It’s Data Privacy Day. Is Your Customer Data Really Safe?

Did you know that today is Data Privacy Day? We wanted to use this opportunity to reiterate Umbel’s commitment and focus to making data collection ethical, secure and transparent. On Data Privacy Day we wanted to remind you to be a smarter and more responsible company that cares about your customers’ data privacy and security.

While customer data has the power to transform how companies communicate with customers and drive ROI, we as a company strongly encourage our clients to collect data only with customers’ awareness and approval, and only collect the data they actually need to offer improved and customized experiences.

With new technology and tools like sensors and beacons, we can now track every aspect of a customer’s online and offline interaction with a brand. Many customers are willing to share their data with brands in return for personalized experiences and offers, as long as we’re respectful of personal boundaries. In a recent survey by SDL, 79% of respondents said they’re more likely to provide personal information to brands that they “trust.” So are you doing enough to ensure you remain trustworthy in the eyes of customers who are becoming more concerned about their privacy with every passing day?

Here Are 7 Data Privacy Best Practices We Recommend:

1. Draw The Line Between Creepy and Effective Marketing: 

Don’t let your marketing be invasive, incessant and downright creepy. There’s a fine line between being pervasive and being invasive. Your customer’s don’t need to know that you know intimate details of their personal lives like the fact that they’re in early stages of pregnancy, especially when they haven’t told their family about it yet. You want to wow them, not creep them out.

2. Win Customer Trust with Transparency:

Always be transparent when collecting data and let customers know what data you’re collecting, why you’re collecting it and how you plan to use it. And, always give them a choice to opt out of it. You don’t ever want your customers to be rudely surprised that you’ve have certain personal information about them that they didn’t actually approve. Plus you don’t even need a lot of the data you’re probably collecting so take a closer look to assess what you really need and why.

3. Keep Your Customer Data Private and Safe:

Once you have their personal information, make sure you secure the data and protect it from hackers and data breaches. The recent attack on Sony is only the latest in a series of high profile data breaches at U.S. corporations in recent months. While hackers are mostly looking for credit card numbers, passwords, SSNs and emails, the more data you have on your customers, the more you expose them to risk when a breach takes place. This also includes investing in your security infrastructure and resources from the very start, and not just reacting to a breach. Conducting regular, proactive tests and risk assessments throughout the year will help thwart any attacks before they even happen, and save your company’s money and reputation in the long run.

4. Stay Updated on Industry Best Practices for the IoT:

Read the best practices for businesses that’s included in the Federal Trade Commission’s Internet of Things: Privacy & Security in a Connected World report on privacy and security in the context of the Internet of Things. The focus of the report is the application of four of the Fair Information Practice Principles (FIPPs) to the IoT:
– Data Security
– Data Minimization
– Notice
– Choice

5. Don’t Expose Your Customers to Unnecessary Risk:

The FTC report lists some of the many ways in which companies unethically put their customers at risk. Make sure you’re not guilty of the following:
– Unauthorized access and misuse of personal information
– Unexpected uses of personal information
– Collection of unexpected types of information
– Security vulnerabilities in IoT devices that could facilitate attacks on other systems
– Risks to physical safety, such as may arise from hacking an insulin pump. 

6. Make Third Party Partner Oversight a Priority:

In today’s integrated marketplace, many companies rely on third party vendors and partners for their customer data. For example, if you are a sports team, your customer data comes from the sporting venue, the food and beverage vendors at the venue, the companies that sell your merchandize online and offline and the company that sells your tickets among others. Thoroughly vetting third party providers and making sure they are ethical in their data collection and use should be an essential part of your partnership agreements.

7. Pay Attention to The FIDO Alliance’s Recommendations:

The FIDO (Fast IDentity Online) Alliance is a 501(c)6 non-profit organization established in 2012, dedicated to revolutionising online authentication with open standards for simpler, stronger authentication. Their primary goal is to make how we connect online is safer and more secure and address the lack of interoperability among strong authentication devices as well as the problems users face with creating and remembering multiple usernames and passwords.

This is how the non-profit describes itself on their site: “The Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. This new standard for security devices and browser plugins will allow any website or cloud application to interface with a broad variety of existing and future FIDO-enabled devices that the user has for online security.”

Your customers trust you with their data and expect you to keep it safe from abuse and breaches. While there’s no easy overnight fix to it’s more important for corporations to make data privacy a top priority and make the necessary investment in money, time and resources to fortify their customer data, a lesson the folks at Sony learned the hard way. This Data Privacy Day, make the pledge to do more, stay alert and be as prepared as you can be to keep your customer data private and safe.