By Jonathan Joseph, Head of Solutions and Marketing at Ketch.
One of the best parts of my job is watching global tech trends unfold in real-time. I work for an American data-privacy company that serves companies all over the world, and my days are spent pinpointing the ways that new regulatory trends and shifting consumer expectations are impacting global organizations.
As an Australian, though, it’s pretty clear that this is an area where our country still has some work to do. On a recent trip home, I was disappointed to see headlines flagging major missteps by Australian businesses. Bunnings, Kmart, and The Good Guys are under investigation over their use of facial recognition tools; last year, a separate probe found that 7-Eleven had covertly harvested facial data. At least 10 edtech products used in Australian schools reportedly violate children’s privacy rights. Insurance companies can access consumer data to set prices. And our TikTok data is accessible from China, potentially exposing Australians’ information to foreign governments.
In response, Attorney-General Mark Dreyfus is promising sweeping reforms to strengthen Australia’s privacy laws. That’s an important step — not just because it would bring Australia in line with other jurisdictions with modern data-privacy frameworks, but because the reforms specifically put the consumer at the heart of data privacy. Under Dreyfus’ plan, organizations’ data handling must be “fair and reasonable,” especially in managing sensitive data such as biometrics. That’s in line with what we’re now seeing around the world: regulators are empowering consumers, and making user expectations a critical factor in determining what’s required of businesses.
In fact, that’s the biggest single lesson that Australian companies should take from global privacy trends. Regulatory reforms are important, but we need more than just a new rulebook. Our businesses need a new North Star — or Southern Cross — that drives them to put people, not just compliance, at the heart of their data privacy processes.
Consumers are waking up
As Australia figures out its plans for reforming its privacy laws, much of the focus has been on the operational challenges. It’s easy to see why: in Europe, firms spent an average of AUD$2 million to prepare for the General Data Protection Regulation (GDPR); the total cost of compliance with the California Consumer Privacy Act (CCPA), meanwhile, was estimated at AUD$78.5 billion.
Those are big numbers, but they’re only part of the story. In Europe and America, new privacy laws have driven increased consumer awareness of privacy rights — and that increased awareness, coupled with tangible shifts in consumer behaviour, is what will drive lasting change.
A recent Ketch survey found that in both the U.S. and the U.K., consumers are now paying close attention to companies’ data-privacy policies. They’re increasingly likely to snub companies that fall short, and to reward those that handle data responsibly: in fact, purchase intent jumps as much as 28%, and other KPIs such as brand preference and trust show similar leaps when companies get data privacy right.
Companies that focus on meeting or exceeding consumer expectations are already seeing results. To cite just one example, Apple put privacy at the heart of its brand and is now winning over sizable numbers of Android users, forcing Google to play catch-up. Compliance, in other words, is no longer enough: consumers want more, and businesses are having to scramble to meet their customers’ expectations.
An opportunity, not a roadblock
What does all this mean for Australian businesses? It means that Dreyfus’ regulatory reforms are only the leading edge of a much bigger process that will culminate in Australian consumers waking up both to the value of their data, and to their own power to demand more from the companies with which they do business.
The key to success is to get ahead of that curve and start putting systems in place now that are designed not just to satisfy regulators, but to genuinely earn and retain your customers’ trust.
The law might tell you to seek consent before collecting your customers’ data, and of course that’s important. But customers want companies to go further, building out end-to-end data infrastructure capable of ensuring that data is never used for unapproved purposes; that subjects’ privacy decisions (including deletion requests) are rigorously enforced across your entire ecosystem; and that new regulations are instantly applied across your entire data universe.
That’s a challenge, but also an opportunity. Our survey found that 74% of consumers now see data privacy as a top priority, and over four-fifths are concerned about how companies handle their data. But nine out of 10 consumers also say their relationships with companies improve when their data is handled responsibly, and over 80% are happy to share data in exchange for benefits such as discounts or personalized services.
Australian businesses that prioritize trust, in other words, will find their customers are both more willing to make purchases, and more willing to share their data. Companies that stick to business as usual and take a bare-bones approach to privacy compliance, on the other hand, will find it increasingly difficult to operate effectively in a world of increasingly empowered and engaged consumers.
Time to choose
Building trust-based data infrastructure might sound difficult. Certainly, it will require many Australian businesses to rethink their approach to privacy, and to find more transparent ways of operating. But as Attorney-General Dreyfus has made clear, those changes are coming one way or another — and not just in Australia.
With three-quarters of the world’s population set to be covered by modern data privacy regulations by 2024, we’re already part of a world in which consumers are demanding meaningful privacy protections. To stay competitive, Australian businesses will increasingly need to look beyond mere compliance and invest in more powerful and scalable trust-based privacy technologies.
Big changes are coming, and not just in the regulatory space. The question is whether Australia’s businesses will be caught flat-footed. Consumers are already starting to flex their muscles — it’s time for businesses to recognize that new reality, and start building data privacy systems that Australians can believe in.
About the Author
Jonathan Joseph is the Head of Solutions and Marketing at Ketch, a platform for programmatic privacy, governance, and security. Passionate about innovation, his career is focused on disruptive technology and organizational change. He serves on the Board of Directors at Reel Works, which builds opportunities for diversity and inclusion in media, through a platform that empowers underserved NYC youth to share their stories through filmmaking, creating a springboard to successful careers.
