In a latest Cisco survey, 92% of respondents believe their organisation needs to do more to reassure customers about their data, showing a disconnect between consumers’ expectations and organisations’ privacy strategy. This disconnect crops up particularly around how companies apply the use of artificial intelligence (AI).
This is one of the major takeaway of the recently published 2023 Data Privacy Benchmark Study, the sixth edition of the annual global survey that investigates professionals’ perspective on data privacy strategy.
The benchmark is an anonymous survey across 26 geographies* of more than 3,100 security professionals familiar with data privacy.
Besides the disconnect between customers’ expectation and companies’ privacy strategy, the survey also finds that organisations privacy priorities differ from those expressed by consumers.
"When it comes to earning and building trust, compliance is not enough," said Harvey Jang, Cisco vice president and chief privacy officer. Transparency was the top priority for consumers (39%) to trust companies, whilst organisations surveyed felt compliance was the number one priority for building customer trust (30%).
Even though 96% of organisations believe they have processes in place to meet the responsible and ethical standards that customers expect for AI-based solutions and services, 92% of respondents believe their organisation needs to do more to reassure customers about their data.
Indeed, the Cisco 2022 Consumer Privacy Survey showed 60% of consumers are concerned about how organisations apply and use AI today, and 65% already have lost trust in companies over their AI practices. Consumers also said the top approach for making them more comfortable would be to provide opportunities for them to opt out of AI-based solutions. Yet, the privacy benchmark shows providing opt-out opportunities was selected least (22%) among the options organisations would put in place to reassure consumers.
ROI on privacy investment
The privacy benchmark study also shows that despite a difficult economic environment, companies continue to invest in privacy, with spending up from US$1.2 million three years ago to US$2.7 million this year.
Over 70% of companies polled said they were getting "significant" or "very significant" benefits from privacy investments, such as building trust with customers, reducing sales delays, or mitigating losses from data breaches.
On average, they are getting benefits estimated to be 1.8 times spending, and 94% of all respondents indicated they believe the benefits of privacy outweigh the costs overall.
With privacy as a critical business priority, more companies recognise that everyone across their organisation plays a vital role in protecting data. This year, 95% of respondents said that "all of their employees" need to know how to protect data privacy.
"An organisation's approach to privacy impacts more than compliance," said Dev Stahlkopf, Cisco executive vice president and chief legal officer. "Investment in privacy drives business value across sales, security, operations, and most importantly, trust."
Positive impact of privacy laws
Privacy legislation plays an important role in enabling governments to hold companies accountable for how they manage personal data, and 157 countries (up from 145 last year) now have privacy laws in place.
Even though complying with these laws involves significant effort and cost, 79% of all corporate respondents said privacy laws have had a positive impact.
Although 88% of respondents believe their data would be safer if stored only within their country or region, research indicates this does not hold up once costs, security and other trade-offs are considered. Remarkably, 90% also said that a global provider, operating at scale, can better protect the data compared to local providers.