Gone are the days of consumers blindly accepting terms & conditions and privacy policies.

As the pandemic thrust us into a fully digital existence, people are seeking to understand more about how their personal information is handled and are increasingly demanding transparency from brands they interact with. While stringent data regulations are making it mandatory for businesses to pay closer attention to their data privacy processes, it is not enough to react to these regulatory requirements; there needs to be a proactive pivot towards satisfying customer expectations.

Brands must now shape strategies aimed at retaining customer loyalty for the long-term in a data-led economy, and this requires contributing to the development of a wider, more sustainable Internet of Trusted Things (IoTT).

Of course, protecting data privacy and preserving brand integrity can seem like a huge headache at first with a whole host of new processes for businesses, with added layers of complexity stemming from the increasingly stringent regulations and heightened expectations that come with leveraging large data lakes of personal data. However, trusting a brand with the collection, storage and management of personal data should be more than a compliance-led, regulatory exercise.

Privacy and the protection of personal data need to sit at the heart of culture and processes in any organization that strives for success in the digital economy. Today, the brand custodian is the consumer; the power of the brand is in their hands. To treat them – or their data – with disregard would be a costly mistake in the race towards becoming the beacon brand for digital trust.

From compliance to clarity and further transparency

The global privacy landscape has evolved in recent years. Broadly speaking, the introduction of GDPR in Europe has paved the way for personal data privacy, but this framework of data protection has also been explored and adopted in other countries, such as India through their proposed Personal Data Protection Bill, Brazil with its LGPD framework, PIPEDA in Canada, or even Australia’s ‘ Privacy Principles’ . While each have their own nuances, the underpinning tone is that brands need to be held accountable for the way they handle data privacy, both domestically and on an international level.

The misconception, however, is that these regulations are, inherently, state-driven. And this is where brands can fall into the trap of treating their respective legal code as an admin task, while forgetting who they’re actually answerable to. After all, these new directives weren’t aimlessly added to company task lists; they were introduced in response to a rapid proliferation of online usage and tech reliance among consumers. And this trend has been markedly accelerated by the events of the past year as consumers have relied on digital providers for shopping, entertainment, communication, business and almost everything else.

While brands have been busy grappling to ensure their administrative affairs are in order to offset legislation penalties, consumers have been shaping their own expectations of how these organisations – both enterprise and governmental – should be conducting themselves from a privacy perspective.

Following a year in which the digital footprint of the consumer is likely to have expanded and increased awareness around data misuse and data breaches has continued to hit global headlines, the consumer now demands more than just compliance. They expect aptitude, clarity and transparency around how their information is being stored, handled and used.

Embedding a culture of digital trust ​

As the dust settles on the initial pandemic transition, the way brands approach privacy is becoming more of a focus area for attention. In terms of their processes and promises to customers and employees, the very essence of trust is now a key business differentiator. The Okta Digital Trust Index survey of more than 13,000 office workers and more than 2,000 Brits affirmed that 39% of workers in the UK have lost trust in a company due to a misuse of data during the pandemic. This figure rose to 40% in Australia and reaches 56% in the USA where there still isn’t a nationwide GDPR equivalent in place.

The changing dynamics at play in the business world are giving rise to the need for a digital trust ecosystem. By KPMG’s definition , digital trust is built on reliability, credibility, transparency, integrity, and security. It is this digital trust that brands need to carefully weave into focus when it comes to data strategy on order resonate with consumers and retain their loyalty.

Consumers and their brand expectations

Our own research compounds these increasingly demanding expectations among the consumer base. In 2020, our global consumer report found that 62% of global consumers were more likely to use brands that explain what they do with their personal information. For 65% of those surveyed, they would stop using brands altogether that don’t behave responsibly with their data. With more and more data being generated every day, consumer concerns and demands are set to rise.

Companies no longer own their brand. That ownership now sits with their customers who have the ability, the right and the choice to influence brand perception, engagement, and ultimately influence the success or failure of that brand.

Of course, this relationship pendulum can swing both ways, too. It’s not just a perilous challenge facing organizations – it’s a fantastic opportunity to form a stronger emotional connection with consumers than ever before. To not only sell a product or service, but to be a trusted ally with aligned privacy values.

While regulations have forced organizations to evolve in a privacy-conscious, data-centric society, brands should now be forming their own conclusions and starting to understand the pay-off that comes with embedding privacy within brand values and data strategies. Ultimately, their status – and survival – hinges on one decision-maker only. And that is the customer.

To establish a trusted digital economy, organisations need to build a culture with a privacy-first mindset at the heart of its operations. By building that culture, internally and externally, instead of treating data protection as just another compliance checklist, businesses will be able to build and empower more meaningful and rewarding customer relationships.