GovernanceRegulationGDPR: Expect consumers to punish lax organizations

GDPR: Expect consumers to punish lax organizations

Almost 80% of consumers would boycott an organization that failed to protect their data, research finds. The Global Treasurer speaks exclusively to Nicola Howell, senior data and compliance attorney, Dun & Bradstreet about how consumers view data breaches and who should be held to account.

Following the implementation of GDPR today, consumers are expected to reward and punish organizations for data protection, a Veritas study has found.

Two in five of UK consumers believe most businesses do not know how to protect their personal data and are willing to take resolute steps to ensure those companies are penalized.

Out of the 12,500 consumers across 14 countries that were tested, it revealed consumer tactics to avoid data safeguarding issues.

Key results include:

  • 94% said they are concerned about how their data is shared with companies and third parties
  • 79% of consumers would tell their friends and family to boycott the organization (should they have data protection issues)
  • 46% of respondents say they would spend more money with organizations they trust to look after their data with 21% willing to spend up to 25% more with a business that are willing to take data protection seriously.

“As consumer demand more transparency and accountability from businesses, the ‘new norm’ will see consumers rewarding those organizations that have good data hygiene practices in place while punishing those that don’t,” said Tamzin Evershed, senior director and global privacy lead, Veritas.

“Businesses must be seen as trusted custodians of data if they want to reap the rewards associated with building consumer confidence,” she added.

“The reason we did this report was because we found that many organizations were focusing on GDPR for the organization, rather than how consumers would view it,” Jason Tooley, Veritas vice president, explains to journalist Dave Beach.

The Global Treasurer asked Nicola Howell, senior data and compliance attorney, Dun & Bradstreet, about how consumers view data breaches and who should be held to account:

How easily redeemable is a company’s reputation if they have been entangled in data protection issues?

“With the proliferation of social media and a heightened focus on transparency, organizations are increasingly under the spotlight when it comes to data protection. This increased focus, coupled with more comprehensive data protection legislation, means that data breaches often make headline news.

“In addition to any financial penalties, the reputational damage to companies can have a significant impact on their bottom line or stock price.

“Whilst it may not be possible to protect against every eventuality, if a company has the right procedures in place, and makes data protection compliance part of their culture, then this can help to mitigate the negative impact of any breach that may occur.”

In a business, who should be chiefly responsible for ensuring customers’ data is protected?

“It’s more about a business taking data protection seriously, making it part of the culture of the organization and dedicating an appropriate level of resource and investment.

“The GDPR lists situations where a data protection should be appointed, but at the end of the day the public will consider a board member responsible if something goes wrong.”

 

With the new law coming into effect today with subsequent Information Commissioner’s Office (ICO) enforcement, it would be of interest to understand if consumer concern is remedied or if another organization will fall short in data protection.

Related Articles

The ripple effects of strenuous international regulation: What this means for the trade finance gap, SMEs and AI

Regulation The ripple effects of strenuous international regulation: What this means for the trade finance gap, SMEs and AI

6m Laura Noble
Dodd-Frank rollback: What we know so far

Regulation Dodd-Frank rollback: What we know so far

7m Laura Noble
US sanctions on North Korean goods ramp up slavery compliance

Governance US sanctions on North Korean goods ramp up slavery compliance

8m Donna Westerman
Technology, MiFID II and 2027: The changing face of the post-trade industry

Regulation Technology, MiFID II and 2027: The changing face of the post-trade industry

8m Thomas Zeeb
IBOR replacement: a major change significantly affecting corporate treasurers

Governance IBOR replacement: a major change significantly affecting corporate treasurers

8m Sven Göggel
Bringing cryptocurrency to the front line  

Payments Bringing cryptocurrency to the front line  

9m Karen Vickers
Open Banking and data protection: Friends or foes?

Compliance Open Banking and data protection: Friends or foes?

9m Oana Dolea
PSD2 'most interesting' when combined with social media or government data

Banking PSD2 'most interesting' when combined with social media or government data

9m Victoria Beckett