On Data Privacy Day 2021, our Co-CEO and CTO Dr Paul Ashley was part of a panel looking at the rise of consumer privacy tech and where enterprises, consumers and the regulatory environment are at in the push towards greater consumer data privacy protection. Tapmydata’s Gilbert Hill and Confidently’s Brent Blackaby joined Paul on the panel, which also welcomed listeners’ questions.
The panel discussion covered plenty of ground in the consumer privacy space over 45 minutes. You can watch the entire session in the video below, but here we’ve packaged up eight key takeaways for companies thinking about the consumer privacy space right now:
- People are coming to understand that if they aren’t paying for the product, they are the product, but the challenge for brands is in convincing some consumers to reject the data monetization model and to instead pay for services that better protect their personal data. All three panellists agreed that the answer to this challenge lies in helping more consumers to realize that they are already paying for so-called free services with their privacy, and then clearly defining for those consumers the tangible benefits (‘what’s in it for you’) of switching to priv tech solutions. Brent Blackaby said this can be as simple as saying: “It’s about reducing the number of data breaches you have … reducing the likelihood of identity theft … helping you to recoup compensation for a data breach … getting fewer spam emails and spam calls …”. And of course, once consumers have decided to protect their privacy with some or all services, brands must deliver the products that make it easy for them to do so. Check out Sudo Platform for how your brand can rapidly respond to that need.
- Consumers are growing increasingly interested in privacy and want to take back control of their data, but privacy-aware consumers don’t always act. Confidently’s January 2021 privacy survey of Californians revealed a “huge gap” between consumers’ privacy interest and their [perceived] ability to act. Brent said: “We’re seeing a willingness and appetite to want to do something about data privacy [among consumers] … but 60% of Californians surveyed haven’t done anything about their data privacy.” Mostly, according to Confidently, this because there’s “not broad awareness of CCPA and the new regulatory regime … and also because there is a key segment that knew they could act but just thought it was too hard. They didn’t know where to start.” Again, brands must figure out ways to bridge the gap between interest and action by making it easy for consumers to restore their privacy or to not give out their data in the first place. See how we’re doing that with MySudo, our consumer privacy app and the world’s only all-in-one privacy solution.
- Many consumers have moved on from privacy to data control and trust and this is an exciting opportunity for consumer priv tech. While the concepts are intrinsically linked, trust is rapidly gaining ground in consumer conversations. We saw what happened with WhatsApp early this year, which Paul says “did the world a favor by raising awareness”, but the trust issue is even bigger than that.
We recently reported that a 2020 McKinsey survey found that consumers are more likely to trust companies that ask for minimal personal information and only information related to the product they’re purchasing. They also are more likely to trust brands that don’t collect passive data (e.g. browsing history), and those that promote privacy within their products. And they have no problem delaying or avoiding purchasing from a company that they don’t trust as stewards of their personal data.
On the panel, Gilbert Hill indicates that many consumers know what’s going on with their data but are now questioning whether they trust those companies with it. He says, “You can be compliant but still not doing, in the consumers’ eyes, the right thing and that’s deadly.” So there’s a great opportunity for brands to publicly call time on the data harvesting model and prove their trustworthiness by delivering a new suite of privacy-first products to market.
- Markets of consumers who care about privacy will become more granular and this opens up the priv tech market. Confidently’s Brent Blackaby told the panel audience they’re seeing more groups of consumers sign up for his service: “A lot of young people are already aware and already taking some proactive steps to protect their privacy so they may not be signing up for every service without understanding the trade-offs. [We’re also] seeing more older people sign up for Confidently and that’s probably because they have more [assets/data] to lose.
Paul Ashley agreed with the changing demographics among privacy-aware consumers: “MySudo’s early adopters were technically aware users but over the last couple years that’s grown organically out of the technical space and people who have more assets, to [include] other people who have become more aware of [the data privacy problem]. So I think that the population that is understanding the consumer privacy tools and actually using them is growing from the technical people to almost the ‘normals’.”
Gilbert Hill sees young people as a lucrative market that’s not being fully engaged. He says that young people get the data value exchange much more intuitively than other groups and the reason they’re not visible is they feel disenfranchised: “They’re not dealt into this game and … they’re disinterested in platforms beyond what they deliver … that doesn’t make them very sticky customers … but it also gives an opportunity for priv-tech to offer a new deal.”
- Business and users share responsibility for data privacy. Brent says, “Business certainly has a lot of responsibility … but [the CCPA] is still fundamentally an opt out model … so the onus is still on the consumers to take action at all of the places where they want to take action. But businesses don’t have to make that easy.” He continues: “CCPA is a bit of a balance of responsibility between the two … but there will be constant tension. How consumer friendly is the regulation … how easy is it for consumers to do what they want … and how much pushback are they going to get from businesses trying to protect huge investments in data?”
Paul agrees: “I think there’s a balance here between what’s the responsibility of the business and what’s the responsibility of the user.” He says some things like creating strong passwords have to be done at the user level. And, on the business side, businesses can do everything to follow a regulation and still lose the data, so there’s a balance where the consumer can help themselves and the business can help the consumers.
- We’ll see more equilibrium between what enterprises are doing and tools for consumers— where people start to take control and actually make choices about their date; whether to share it or gain from it.
Gilbert Hill commented: “Looking at where priv tech and consumer priv tech sit, [the future] will be about having a digital identity that I control and I can choose to share in an ongoing dialogue of trust.” This is closer to how we navigate our relationships in real life, such as leaving documents on the kitchen table and not having the visiting plumber take photos of them.
Brent agreed: “I think we’ll see over the next 12 to 24 months a lot more consumer interest and a lot more investor interest [in consumer privacy tech] as the market comes into a little more equilibrium between what’s happening on the enterprise side and what tools are there for consumers.” Again, Sudo Platform can help you there.
- People power is underrated in the priv tech space and we will see more privacy and data protection activism. Gilbert Hill says, “The regulatory cavalry isn’t coming.” He continues: “People power is a good thing for consumer priv tech to plug into as a theme.” The panellists made the point that activism can help change the privacy space and how organizations handle users’ data and the regulatory environment.
- Consumers are starting to question whether they want anonymity or they want to be known but without giving away their personal identifiers. A listener commented that anonymity solutions are only as good as the pool you can get lost in, and Paul said it’s an interesting point: “The question is do we really want anonymity online or do we want to be known but protected? He gave the example of online shopping where he might want to protect his personal data but still want to be known as “Paul Ashley” in case something happens to the product and he needs to make enquiries. “When you go online shopping, you’re effectively leaving your identity documents on the shop’s “kitchen table” for anyone to look at and steal. So, in some cases it’s anonymity you need but in other cases it’s “I want to be Paul but without giving away all my identifiers … or I want to message with my friends without anyone else reading it.” Final thought? It’s a case-by-case proposition and it’s a balance MySudo gets right.
You can watch the Data Privacy Day ‘Rise of Privacy Tech’ panel session here: