embrace data security

Apr 17, 2019

If you and your company aren’t thinking about implementing new data protection options for your customers and users, let’s change that. Here’s why.

Legislation is happening

Last year, General Data Protection Regulation – otherwise known as GDPR – went into effect across Europe, but realistically affected a large swath of companies around the world due to the interconnectedness of the global internet. Companies based in other regions are regularly interacting with European users, which put those companies within the scope of GDPR.


The thinking behind European regulations is making its way to American shores. California is rolling out the California Consumer Privacy Act (CCPA) as of January 1, 2020. Vermont, New Jersey and Colorado have also passed laws restricting selling of consumer data to third parties, providing breach notifications, and setting standards around security. Other states have started to look at their own consumer privacy regulations, and you can see how this could quickly get out of hand for technology companies and those collecting information. Enter the federal government.


There’s been a lot of recent noise about the federal government enacting its own consumer privacy law that would replace individual state laws. Technology companies are actually cheering on this initiative so they don’t have to navigate the mess of potentially 50+ separate state and territorial laws governing how they do business. Of course, they are also hoping to limit how far this national law would actually go. These companies don’t want to see anything on the level of GDPR coming to the U.S.

Opportunity for brands

There is opportunity for brands to get on the data protection train as well. In a 2014 study, Deloitte found that “70 percent of consumers would be more likely to buy from a consumer product company that was verified by a third party as having the highest standards of data privacy and security.”1 And SAP found that a large portion (79%) of consumers will stop using a site if their data is being used without their knowledge.2


Allowing users control over their data will only strengthen trust in your brand and encourage further usage of your site. For a brand, this is gold.

So what are the next steps?

The most important thing for any brand to do, if it hasn’t been done yet, is to complete an audit of the data being collected today (including whatever data may be hiding in the dark). Next, review the data you as a brand actually need and use, making sure to justify each piece of data. Lastly, it will be time to change the data collection process throughout your properties to meet the compliance of all these regulations.


Looking for help getting started or need more guidance? Get in touch. We’re happy to help.


Photo by Jon Moore on Unsplash

1Deloitte. (2014, November 13). Building consumer trust. Protecting personal data in the consumer product industry. Retrieved April 16, 2019 from https://www2.deloitte.com/insights/us/en/topics/risk-management/consumer-data-privacy-strategies.html

2 SAP. (2017). The 2017 SAP Hybris Consumer Insights Report: 1,000 Consumers Tell You What They Love and Hate About Brands. Retrieved April 16, 2019 from https://news.sap.com/wp-content/blogs.dir/1/files/SAP-Infographic-Consumer-Insight-Report-US_171220.pdf