Security and data continue to hit the headlines with Dixons Carphone, British Airways and Facebook having been targeted. Emma Herrod shares some industry thoughts.
In September, Facebook discovered an attack on its platform that impacted on the accounts of nearly 50 million users. The breach, the largest in the company’s history, saw attackers exploiting a vulnerability in Facebook’s code that impacted “View As” a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which could then be used to take over people’s accounts.
Hackers, meanwhile, had access to British Airways’ systems for 2 weeks over the summer. The security breach gave them access to personal and financial details of customers who made bookings or changes on ba.com as well as on the airline’s app.
Dixons Carphone reported that around 10 million records containing personal data may have been accessed in 2017. In a statement, the company said “While there is now evidence that some of this data may have left our systems, these records do not contain payment card or bank account details and there is no evidence that any fraud has resulted.”
Uber, Strava, Ticketmaster and UnderArmour’s MyFitness Pal are other high profile names that have been targeted this year. It’s no wonder then that UK consumers are now more distrusting of consumer-facing businesses than they were three years ago. This is according to findings from a study conducted by Deloitte.
Its survey of 2,001 adults in the UK found that 92% of consumers believe businesses should be held responsible for ensuring the security of customer data, a rise of eight percentage points from 2015.
Overall awareness around data collection has increased following the introduction of GDPR in May. Some 94% of consumers are now aware that private and public sector bodies are collecting data about them and their activities, up from 87% in 2015.
At the same time, consumer anxiety about how different types of organisations use personal data has worsened. Three-quarters of consumers (76%) are worried about social media companies having access to their data, up from 63% in 2015. Similarly, 68% of respondents are concerned about online retailers (2015: 54%). Consumer goods (brand) manufacturers saw the largest three-year increase in concern amongst consumers, rising 21 percentage points to 67%. In addition, consumers are increasingly worried about travel agents (59%), hotels (61%) and airlines (55%) having access to their personal data.
“Digital technology permeates through almost every aspect of our daily lives. The increasing reliance of both consumers and businesses on data and technology is also exposing them to different digital risks, many of which are not fully understood,” says Mike Manby, Risk Advisory Lead Partner for Consumer & Industrial Products at Deloitte.
“Consumers are now more aware of digital opportunities and risk than ever before. The increase in awareness around data privacy is a good thing, but it appears to be making consumers more concerned in how they engage with the brands. This is creating real challenges for consumer-facing businesses.”
Deloitte’s research also found that as consumers become more aware of digital risk, they are increasingly placing greater value on how companies use or misuse personal data. Some 84% of consumers would consider not using a company that failed to keep data safe, while 66% responded similarly for a company that sold anonymous data about customers to third parties.
These are now seen as more important reasons to stop using a company or brand than the exploitation of workers overseas (60%), damaging the environment (52%) and paying large bonuses to executives (50%).
“Consumers are much more conscious of the need to safeguard their own data in order to protect their privacy and reduce the risk of identity theft, fraud and the misuse of their data,” adds Manby.
“For businesses, securing data and using it ethically has never been more vital. Not only will a breach of the new regulations lead to substantial fines and negative headlines, but the damage to the brand and the understandable mistrust from consumers can be very difficult to recover from.
“What is perhaps more concerning is that a number of businesses simply do not have the right governance, systems and processes in place to safeguard their consumers. This is being compounded by AI starting to augment decision making, requiring new controls to be put in place to also safeguard ethical engagement and potential bias. Consumer businesses need to adopt flexible, consistent and well governed processes in order to quickly identify, manage and mitigate digital risks as they emerge in real-time.”