deepagopi2011 - Fotolia
UK consumers have only a marginal degree of trust in organisations to protect their digital data, with less than half of UK consumers (46%) willing to exchange personal data for free or discounted services, a study shows.
That level of trust is among the lowest of any country in Europe and the rest of the world, with UK organisations believing consumer trust is significantly higher than it is in reality, according to the Frost & Sullivan study commissioned by CA Technologies.
At the same time, the majority of UK businesses interviewed (56%) admit to using consumer data internally, and 47% admit selling customer data to other businesses, the inaugural Global state of digital trust survey and index 2018 reveals.
“This new study reveals a marked gap in perception on trust, as it relates to UK consumers’ expectations and the way organisations collect, store and use their digital information,” said Stephen Walsh, director of security, CA Technologies.
“Consumers are increasingly transacting online, providing businesses with access to vast amounts of data, and organisations are consequently processing and storing a growing amount of personally identifiable user data.
“If businesses don’t do their due diligence to protect consumer data from getting into the wrong hands, trust can be fleeting, which can negatively impact the bottom line,” he said.
The study’s findings come as Dixons Carphone revealed that the number of personal data records impacted by a 2017 breach discovered only in June 2018 is 10 million not 1.2 million as initially thought.
Strong incidence response
Commenting on the Dixons Carphone breach, Mark Adams, regional vice-president for UK and Ireland at data management firm Veeam, said that while it is nearly impossible to prevent all data leakage and data theft, a strong incident response process will significantly reduce the pain associated with data breaches.
“These days the public care a lot about how their data is handled and by whom, and they want organisations to be more proactive in managing that data, so the size of the breach is going to translate into a much higher loss than many will imagine,” he said. “Customers will exit contracts and with so much competition for business, this will be an expensive breach with a long tail of damage for the organisation's brand and reputation.”
Frost & Sullivan calculates the Digital Trust Index based on a number of different metrics that measure key factors around the concept of digital trust.
These metrics include how willing consumers are to share personal data with organisations, how well they think organisations protect that data and the extent to which consumers believe companies sell their personal data to other companies.
UK responses to the survey reveal that the Digital Trust Index for 2018 is 56, where 100 represents total trust, which is lower than in France (58) and Italy (57), but above Germany (54). However, it is markedly lower than the global average of 61.
By contrast, UK cyber security professionals and business executives score an average of 73 on the Digital Trust Index – a perception gap of 17 points – signifying mismatched perceptions among these audiences in a measurement of perceived consumer trust versus actual consumer trust.
The study also revealed that 83% of UK consumers prefer security over convenience during the transaction authentication process. However, UK organisations see it differently, with only 60% of cyber security professionals and 59% of business executives placing security ahead of convenience.
The majority (88%) of UK business executives claim that they are “excellent/very good” at protecting consumer data, showing a high level of self-confidence, despite the fact that the majority (56%) of UK business executives admitted that their organisation had been involved in a publicly disclosed consumer data breach, with 44% saying the data breach had occurred within the past year.
Nearly 30% of UK consumers report that they currently use the services of organisations that were involved in a publicly disclosed data breach. Of these, 32% have stopped using the services of an organisation because of a breach.
More transparency on data protection policies is required, the report shows, with 64% of UK consumers and 89% of UK organisations agreeing that providing consumers with easy to understand information about data protection policies increases consumer trust.
However, only a third (32%) of UK consumers said they receive this information, although 85% of organisations claim they provide it.
Amidst a continuous stream of headlines about major data breaches in enterprise and government agencies, the report said the degree to which UK consumers have placed their trust in organisations to protect their personally identifiable information (PII) online has never been more relevant.
Prioritising data privacy
Organisations should prioritise data privacy and security or risk serious ramifications, the report said, adding that they can mitigate these risks by taking a proactive stance on security, such as narrowing their policies for sharing user data, reducing privileged user access, implementing continuous user authentication technologies, and adopting better cyber security and privacy controls to stop hackers.
“We are at a crossroads in the information age as more companies are being pulled into the spotlight for failing to protect the data they hold,” said Jarad Carleton, industry principal, cyber security at Frost & Sullivan.
“With this research, we sought to understand how consumers feel about putting data in organisations’ hands and how those organisations view their duty of care to protect that data,” he said.
The survey found that there is certainly a price to pay when it comes to maintaining privacy, for consumers and businesses that handle consumer data, said Carleton. “Respect for consumer privacy must become an ethical pillar for any business that collects user data,” he said.
According to Walsh, businesses need to work harder at protecting data against abuse form external and internal sources to build more trusted consumer relationships.
“They need to understand that success in the digital economy requires a security-first mindset. A loss of digital trust has implications on all aspects of a business and brand perception.”