Deloitte Survey: Consumer Product Companies’ Data Security Practices Lag Consumer Expectations
Eight in 10 consumers (80 percent) say they are more likely to buy from consumer products (CP) companies that they believe protect their personal information, yet only 37 percent believe that these companies are adequately doing so, according to a new Deloitte study, “Building Consumer Trust: Protecting personal data in the consumer product industry.”
Nearly six in 10 consumers (59 percent) state that a single data breach would negatively impact their likelihood of buying brands from a CP company, although roughly half (51 percent) would be forgiving of a CP company that quickly addressed the issue.
“Consumer product companies are collecting more detailed individual profiles, and unfortunately, the more data a company gathers, the more attractive that information becomes to malevolent parties,” said Pat Conroy, vice chairman, Deloitte LLP and consumer products sector leader. “Many of these companies have yet to establish themselves as stewards of consumer data protection, but stand to gain a great deal by strengthening their privacy and security practices and communicating them to consumers. Doing so can help distinguish these companies from competitors and subsequently impact purchase decisions.”
Underestimating consumer perceptions on privacy
Many surveyed executives indicated that their data analytics programs they utilize to support marketing programs positively impact sales. More than eight in 10 (82 percent) of executives say that targeted marketing via online/mobile advertising has increased sales, and nearly the same amount cite targeting via social media (79 percent) and via online/mobile coupons (79 percent).
However, consumers presently appear hesitant to allow CP companies to use their personal information for targeted marketing. While more than four in 10 (42 percent) respondents are willing to allow their purchase history to be analyzed, few believe that their demographics (33 percent), social media postings (10 percent), online search history (20 percent) or email content (5 percent) should be analyzed by software programs. One survey respondent noted, “It would be hard for me to feel reassured that big companies are protecting my interests.”
“As investment growth in targeted digital marketing continues to outpace investment growth in traditional approaches, the drive to collect consumer information intensifies; however, CP companies may miss out if they underestimate the connection between transparency and marketing impact,” said Frank Milano, partner, Deloitte & Touche LLP, and U.S. consumer products enterprise risk services leader. “Consumer trust in data privacy and security can translate into competitive advantage, and companies should treat their policies not just as a risk management issue, but as a central component of brand-building and corporate reputation.”
Overestimating consumer comfort
CP executives may be overestimating consumers’ comfort with sharing personal information and the value they receive from doing so. While nearly half of executives (47 percent) surveyed feel that consumers believe the risks of sharing personal information are worth the personalized promotions, advertising or coupons they receive, only one-quarter (25 percent) of the surveyed consumers agreed.
Many consumers remain wary of the extent to which their data can be monitored. A significant majority (85 percent) say they are concerned about CP companies tracking mobile phone behavior, while 81 percent are concerned about the tracking of their online behavior. Additionally, 78 percent are concerned about sharing their personal data with CP companies.
Companies struggle to keep pace with sophistication of threats
Despite a tendency to overestimate consumer comfort with data privacy and security practices, executives are not blind to the risks. Reputational damage to the brand tops the list of risks executives cited (76 percent) with regard to data privacy and security, followed by loss of current consumers (69 percent) and loss of potential new consumers (64 percent).
However, many executives surveyed are less than completely confident in their own companies’ data and security practices. Only 41 percent of executives state that consumer data privacy is “absolutely critical” at their company. Less than one-third (30 percent) of executives “strongly agree” that their company’s privacy and security policies have kept up with recent technology and regulatory changes, or that their company has a consumer communication strategy in place if a breach occurs.
For additional information or to download a copy of the study, please visit:www.dupress.com/consumer-data-privacy-strategies
About the Surveys
The Deloitte study included two web-based surveys. One survey polled 70 U.S. consumer product industry executives and senior managers, and the second survey polled 2,001 adult U.S. consumers, both in August 2014. The research also included six executive interviews (three were IT executives at consumer product companies) conducted in August and September 2014.
About Deloitte’s Consumer Products Practice
Deloitte is a leading presence in the consumer products industry, providing audit, consulting, risk management, financial advisory and tax services to more than 80 percent of the Fortune 500 consumer product companies. Delivering insights on the latest consumer product issues, effective practices, technology and operating procedures, Deloitte serves companies across multiple categories including food and beverage, apparel and footwear, personal care and household products. For more information about Deloitte’s consumer products practice, visit: http://www.deloitte.com/us/consumerproducts
Source: Deloitte, January 2015