There is no going back. In less than 12 months, the COVID-19 pandemic has rapidly and abruptly consolidated our reliance on digital services and platforms. In this new reality, consumers are rethinking what they expect in exchange for their personal data.
The resulting message for organizations is clear: to meet the expectations of today’s consumers and anticipate their future needs, it is time to rethink data privacy.
Our latest research, the EY Global Consumer Privacy Survey, aims to help organizations understand how those needs are evolving by examining consumers’ attitudes toward personal data sharing and analyzing the ways in which their behavior is changing.
In particular, we address three critical questions, which we believe are shaping a new era in data privacy:
- The expectation: how do consumers expect organizations to treat their data?
- The exchange: what do consumers want in return for their data?
- The evolution: how is data privacy shifting for a post-pandemic world?
So what do businesses need to know? Here, we give an overview of the new data privacy landscape and outline three important ways in which business leaders can navigate it.
1. Deliver the certainty consumers crave
Despite an uncertain outlook, the pandemic has cemented consumers’ resolve to have control over their personal data. When we asked them what is most important when they choose to share their personal data with an organization, the majority point to secure collection and storage (63%), control over what data is being shared (57%) and trust in the company collecting their data (51%).
“Post COVID-19, consumer expectations of companies have not changed – they expect them to respect their privacy,” says Angela Saverice-Rohan, EY Americas Privacy Leader. However, while the desire for privacy remains a constant, the pandemic has increased levels of consumer data privacy awareness: 54% of consumers say that COVID-19 has made them more aware of the personal data they share than they were before the pandemic, and consumers are much more likely to point to COVID-19 as a driver of data privacy awareness than they are regulatory changes, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) (43% compared with 25%).