s red team findings and the evolution of EDR

3 min read - A recent CISA red team assessment of a United States critical infrastructure organization revealed systemic vulnerabilities in modern cybersecurity. Among the most pressing issues was a heavy reliance on endpoint detection and response (EDR) solutions, paired with a lack of network-level protections. These findings underscore a familiar challenge: Why do organizations place so much trust in EDR alone, and what must change to address its shortcomings? EDR’s double-edged sword A cornerstone of cyber resilience strategy, EDR solutions are prized for…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today