Data privacy, ecommerce breaches, and hefty finesIn 2021, US consumers spent $870.78 billion online with US merchants. Your business likely benefited from the pandemic-inspired boom in ecommerce. Despite many customers returning to in-person shopping experiences, Americans are still enjoying the comfort of ecommerce.
However, with the ease of online shopping comes the risk of a data breach. And unfortunately, privacy breaches aren’t a rare occurrence. Last year was a record-breaking year for them. Almost 6 billion accounts were affected by data breaches in 2021. This year isn’t faring much better. In January 2022, hackers infected more than 500 ecommerce stores running Magento 1 with malware in a single day.
When a breach occurs, customers lose control of their data and sense of security. The breached businesses stand to lose much more.
When the GDPR went into effect, all EU companies and international companies with EU-based customers became accountable for how they collect, store, and use customer data. If a breach occurs and the business is found to have allowed it to happen through sloppy handling of data, the fines are massive. The GDPR states that severe violations can be liable for “20 million euros, or in the case of an undertaking, up to 4% of their total global turnover of the preceding fiscal year, whichever is higher.”
Amazon has firsthand knowledge of just how painful the consequences are for non-compliance. In July 2021, Luxembourg’s data protection authority issued Amazon a €746m fine for data violations.
Amazon denied any allegations of wrongdoing and is currently appealing the GDPR fine, saying “there has been no data breach, and no customer data has been exposed to any third party.” However, no breach needed to have occurred for the ecommerce giant to run afoul of the GDPR. Simply failing to attain explicit, free consent is failure enough.
Proper handling of consumer data protects both the customer and your bottom line.
Consumers walk away over ecommerce privacy concernsData collection can be a good thing. From a shopping cart that doesn’t empty when they click on a new webpage to remembered passwords, data can enhance a user’s experience. However, with the increase in breaches, customers are warier than ever to share their data.
On the legislative side, regulations like the EU’s GDPR and California’s CCPA/CPRA impose restrictions on how companies collect and manage data. On the personal side, consumers are restricting the data they share. A survey by McKinsey & Company showed that consumers are more likely to trust a business if they:
- Only ask for information relevant to their product
- React quickly to hacks and breaches
- Do not ask for too much personal information
- Proactively report hacks or breaches
Consumers are showing brands what is important to them with their actions. Over half of Americans say they’ve decided not to use a product or service over fears of how much personal information the company collected.
Maintain compliance with Osano’s platformManaging an ecommerce business in the midst of the data privacy revolution can feel uncertain at times. Things are changing quickly, and it’s hard to keep up. You want to grow your business, and you want to do it the right way.
Check out our products to find out how we can help. Whether you're looking for consent management, vendor monitoring, or data discovery, we're here to help you run your ecommerce business while staying compliant.