And it’s for the best because consumers, in general, harbor deep distrust in light of fake news, regular fraud, and web decentralization. In fact, Edelman’s 2021 Trust Barometer found that fake news concerns are at an all-time high, suggesting we’ve officially entered “a new era of information bankruptcy.”
Unfortunately, if companies aren’t careful, it’s easy to exacerbate consumers’ distrust. When brands solicit too much user information, carry confusing messaging, boast dense privacy policies, or engage in behavioral ad creep, they’re adding to the problem.
In your own policy, use digestible language to relay company protocols surrounding areas of common consumer distrust, like:
- transparency of data sharing and selling practices,
- security terms,
- compliance obligations,
- operational risks,
- and breach management strategies.
This is not a new way of thinking, either.
Consider the consumer reaction to Apple’s release of the iPhone 5S back in 2013. Arguably, the phone’s most notable feature was Touch ID, where the home button’s new fingerprint scanner could unlock your phone, removing the need to key in a password every time. While some marveled at the technology, others immediately jumped to scarier conclusions: Apple was using our fingerprints for privacy and identity tracking.
Of course, Apple worked to debunk this myth, but it became clear that consumers generally don’t trust how companies use their information.
And that was nine years ago.
Luckily, a growing trend of legislative measures like the European Union’s General Data Protection Regulation (GPDR) and the California Consumer Privacy Act (CCPA) seek to establish uniform and codified privacy policies.
Visibility into vendor policiesCompanies that regularly use third parties to deliver their own services or products, sell or share data, or employ tech solutions are creating a more complex and unwieldy risk surface area.
In fact, a 2020 study by IBM and the Ponemon Institute listed third-party software vulnerability as one of the most common methods of compromise; another report suggests roughly 60% of data breaches happen through third-party vendors.
This means knowing your vendors — and their vendors — is necessary for not only mitigating your company’s exposure, but also protecting your viability for future success. But how, exactly, do you tackle the considerably long (and often abstruse) verbiage of privacy policies?
The short answer is help.
Change is the only constantAs more location-specific privacy policies arise and evolve — Colorado, Nevada, Maryland, and Virginia all have their own addenda — change is evidently the only constant.
Similar documents, historically riddled with legalese and jargon, now do little to inform consumers of your habits and practices. These days, it only exacerbates distrust and reluctance.
Isn’t it worth knowing whether your site is 100% compliant? We think so. Find out today when you sign up for a demo or free trial.