Research continues to show that consumers expect businesses to take action to protect, and are transparent about, the personal information that they collect. Businesses can no longer ignore their privacy and data security obligations. To do so, is to risk a loss of consumer trust, which will result in a loss of revenue.
Cisco conducted a survey of 2,600 data security and privacy professionals in 12 countries. Respondents were questioned on their organization’s privacy practices and spending, reactions to privacy legislation, and artificial intelligence. Below are some of the key findings of the resulting report, Privacy as an Enabler of Customer Trust (Cisco 2024 Data Privacy Benchmark Study):
- 94% of the responding organizations said that their customers would not buy from them if they did not have adequate data protection in place. 98% of respondents indicated that external certifications are important to customers. 97% responded that they felt an ethical responsibility in the use of a customer’s data. These were the highest rankings the study yielded in the past three years.[1]
- Organizations indicated receiving significant returns on their privacy investments in the areas of loyalty and trust; operational efficiency; agility and innovation; attractiveness of company; mitigating security losses; and reducing sales delays.[2]
- Almost every single respondent (98%) were reporting at least one privacy metric to management and the Board of Directors; more than 50% were reporting three privacy metrics.[3]
- 80% of the surveyed corporations indicated that privacy legislation had a positive impact on the organization.[4]
- 96% of the respondents endorsed privacy as a business imperative, with 95% agreeing that privacy’s benefits outweigh its costs.[5] However, privacy spending was down in smaller organizations, as was the perceived dollar value of the estimated financial benefits from privacy programs.[6]
- The reported benefit to an average organization was 1.6x the privacy investment; 30% of organizations estimated 2x or more return on their privacy investment.[7]
- The vast majority of respondents (91%) felt that they had work to do in order to reassure their customers about their use of personal information with artificial intelligence.[8]
- While many organizations reported benefits from generative artificial intelligence (“GenAI”), 91% reported seeing GenAI as “a fundamentally different technology with novel challenges and concerns.” These concerns included: damage to legal and intellectual property rights; public sharing of data entered into GenAI (or to competitors); and that the information provided to the user would be incorrect.[9]
An important takeaway for business owners and executives – regardless of the size of your company – is privacy and data protection is not an optional expense. They need to be line items on the annual budget. If a business fails to comply with its privacy obligations and takes no measures to protect client personal information, it exposes itself to significant financial and reputational risk.
Alysia Christiaen and the Lerners Privacy, Data and Information Security team are able to assist businesses develop robust privacy management programs that they, and their clients, can have confidence in.
[1] Cisco 2024 Data Privacy Benchmark Study (“Study”), page 4.
[2] Study, page 5. The scores for these returns were in the range of 73% to 80% of organizations responding positively.
[3] page 7.
[4] page 8.
[5] page 11.
[6] page 12-13. This is despite the finding that organizations yield significant returns on their privacy investments.
[7] page 14.
[8] page 15.
[9] page 19.