by Timothy Morey

Imagine you’re a parent taking your teenage daughter to a beach volleyball training session. As you’re getting ready to leave the house, you ask Alexa about the weather. You punch the address into Google Maps to check traffic conditions; your Tesla Model 3 knows where you’re going and who’s driving. En route, license plate scanners assess tolls and track your progress. On arrival, you pay for street parking with the ParkMobile app and use the Starbucks app to pick up coffee. You’re not even two hours into a Saturday morning and already Amazon, Google, Tesla, the local government, AT&T, a parking app provider, Starbucks, Apple, and a payment provider know where you are and what you’re up to. And that’s before any of them sell your information to data brokers.

Until recently, consumers have been largely unaware, indifferent, or resigned to the use of their data for personalized experiences and targeted marketing. The convenience outweighed the cost, resulting in the privacy paradox, where consumers say they are concerned but don’t change their behavior. But the sheer pervasiveness of digital surveillance is causing concerned customers to act and call into question how companies treat their data.

Governments have stepped up regulation in response to data breaches and abuses, from the General Data Protection Regulation (GDPR) in Europe to the California Consumer Privacy Act (CCPA) in the United States. Regulatory backlash is just one of the costs of abusing customer data. It also results in reputational damage, direct costs to businesses to deal with the cleanup of data breaches, and executive job losses all the way up to the CEO. Data breaches and abuses make it harder for businesses to attract and retain talented employees. But most of all, mistreating customer data results in wary customers and a loss of trust. If customers don’t trust you, they’re less likely to do business with you. More than ever, consumer trust matters.

Companies that are trusted can gather more personal data and use that data to enhance their services, giving them a competitive advantage over less trusted firms. And trusted companies are more readily forgiven when things inevitably go wrong. Take the smart speaker market: Amazon’s Alexa dominates with 70% share, whereas Facebook’s Portal, despite a quality product and a massive marketing push, remains statistically insignificant. That’s no surprise, considering the number and magnitude of data breaches Facebook has suffered. Unfortunately, trust does not easily lend itself to business metrics and KPIs. Rather, it must be measured indirectly through customer attrition, share of customer wallet, customer lifetime value, and attitudinal metrics such as Net Promoter Scores. Trust resides in customers’ minds, formed by their perceptions and experiences of a company over time. It’s not entirely in a company’s control; however, companies can take steps to increase their chances of being trusted.

So beyond meeting basic regulatory requirements, how can your company build trust with its customers?

Be clear about your data practices

Don’t obfuscate your data practices with legalese; honestly explain your policy in clear and simple language. A short video, perhaps from your CEO, is better than asking customers to click away an “I accept” privacy notice that never gets read. On top of building trust, companies with clear statements are less likely to be punished by consumers if and when they suffer a data breach.

Give your customers control

Providing your customers with tools to manage how they interact with your company and being upfront about what you do with their data builds trust. It signals to customers that you’re respectful of their wishes and will be thoughtful stewards of their data. Offer an easy-to-navigate privacy dashboard, promote and link to it, and allow customers to download or erase their data.

Make it a two-way street

Even though the direct-exchange mechanism between consumers and providers has broken down to some extent, trusted companies offer clear value to their customers in exchange for their data. Businesses like Spotify and Pinterest curate recommendations as they observe user behavior, giving consumers clear benefits for taking the time to listen to or like content. The more value a company provides, and the more consistently it provides it, the more it will be trusted. Trust has evolved from a rational evaluation of a business’s trustworthiness to a more emotional evaluation, rather like brand perception.

Go beyond the legally required minimum

Data-driven technology firms abused consumer trust through their cavalier attitudes to privacy in the first years of the 2000s and into the early 2010s. That’s now catching up with them as a subset of privacy-active consumers switch providers over data policies. It’s also driving new regulation beyond the GDPR and CCPA. As other types of businesses and industries digitize their customer experience, they’re dealing with skeptical consumers who’ve been abused by data-driven tech firms. To navigate this effectively and to build trust, collect only the data your company needs, educate customers about how you’re going to use the data, and behave in a customer-centric fashion.

Where do we go from here?

Regulation will remain in place and, if anything, become stricter. The hands-off approach to regulation of early internet businesses has given way to a realization that consumer protections are needed. For businesses coping with regulation, the typical approach is to meet the demands of the strictest jurisdiction and make that the global standard for the company. There’s little interest in maintaining one digital product for California, another for the rest of the United States, yet another for the European Union, and so on.

Business appetite for customer data will continue to grow. Access to data will increase competitive advantage as businesses with data can offer valuable, tailored, personal experiences to their customers. In retrospect, offering targeted advertising was easy, because it used data that wasn’t particularly sensitive. What comes next will be harder. Health care applications that are based on medical records and DNA, wellness products that ask for a customer’s mental health history, or financial products that rely on full disclosures of spending histories will all require access to much more sensitive data sets. Companies that have proved themselves to be trustworthy will do better here.

The big unknown is how peoples’ attitudes toward data privacy will evolve. But for business decision making, it’s safest to assume that customer skepticism will grow. Businesses need to take action today to remain on the right side of emerging customer expectations. The chapters in this volume will help you think critically about the steps your organization needs to take to collect, store, and use customer data in a way that builds trust—and your business.