Back to Top

Deloitte on what retailers can do to protect consumer data privacy

Personal consumer data is exposed in many ways, a new Deloitte report reveals, and much of it is only minimally controlled by the user. Is it any wonder that nearly half of consumers feel they have little to no control of their data?

Types of consumer data revealed daily—source: Deloitte

The acceleration of consumer data privacy legislation

The Deloitte report emphasizes why it’s important for retailers to prioritize consumer privacy, with billions of dollars at risk in noncompliance penalties in the state of California alone. Europe’s GDPR legislation launched in May 2018 and served as a warning for US retailers who are now dealing with similar initiatives in the states.

Nearly half of US states are developing new data policy legislation, so the pressure is on retailers to understand privacy restrictions on a state-by-state basis or risk high penalties due to noncompliance.

which US states have adopted or will adopt privacy legislation, shown on map

Source: Deloitte

The three states that have already enacted privacy laws—California, Nevada, and Maine—represent nearly 43 million Americans, with 19 other states from Washington to New York debating new privacy laws that will potentially cover 134 million additional Americans.

Top challenges in implementing a consumer privacy strategy

Retailers lack comprehensive privacy policies for a variety of reasons, the top one being lack of funding with 43% of respondents indicating this was a challenge for them. Other top challenges include lack of clear government regulations (43%), lack of privacy leadership within the organization (37%) and inadequate data management (50%).

top challenges in designing and implementing a consumer privacy strategy

Source: Deloitte

Only 32% of retailers surveyed have what Deloitte defines as a trust-focused, consumer-centric privacy policy. Dubbed “Leaders” in consumer privacy, these companies share a similar philosophy to consumer privacy in that they have integrated a privacy policy into their overall corporate strategy.

Deloitte compares this approach with companies who they define as “Adopters”—those companies that are working to improve their focus on privacy but aren’t quite there yet. 41% of respondents were adopters with the final 27% categorized as “Laggards”—retailers who may or may not have a privacy policy on paper and  do not have the capability to maintain privacy with any consistency.

differing approaches to consumer privacy

Source: Deloitte

What retailers need to do now

All retailers should look to Leaders as a reference point when crafting thoughtful, corporate-wide privacy strategies that are consumer centric and focus on data security. The Deloitte study emphasizes four key characteristics of Leaders as follows.

  • Consumer Centricity—Keep consumers informed about data collection by increasing transparency, informing consumers of their rights, and building trust.
  • Elevate privacy—Leaders elevate privacy within their organization, making all business decisions with privacy and consumer trust in mind. This requires training employees at all levels of the organization and within all departments to be stewards of privacy.
  • Data Management—Combine disparate forms of data into a “single source of truth” – which is a fancy way of saying get on board with a customer data platform (CDP), a type of software that aggregates and organizes customer data across multiple touchpoints.
  • Focus on security infrastructure—Leaders build security into the core of their data collection by focusing on data minimization and by taking proactive measures to ensure customer privacy.

quote from deloitte consumer privacy in retail report

The focus on data security at the legislative level is only going to increase. Many consumers are unaware of the vast amount of personal data they share daily. Retailers would benefit from familiarizing themselves further with these findings and more in the full report.

The post Deloitte on what retailers can do to protect consumer data privacy appeared first on ClickZ.

Reblogged 1 year ago from


Write a comment