Deep Dive: How Merchants Can Optimize Revenues and Security While Protecting Customers’ Data Privacy

protect consumer data privacy violations digital fraud prevention

Digital Fraud personally identifiable information ecommerce cyberthreats

In a recent study, more than 80% of Americans reported going online every day to conduct routine activities, such as grocery shopping and bill payments or to visit social media sites, and 28% said they do so constantly.

With greater internet usage, consumers are becoming more aware of how the websites they visit may collect and share their personal information with third parties. They also are growing more concerned about risks to their data — not just from breaches that may result in fraud attempts, but also from companies’ privacy violations and unethical data-sharing practices.

The result is that the number of consumer data privacy bills increased alongside eCommerce in 2020, including those aimed at regulating the increasingly widespread use of facial recognition and other biometric data. The pandemic temporarily shifted legislative priorities to more pressing health and safety concerns.

Still, privacy regulators in the European Union, whose General Data Protection Regulation (GDPR) represents one of the world’s toughest consumer data privacy standards, had imposed $331 million in fines for data malpractice as of January 2021. In July, eCommerce giant Amazon received the largest-ever fine of $888 million for GDPR violations.

The following Deep Dive examines which regulations are gaining ground to help protect consumers from privacy violations, and why they are doing so. It also discusses how businesses ethically can gather customer data to prevent fraud and optimize revenues and the customer experience.

Unethical Data Collection Practices Tarnish Merchant-Customer Relationships

Reasons for concern about providing personally identifiable information (PII)

Businesses are harvesting more data to attempt to capture sales, but some companies obtain material on unethical grounds. Suspicious information-collecting tactics may harm the customer relationship, resulting in lower customer retention rates, a negative impact on revenue streams and a decline in consumers’ willingness to share their personal data in the future.

A recent KPMG survey reported that 68% of U.S. citizens were worried about the quantity of data being collected, and 40% questioned the ethics of companies’ data collection practices. Even 13% of respondents did not trust their employers with their private records, and 51% were “very concerned” that companies are selling their data — eclipsing the 47% concerned about actual data breaches.

Additionally, a PYMNTS survey revealed that 27% of consumers are uneasy about sharing personally identifiable information (PII) online because they fear someone will gain access to their information.

The California Consumer Privacy Act (CCPA) and the EU’s GDPR are leading the way with regulatory procedures intended to protect user data by providing consumers with greater transparency into how their information is being used. Both carry heavy fines for negligence. Data compliance and regulations have not reached full maturity, however, and some businesses may struggle to become fully compliant.

It is crucial that corporations incorporate the rapidly evolving privacy policies into their companies’ data plans. Gartner reports that 65% of consumers globally will have their personal data protected by modern privacy regulations by 2023 — a 10% increase from 2020 and the height of the pandemic. Those who fall behind may face monetary losses through fines or reputational blows.

Ethical Data Gathering To Optimize Customer Experience and Revenues

Compliant data protection need not be at odds with optimizing revenues. Banks and financial institutions (FIs) have long relied on purchased lead lists for direct-mail marketing campaigns. As restrictions on data sharing tighten, however, some FIs are beginning to transfer their attention from acquiring new customers to retaining existing ones, who pose less of a regulatory risk.

Existing member data privacy rules are not parallel to those created for new members. There are significant and ethical exemptions that make customer retention a more seamless option for driving revenue growth. Moreover, merchants must view customer experience as directly linked with lifetime value and revenues. Among friction points that could have a severe negative impact on customer experience is disproportionate data collection.

It is safe to assume that consumer data privacy demands will continue to intensify in the future, but businesses can find legal ways to harness the power of consumer data to fight fraud and gain an advantage over their competitors, ultimately satisfying a greater pool of customers. Directing marketing strategies toward existing customers is one simple way to use databases for innovative opportunities to generate new business without violating consumers’ rights.