In a world where science fiction closely resembles reality, how can technology be trustworthy when it uses so much personal data? What role does privacy play in an increasingly data- and technology-driven world ecosystem? And how can high-growth companies drive results for business without compromising on privacy?
These are just some of the issues explored by Karim Lakhani, Professor at Harvard Business School; Frédéric Rivain, CTO at Dashlane; Fei Liu, CTO at Litentry; Alexandre Nderagakura, Technical Director at IAB Europe; and Jawad Stouli, CTO at Didomi in our recent Yes We Trust Summit, a worldwide, 100% digital privacy event initiated by Didomi to help people understand and inspire trust in the internet age.
You can watch a replay of the discussion here.
Summary
What does the future hold?
The “Arkangel” episode of the series Black Mirror deals with the voluntary insertion of microchip tracking technology. Although the use of the main device may still be many years away, the scenario outlined in the episode has, in some ways, already come true.
Companies like Facebook, Amazon, and Netflix track our behaviour and suggest things we should be reading, buying, or watching.
According to a poll carried out during the discussion, people are fairly evenly split between optimism (45%) and pessimism (40%) about what this behaviour will mean for consumers over the next five years or so.
For the optimists, it appears there’s a greater awareness of the issue, and of the risks associated with privacy, such as security breaches. And with that awareness comes a realisation that data should no longer be controlled by big tech companies. The hope is that, between consumer awareness and regulation such as GDPR, things are moving in the right direction.
The pessimistic view, however, suggests that the need to generate revenue means companies are more in favour of looking after their shareholders than the privacy of their customers.
These competing narratives are playing out not only among consumers, but also within companies, many of whom are differentiating on their approach to privacy. They’re asking whether people should pay for privacy, for example, or whether they should expect it as an absolute feature. Whatever the answer, companies are facing some very important choices right now.
How can we please everyone?
Consumers are typically looking for ease of use. They don’t necessarily think about privacy or data security. The business models of most technology companies, though, are tied to using our data in interesting ways – sometimes pro-user, sometimes anti.
Most other companies rely on advertising to get their message across. Most consumers want advertising too, of course, as it speaks to them about a need they might have and how to resolve it. The more targeted the advertising, the better off they are. And regulators cast a big shadow across all of this.
Given the needs of these different interested parties, we have to ask how we can make it work for everyone’s benefit.
It comes down to education. With good education, consumers will be better able to make choices. And this will influence the market because, at the end of the day, the market will always follow what the customers do. Admittedly, behavioural change is hard. But even if we all take baby steps, we’ll at least be heading in the right direction.
Do we need to change the system?
Privacy can also affect user experience. As mentioned above, many of the concerns consumers have about privacy are around convenience. People don’t want to have to remember several different passwords, they want to be able to autofill from their browser. The truth is, security and privacy are, for many, just a by-product of whatever it is they’re doing online.
Achieving a balance between security, privacy, and convenience is critical for businesses who, rather than choosing to offer one or the other, must find the right mix of both. Customers will inevitably choose the products and platforms which best suit their tastes.
The existing systems are corrupted in many ways, though. There’s a concentration of power in the tech companies. Google Maps help us get from A to B very efficiently. We have an innate reason to give it all the data it needs to do that. But it also gives Google our position 24/7. So there’s a permanent tension between convenience and privacy. Resolving that tension involves user choices and consent to a large degree, along with technologies such as decentralisation and encryption.
Cryptocurrencies, for example, represent a potential solution. Building a “web tree” transfer framework allows users to control their own data. While this is effectively giving control back to the users, it’s worth noting that it’s not a case of trying to overthrow the system.
Ultimately, businesses need to provide users with the tools to better control their own privacy.
When does consent matter?
Over the last few years, it’s become increasingly critical for businesses and services that require personal data to operate and deliver value to collect users’ opt-in choices and ensure they agree to their data being used.
The main trend, especially in Europe, has been toward collecting consent. To avoid consent fatigue, however, it’s important to try and restrict the number of requests, and only collect it when it’s specific to key business processes that really require it.
There’s a huge difference between presenting users with a consent banner the moment they arrive on a site and asking them after they’ve had a chance to explore. It’s important, too, to be transparent around why consent is being requested, and then respecting the user’s choices afterwards.
Indeed, getting it right, and making it clear just what a user is (or isn’t) consenting to, can go a long way to helping a company identify and focus on those users that are most important to their business.
Conclusion… asking the right questions
There’s a balance to be struck between data privacy and user experience. But before looking into which technology and which tools to use to achieve this balance, there are two things that businesses should consider. The first is to take the time to look at the data they’re collecting, and ask what they really need and why they need it.
Then, once they’ve identified the data that will drive most value, they should focus on the right way to treat it. How will it be collected, processed, and stored? Should it be encrypted? And who should have access to it? What consent do we need, and how often should it be requested? By answering these questions, the tools and practical solutions should fall naturally into place.
Stuck between a regulatory need to protect data and a consumer desire for convenience, it’s essential that businesses continuously think about their data use, and of innovative ways to break the tension.
By giving consumers control over their data, with clear and easy-to-understand consent and preference management solutions, Didomi believes brands can turn data transparency and privacy into competitive business advantage. It’s this belief that led to us agreeing to be a founding sponsor of the Yes We Trust Summit.
