Building Blocks to Earning Trust: The 4 C’s
By Sharon Bauer
Personal data is of immense value to any business, which is why businesses are so focused on collecting data to drive the profitability of their company. While there is an abundance of data to be collected, consumer trust, on the other hand, is of even greater value because it is exceptionally rare. Since most businesses are focused on the visceral satisfaction of collecting data, there is less focus on building a strategy to earn consumer trust, which will help companies become even more profitable.
In light of the upward trend of privacy breaches and misuses of data, consumers are losing trust in companies and are starting to question what companies are doing with their data. Companies that embed privacy, transparency and trust in their data handling practices today, will gain consumer trust in abundance. This will be the company’s competitive advantage. Not only that, but they will be future-ready for a movement in which consumers will demand to have more transparency and control over their data.
Trust Leads to Profitability
There are three main reasons why we believe investing in trust initiatives will result in a significant return on investment:
Trust drives Action: Consumers flee from companies they no longer trust and flock to companies, often competitors, they do trust. Trusted companies will have the market share of consumers.
Trust drives Loyalty: Consumers who trust a company will remain loyal to the company, advocate for it and defend it, even when it experiences a data breach, which is inevitable.
Trust drives Data: Consumers who trust a company will not only flock to the company but will be enticed to give it more data because they know the company will do right by them.
Be Proactive, Not Reactive
One of the key ingredients to earning trust with consumers is to be proactive in building trust initiatives, rather than reactive when privacy legislation prescribes it, or after a breach. Companies that can demonstrate that they want to do the right thing, rather than need to do the right thing are showing their customers they care; that privacy is within the DNA of their company. Furthermore, taking a proactive approach before other companies do, helps differentiate the company from its competitors. It becomes a competitive advantage for the company.
The 4 C’s: Strategic Building Block to Earning Trust
We work with our forward-thinking clients, including some home-name brands, to build privacy-centric practices. In doing so we use 4 main building blocks: Clarity, Culture, Craft and Communication.
Clarity
According to a 2019 New York Time article, on average, it takes 25 minutes to read a privacy notice. Not only that, but you need at least a university degree to understand what it means. It is no wonder nobody reads privacy notices or understands them. This is a terrible way for any company to build trust with their consumers. Companies that have long, complex and legalese privacy notices have not taken the time or effort to demonstrate to their customers that they care enough about their privacy, even if the first sentence of the privacy policy says, “We take your privacy seriously.” Um, riiiight.
Consumers want transparency. Putting together a transparent privacy notice can take longer than putting together a 30-page privacy notice because simplifying concepts for the layperson can be difficult. That should not stop a company from taking that extra effort. Be creative with your privacy notices to make them captivating. For example, consider a privacy video, infographic, or cartoon. The good news is that there is no one way to write a privacy policy. Maybe the term “privacy notice” should be a “trust contract”, which shows consumers why they should trust a company to collect and use personal data. Putting the extra finesse into your privacy notices will demonstrate to your consumers that you are open about your data handling practices and that you have nothing to hide. That builds trust.
Similarly, when seeking consent to collect data, companies should make it contextual, so that consumers understand the value exchange of giving up their personal data and therefore can make a meaningful decision. Bundling consents, such as agreeing to various things with one click of a button, is not providing users with proper choices. Instead, consent should be layered. When seeking consent, explain what the information will be used for, who it will be shared with and what the user is getting in return for disclosing their information. Being open about this information will make the consumer feel confident in their decision to give up their data and feel that the company has nothing to hide.
2. Culture
Just because a company has a privacy officer, it does not mean it has a privacy culture. If a CEO is not thinking or asking questions about privacy, the company likely lacks a privacy culture. Setting a privacy tone from the top is the beginning of the journey. That tone needs to be genuine, which means the C-Suite needs to believe that privacy and trust drive consumer loyalty and therefore are of value to the business. When the C-Suite sets a tone from the top, they are creating a privacy-centric DNA in the business; a value that is entrenched in the business.
Companies with a successful privacy culture are those whose different business units, such as security, marketing, R&D, HR, analytics and so on, collaborate with the privacy function and embed privacy in their respective business processes from new product/service developments to compliance reviews. The collaboration is based on the shared understanding that trust and transparency are going to drive them to success and any deviation will put their reputation and customer loyalty at risk. Companies who are successful at creating a privacy and trust culture, understand that they are embedding privacy because it is an entrenched corporate value, rather than a compliance check-the-box exercise.
Privacy-centric companies have a common and shared vocabulary around privacy that is discussed both in the boardroom and in the hallways. We have helped our clients write white papers, host podcasts, and hold fireside chats about privacy. They create internal privacy hubs on their intranet to help their staff find information at their fingertips and their privacy and trust values are often reflected on their websites as well.
3. Craft
Privacy is both a science and an art. From the science perspective, companies need to be complaint with the letter of the law. However, from the arts perspective, privacy can be very creative as most privacy legislations are not prescriptive in terms of how to operationalize privacy. When privacy is implemented both as a science and an art, the business will not only meet its goals, but it will exceed expectations.
Embedding privacy practices at the inception of an idea or concept is called “Privacy by Design”. When companies engage in Privacy by Design, they make privacy as the default setting, they design with transparency, and user’s privacy is respected. When Privacy by Design is embedded, trust takes a life of its own, especially when creativity is at play.
Privacy and trust practices should be discussed at the development stages. That means role-based privacy training must be deployed to the development team. If your company outsources this function, privacy-centric design skills must be part of the procurement consideration.
It is also necessary to invest resources into privacy-enhancing technologies, also known as “PETs”, that promote privacy initiatives to help companies gain the trust of their consumers. PETs use techniques to minimize the collection of personally identifiable information, while still providing the same functionality of an information system. Some examples of PETs include differential privacy, federated learning, anonymization/pseudonymization, and obfuscation, to name just a few. This is a positive-sum game, in which consumers get a service without having to compromise their privacy and businesses get the information they need without needing to compromise their business goals.
4. Communication
If privacy and transparency are part of a company’s DNA, it should use that to its advantage when creating a company brand. Develop an authentic marketing and brand strategy that demonstrates a company’s commitment to privacy. This message will be a company’s differentiator setting it apart from its competitors. A trust-focused marketing brand will have customers second guess whether they trust the competitors.
While marketing a company as privacy-centric will build assurance with consumers, be careful of trustwashing - where a company is all talk but no action. Many companies understand the benefits of being a privacy-centric brand so they promote themselves as being that, but they are anything but privacy-centric. Be who you say you are. Don’t use it as a tactic to get more business - the truth will come out.
Get Ahead of the Pack
Many companies see privacy as a compliance exercise and a money pit. Unfortunately, those are companies that may not have thought through the immense benefits privacy and trust can bring to their business. Those businesses will lose huge opportunities. Luckily, companies that see the light will be ahead of the game when their competitors finally catch on to the advantages of instilling privacy, transparency and trust to the core of their business.