At first glance, 2018 is shaping up to be a year that has brought meaningful consumer, regulatory and legislative backlash against lax online privacy. Europe’s General Data Protection Regulation (GDPR), California’s similar law, Facebook’s ongoing costs and stock price plunge in the aftermath of the Cambridge Analytica scandal — all point to a new, stricter attitude about keeping online data private.
Except, maybe not.
What follows is a quick look at the current privacy landscape, and what that means for retailers and other companies that are competing for larger shares of the digital market — including potential business opportunities.
First, a few caveats.
Human beings are complicated, contradictory creatures, capable of persuading themselves that privacy is important to them, even as they share everything from breakfast habits to details of their dreams online, all the while making vacation plans on Google Calendar.
Trying to reconcile the desire for privacy with the realities of online life — the “free” services that take payment in personal data — stands as one of the founding tensions of the digital era, unlikely to be resolved anytime soon.
What seems to be genuinely changing is consumer awareness of how privacy really works in the digital world. Online ads that are so personal they feel creepy — an ad related to a TV show you just watched, or an aggressive pitch for weight loss products that follows a brief web search for a new gym — have taught consumers about the power of personalized marketing technology. Never-ending news stories about location targeting, data breaches and the like have also forced consumers to think more about privacy.
One recent survey found that 78 percent of U.S. consumers were aware of the Cambridge Analytica scandal, with the incident resulting in 57 percent of those consumers reporting they are more concerned about data privacy and security. Overall, 69 percent of consumers favor GDPR-like regulations in the United States.
In fact, just 9 percent of U.S. social media users are “very confident” that those platforms would protect users’ data, according to Pew — with 64 percent calling for more regulation of online advertisers.
On the other hand, so what?
The Cambridge Analytica scandal involved the improper sharing of data from up to 87 million Facebook users. Yet, in its second quarter earnings, Facebook reported 11 percent year-over-year growth in its global daily active user base, which stood at an average 1.47 billion in June. That number missed analysts targets, but hardly demonstrates that consumers are applying massive punishment. Meanwhile, in Europe, Facebook lost 1 million monthly active users as a result of GDPR — a significant decline but nothing that approaches the existential.
Venmo, the PayPal-owned P2P payment app engaged in increasing competition with Zelle, is facing privacy troubles of its own. Venmo users must send messages with their payments, which are visible on a public newsfeed by default — though those settings can be changed. As a result, consumer groups have criticized Venmo for its privacy policies, and the issue has caught the attention of federal regulators.
Even so, a small survey found that 88 percent of Venmo users “indicated indifference [toward] whether their transactions were shared or private.” For its part, Venmo, has offered its users a tutorial about privacy settings when they open the app — one indication that PayPal is taking the concerns seriously.
Much like people complain about federal lawmakers but keep sending their local representatives and senators back to Congress, consumers often engage in what’s called the privacy paradox, which boils down to this, according to one research abstract: “While users claim to be very concerned about their privacy, they nevertheless undertake very little to protect their personal data.”
One possible reason? Humans’ concepts of privacy are tied to physical spaces, not virtual ones, and culture and values have yet to catch up. There are theories floating around that the emergence of “smart” houses — residences connected to the Internet of Things, with such features as smart locks and appliances, and multiple voice-activated devices — will bridge that gap between the virtual and physical, and get people to think more seriously about online privacy.
Other technologies could also influence how consumers think about privacy, and how that paradox will develop in the coming years.
For instance, the market for apps and wearables related to personal healthcare will reach $11.25 billion by 2015 — up from $1.4 billion in 2016, according to BIS Research. But the federal Health Insurance Portability and Accountability Act — the privacy protections offered by the law commonly known as HIPAA — does not necessarily protect the data collected by those devices, according to comments made by Iliana Peters, a healthcare attorney with Polsinelli PC in Washington, to Bloomberg Law.
In fact, “the wearables market may have less robust security protections than healthcare systems integrated into large corporate infrastructures,” Thora Johnson, a healthcare attorney with Venable LLP in Baltimore, told Bloomberg Law.
Meanwhile, some companies are trying to put more privacy and data power into the hands of consumers — and even help them make money doing so. For example, Freckle IoT has launched a app called Killi, which allows consumers to “opt in and select specific pieces of personal information that they would like to share with brands in exchange for money.” Killi clients so far include McDonald’s, GM, Danone and Staples.
Freckle said some 70,000 consumers have downloaded the app, with more presumably coming as part of the company’s $5 million marketing campaign on Facebook, Twitter and other mediums.
“People are excited about this idea and the technology; it's something consumers have been requesting: ‘How do I control my data?’” Sargi Mann, executive VP and head of digital strategy and investments at Havas Media Group, told Ad Age.“Data privacy has huge momentum right now and innovations like Killi are certainly a big step … this can take off in a few hours, weeks or months.”
So what’s the takeaway from all this? Awareness about online privacy issues is increasing, and given the legislative weight involved, it seems unlikely to level off in the coming months, which may provide business opportunities for entrepreneurs. Yet that central tension — consumers want privacy, except when they don’t — will very likely remain.