Aberdeen Group - Home
Collect, But Protect! Five Focus Areas for Greater User Privacy
Agathe Caffier
NOV 04, 2015 16:46 PM
A+ A A-

Collect, But Protect! Five Focus Areas for Greater User Privacy


Facebook can automatically identify and tag users in an uploaded photo. An Internet search for a product leads to ads for that product following you all over the Web.


Data stolen from many recent breaches can be aggregated to create a full portrait of your personal information, a portrait that can be used for nefarious purposes.

Privacy is dead. At least that’s what it feels like.

For obvious reasons, data collection has become a touchy subject. Concerns are rising both from user and collector points of view. End users, whether they are employees or customers, are requesting a higher level of respect towards their privacy, and putting forward more questions as to how and why their personal data is handled.

For their part, data collectors must be aware of these growing concerns and take appropriate steps to address them from the ground up, building best practices in privacy into every aspect of the products and services they provide.

Guest article by Agathe Caffier, Senior Counsel, International Operations & Privacy Specialist at DMI

The question before enterprises today is, “What is the best option that will serve customers…while still getting the data I need?” Research sponsored by Raytheon found that the average budget to effectively manage mobile devices is $278 per managed device.

However, current budgets range from $633 down to $98 per device, depending on company size. Whatever your budget, you need to be clear about what focus areas will best serve you and your customers.

1: Be Transparent with Your Customers

Sometimes users are resistant to providing information or access requested within an app, especially when it doesn’t seem to be related to the app’s main functionality. For instance, the Angry Birds game may ask players for their contact list. But users may be reluctant to share that information, unless the app is explicit that this data is used to connect them with friends who play the game. Being transparent is supreme.

2: Rethink Your Data Usage

Whether it’s collected internally or through an app, it’s never too late to assess how your company is handling data. If privacy was not designed at the outset of building your business, you can still audit it. An audit will usually try to understand how data that your business collects flows between different geographical regions and divisions.

When looking at the results of the audit, it will be clear where the pain points are and which actions should be taken. Should you undergo Safe Harbor Certification? Should you update your privacy policy (or, if you do not have one, what should your privacy policy state)?

Think about the app from the user’s perspective. Is your app privacy-friendly? Are your “privacy” notifications (request of collection of location, access to contacts, etc.) invasive and disruptive to the user journey? Did you integrate privacy from the outset of the app build process?

You can improve your users’ experience in a straightforward manner with the help of a strong UX/UI review, combined with an audit of data collection. Be transparent about data usage without being invasive to help increase user engagement and retention.

3: Revise Your Policies

In our 24/7 world of hyperconnectivity, privacy policies can quickly become outdated.

At an organizational level, designate a member of your team and place them in charge of verifying if the privacy policy needs updating annually. Long gone are the days when privacy policies were written once to tick a box on the list. They are now a tool empowering you to understand your business better.

At the app level, consider the reality that almost no one reads privacy policies. If you would like your user to read it, our recommendation is to make it as visual and interactive as possible.

4: Measure Your Risk

It’s not always easy to know if your privacy and security initiatives are in sync with the level of risk that your business actually faces. Business-minded people will always be more inclined to take a more risky approach for the sake of business innovation. And this is fine — just be clear about it.

5: Invest in Training

It may come as a surprise that most data breaches are the result of employees who fall for one scheme or another (phishing emails, social engineering calls, etc.). The solution here may seem straightforward: improving security training among employees within the organization, ranging from basic password guidelines to restricted access policies.

However, businesses are facing the issue that employees don’t always apply what is learned during training, even less so when carried out through an online platform. Make sure you use a relatable storytelling approach specific to your audience, as well as innovative and interactive workshops to involve your employees as an integral part of your privacy solution.

Collect…But Protect!

Data collection can be a goldmine for businesses, opening new revenue streams and creating greater insights that lead to better customer service and customized experiences.

However, in this touchy, “hands off my data” atmosphere, data collection can also be a minefield. It is important to put policies and processes in place to get the data you need — and offer the maximum safety for that data — without alienating your customers and prospects.

- See more at: http://www.techproessentials.com/collect-but-protect-five-focus-areas-for-greater-user-privacy/#sthash.Dcx8U4Yd.dpuf
[%= name %]
[%= createDate %]
[%= comment %]
Share this:
Please login to enter a comment: