Prioritising privacy for conscientious consumers

Customer privacy is reshaping the retail, CPG, and ecommerce space. Regulations and laws continue to be introduced and amended, while at the same time, customers are more aware than ever about the value of their data and how it is used. As a result, it’s an environment that is forcing retailers to completely rethink how they collect and use it.  Addressing this now is particularly critical in light of the sweeping changes to shopping habits and buyer behaviors brought about by the pandemic.

Data volumes create two distinct issues

The amount of information that the largest retailers collect and process is immense. The biggest retailer in the US is estimated to process around 2.5 petabytes of data per hour. According to IDC, worldwide data will grow 61% to 175 zettabytes, with as much of the data residing in the cloud as in data centers - that's up from 33 ZB in 2018 and an increase of 142 ZB. But such gargantuan volumes of information come with some major red flags in the way of fines for misuse and cyber attacks. 

Last year, Amazon was handed the largest ever fine given by the European Union’s privacy watchdog for violating data protection rules - £637 million for allowing customer data to be exposed to third parties. And it is just one example of many. Such a collection of data is a veritable honeypot to criminals. According to research by Keeper Security, the retail sector in the UK experienced one cyber attack every eight days in 2021. The same report states that 77% of the retailers believe that the number of cyberattacks they face will surge in the next 12 months and disrupt the entire retailer ecosystem. When you also add in the changes we’re seeing from technology companies that are increasingly limiting the amount of data available through elements like third-party cookie removal, it creates a very fine line for retailers to walk and is leading to two distinct issues at an operational level. Namely,  how to deal with the paradox of privacy vs personalization in light of evolving consumer expectations and how to collect, store and use data without compromising security.

The paradox of privacy vs personalization

The focus on personalization, brought about by the necessity to go digital on account of lockdown measures, is now a fundamental part of the customer experience and loyalty strategy for many retailers, even as physical shopping returns. AI-powered retailers and brands are using advanced machine learning algorithms to analyze browser history, page clicks, social interactions, past purchases, page viewing duration, location and more to gauge customer interests and preferences in a more complex and exhaustive way than previously possible. But personalization is predicated on consumer data which has the potential to breach privacy regulations. Get it wrong and retailers risk significant fines and harm to brand reputation through negative headlines or consumer experience.

This opens the door to another big issue when it comes to consumers and their data - trust. Data from myriad surveys and research reports have painted a very similar picture: that the vast majority of consumers have no issues with companies collecting and using their personal data — if they have a good experience in return. According to Accenture, 91% of consumers still want a personalized online shopping experience despite the increase in data privacy concerns. It’s clear that retailers need a way to personalize their offering in real-time without compromising on data quality, analysis or security. 

Collect, store and use data without compromising security

But compliance cannot exist on the technical level alone; true compliance and respect for data regulations is a mindset that must be embedded throughout a retail organization. Besides mitigating legal risk, collaboration across all the teams that engage with or benefit from users’ data is critical to compete in today’s data-driven retail landscape. 

This means bridging the voids between legal teams, developers, the IT department and even those on the shop floor. By democratizing access to data - and equipping those individuals with the skills and tools to safely and securely interpret it - retailers can navigate through this potentially hazardous landscape. Indeed, it is only through education, restrictive admin rights, and broken-down silos, teams can distribute expertise and still uphold compliance.

Creating a solid foundation of data compliance

Data compliance is about asking questions and building time into project lifecycles to get the answers. While the nature of legislation suggests a lack of room for interpretation, understanding key facts about data before it is used is critical to ensuring compliance. What is required in order to address this, is a centralized data platform that enables the creation of enterprise AI projects while also providing the framework for AI governance and tools for data regulation compliance. By proxy, this ensures more opportunities for business-impacting models by providing a solid foundation that allows teams to work faster, smarter, and more securely.

By virtue of having a singular, centralized platform retails will see other benefits too. It will allow companies to clearly label data sets and projects that contain personal data and that need to be handled differently meaning personalization can be achieved without compromising on privacy. It also better equips retailers to develop straightforward and clear processes and, of course, have the ability to properly train staff on the policies and procedures for working with personal data. Indeed, just by its existence, the monitoring, enforcement and management of the personal data process become far more manageable.

The end of an era for retail

When it comes to retail, we’re certainly at the end of an era – the data free-for-all era, where brands could use any means possible to track and target consumers with little regard for the data process. This started years ago when GDPR was introduced. It means retailers must act now to put themselves in the best possible position. If the correct tools are used, personalization and privacy do not need to be mutually exclusive, and customers can be given bespoke experiences without the need to abuse personally identifiable information.