Enterprises need to build a holistic privacy programme to retain customer trust

Privacy is becoming a reason for consumers to purchase a product, in the same way that ‘organic’, ‘free trade’ and ‘cruelty-free’ labels have driven product sales in the past decade. Privacy-first products are likely to follow this trend. 

To increase customer trust, executive leaders need to build a holistic and adaptive privacy programme across the organization and be proactive instead of responding to each jurisdictional challenge. More than 60 countries around the world have enacted or proposed postmodern privacy and data protection laws. 

In 2019, Gartner observed a decline in overall customer satisfaction, an erosion of trust and an increase in privacy invasion. Today, these sentiments extend into all interactions between customers, organizations and devices.

As customers demand protection of their privacy, lawmakers around the world are preparing to meet this demand. Security and risk management leaders should take note of these Gartner 2020 predictions for privacy to help their organizations improve transparency and reassure customers.

By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today.

More than 60 countries around the world have enacted or proposed postmodern privacy and data protection laws, following the introduction of GDPR in 2018. These include Argentina, Australia, Brazil, Egypt, India, Indonesia, Japan, Kenya, Mexico, Nigeria, Panama, the US, Singapore and Thailand.

Enterprises should use technology solutions to assist with not only readiness efforts, but also to automate portions of your privacy management program once it’s established. This is particularly important for the handling of subject rights requests and the processes for consent and preference management (CPM).

By year-end 2022, more than 1 million organizations will have appointed a privacy officer (or data protection officer).

Increased regulation will lead organizations to hire capable, empowered senior-level privacy officers to deliver both compliance and customer satisfaction.

There were only a few thousand official privacy officers worldwide before the GDPR took effect in 2018. In 2019, it was estimated that already half a million organizations relied on the expertise of a privacy officer. Organizations that avoided hiring a privacy officer because they weren’t subject to the GDPR now need to catch up.

Appoint a privacy officer, ideally one who reports directly to the board. Whether the current regulatory landscape demands it or not, having a dedicated lead for the privacy discipline is necessary to help co-steer the corporate strategy and affect the organization on strategic, tactical and operational levels.

Bart Willemsen

---

Bart Willemsen is vice president analyst at Gartner. The views in this article are his own.