Consumers trust your tech even less than you think

The top solutions? Transparency and respect.

Do you think you’re doing better at protecting your consumers’ data and earning their trust in your technology? If so, you’re not alone. Most corporate leaders say the same.

There’s just one problem: consumers disagree.

Until now, consumers have generally stayed with businesses despite mistrust over how their data is used. Most have remained even after well-publicized security breaches. But a new global survey (part of PwC's Consumer Intelligence Series) of over 5,000 consumers and 2,000 executives indicates that this consumer tolerance could be about to change.

If consumers haven’t switched businesses yet, it’s not because privacy doesn’t matter. It’s because they feel that they have no choice. Skeptical that another company would be any better than their current one, consumers feel trapped—but they yearn for a better option and would take it if they could. Faced with a lack of better options, some consumers are simply dropping out: one in ten are expecting their overall usage of and engagement with technology to decrease in the next six months.

As a business leader, are you willing to bet your company’s future on the hope that no competitor will give consumers a better option tomorrow? Or will you be that better choice?

loading-player

Playback of this video is not currently available

The results are in: customers don’t trust you to look after their data. What will you do about it?

You may not be a trusted partner—but a necessary evil

No one can call global consumers naive. They increasingly recognize the price of the implicit contract by which they give up their data to “free” apps and sites. When it comes to privacy, for example, 67% say they have little to no control over how their data is used. On security, 60% say that they expect the companies they do business with to suffer a data breach some day. That’s likely because 34% say that one or more companies that hold their data have already suffered a breach.

Yet when it comes to words and actions, consumers offer an apparent contradiction. Sixty-six percent call data breaches “unacceptable,” but in practice most do accept them: 55% have continued to use or buy from companies, even after learning that these companies suffered a breach.

Consumers aren’t hypocrites. Nor are they fooling themselves. They’re rational. Sixty-seven percent say that despite “nervousness” over sharing data, the benefits outweigh the risks, and 76% call sharing personal information with companies a “necessary evil.”

85% of global consumers wish there were more companies I could trust with my data

While a majority stick with companies despite their qualms, they want a better option. Eighty-five percent say they wish there were more companies they could trust with their data. Eighty-three percent want more control over their own data.

Consumers are looking for companies to provide that trust and to offer them that control. Eighty-six percent call it the responsibility of business to protect consumer data, in part because they know what they don’t know: 59% call themselves “novices” at protecting their own personal privacy, perhaps because privacy documents can stretch to dozens of pages, which few have time to read. When it comes to security, only 27% of consumers know what hardware and software tokens are. Only 35% know what identity-theft monitoring is.

Today, consumers aren’t finding businesses they can trust, but if they do so in future, they’ll choose them instead. Social media platforms, for example, are famously “sticky,” but 52% of global consumers say that they would leave their current platforms for one that protects their data better.

76% of global consumers think sharing my personal information with companies is a necessary evil in today's modern economy

“I’m very dependent on all these big companies. I use their products, their services, and there’s really no alternative, so you just have to live with it… No matter what the company says, saying, ‘We’re going to have 100% privacy. We’re not going to share any of your data,’ to me, I think it’s just baloney. I think it’s just something for them to say.”

- Consumer, US

“The more information they get from you, the more they’re able to send you offers and things like that that are tailored to you. So [by not sharing data] you probably miss out on that, but if you weigh up the pros and cons, it’s not that big of an issue.”

- Consumer, UK

You may think you’re making progress—but you’re not

“There’s a problem, but it’s not mine”. So appears to be the attitude of business leaders around the world regarding consumer trust in data safeguards. Seventy-six percent say that companies (in general) are facing a crisis of consumer trust, yet the cause of that mistrust is apparently elsewhere: 80% give themselves an A or B for protecting consumer data. Businesses also think things are getting better: 55% say that consumer trust in their technology is growing.

Yet only 21% of global consumers actually report such growing trust. A larger proportion (28%) say that their trust in businesses’ technology has actually been falling.

It’s understandable that businesses expect greater trust from their customers. Many are making serious, praiseworthy efforts in improving data security. For a start, they're accepting responsibility, with 58% of global leaders saying it’s primarily the job of business (not consumers or the government) to improve data privacy and security. Eighty-five percent say they comply with the strictest privacy and security regulations around the world, whether that’s GDPRCCPA, the China Cybersecurity Law or Brazil’s General Data Protection Law, rather than shopping for often-lower ones in individual jurisdictions. Fifty-four percent of business leaders also say that encryption is a top priority.

Yet businesses also acknowledge challenges, especially internally. Seventy-three percent report that “privacy and security are hard to prioritize among all the other things that we must accomplish at my company.” That may be because 72% say that it’s hard to invest in something that “feels invisible,” like behind-the-scenes security. By comparison, investments in monetizing consumer data without consumers’ explicit permission may offer an appealing, short-term revenue boost.

Even if it can be hard to win organizational buy-in for investments in privacy and security that go beyond what regulatory requirements are driving, and even if current efforts have often not been enough to win consumer trust, businesses shouldn’t give up. Consumers are clear about what they want—and they’re not demanding anything that businesses aren’t capable of giving.

As trust in companies continues to decline, business leaders are underestimating the gap
As trust in companies continues to decline, business leaders are underestimating the gap

“The thing is, they’re still not protecting us. Everyone is saying the hackers are taking two steps ahead of us or ahead of the companies, and, ultimately, we pay the price, not the company. The company still profits off of us.”

- Consumer, US

“If you want me to trust you, you have to tell me how you treat my data and how you are securing it.”

- Internet expert, China

Consumers don’t expect perfection. They expect respect.

Consumers understand that the best security systems will falter at times. When we asked their likely reaction if a company suffered an incident that impacted their data security or privacy, only 27% said that they would stop doing business with that company. Even in the highly sensitive area of mobile payments, only 31% said that a security breach meant that they would automatically move on.

Instead, 62% of consumers said they would either “wait and see” how the company responded or “seek” an alternative provider—and “seek” implies that they might still stay with a company that had failed them once.

Consumers don’t need perfection or big sweeping fixes right away. Instead, when our survey asked consumers what companies should do to build or rebuild their trust in your technology, the overwhelming message was clear: Be transparent and show that you’re trying your absolute best and that you are on their side.

Forty-four percent of consumers call “transparency and quick action after a breach” important steps when it comes to building or rebuilding trust. Consumers also cite transparency about a company’s use of consumer data (39%), and transparency about whether and how their data is shared (39%) as crucial policies.

To show that you’re trying your best, consumers cite as foundations of trust best practices such as proactively integrating privacy and security into products and services (39%), encrypting all consumer information and company databases (38%) and including security experts in the design of each product (36%).

To show that you’re on their side, consumers want to see data security and privacy made a core corporate value, no third-party sales of their data (39%), the option to choose how their data is used (37%) and clarity about how they can set privacy settings (36%).

All these consumer priorities are within the grasp of business—if they choose to act on them. None require an impossible promise to eliminate all risk of a data breach. All leave multiple opportunities for monetizing data open—if companies successfully deploy specific solutions.

“If my technology infrastructure, especially my hardware and software architecture, is not designed to protect data, then I can never be proactive. I could be proactive in keeping consumers informed, but at the back end, my system is not going to keep up with the heightened expectations from consumers.”

- Pharmaceutical expert, India

“People will align themselves to organizations that they perceive they can trust more.”

- Financial services expert, Canada

Solutions: how to be the trusted company that consumers seek

Earning consumers’ trust and continuing to use data to grow revenue are not mutually exclusive ambitions. We have found four solutions that work again and again, allowing you to earn consumers’ trust while also helping to make your data trusted data—the kind that produces insights (often with the help of artificial intelligence) that your decision-makers can rely on for new revenue streams and business models. By simultaneously supporting the business, compliance and consumer trust, these solutions can also be an integral part of a broader digital transformation.

The place to begin is to set up a trust team that includes not only privacy and risk experts, but also all the organizational leaders who must (and in many cases, already do) integrate privacy and security into their daily work. This includes IT teams, who are focused on making technology safe, top management, who are anxious to protect the company and the brand, business leaders, who are eager to monetize data and marketing teams, who crave effective campaigns and a stellar customer experience. All of these groups must have a voice in deploying the four solutions that boost both customer trust and monetization opportunities.

Who in the organization is most interested in building customer trust?
Who in the organization is most interested in building customer trust?

1. Declare privacy and security a core value, so consumers can hold you to it

Communicate the measures that you are taking to back up this core value, so consumers know you are protecting them and so they can better protect themselves. Consider a C-level position, responsible for both orchestrating and communicating initiatives around privacy and security. Include not just customers, but also investors, regulators and employees in your communications.

Keep track of evolving regulations on privacy and privacy reporting worldwide, and be aware that not just regulations, but values differ from one country to the next: what is considered a privacy right in one country may not be in another. Multinationals may need one set of privacy and security values that they apply globally, and an additional set of country-specific ones.

View more

2. Choose privacy and security by design and weave it throughout the entire organization

Embed risk-based safeguards not just into IT systems’ architecture, but also into your business practices, supply chain, third-party contracts, agile development and controls to make your organization the center of a growing web of trust.

For best results, get privacy and security experts on board at the start of any data-related initiative. It’s more effective (and more cost-effective) to embed privacy and security from the get-go than to add it on later. Starting with privacy and security also helps demonstrate that they truly are a core value.

View more

3. Prove to customers that you respect them

Tell consumers what you are doing with their data through direct, individual communications on multiple channels, throughout the buying cycle. Offer options to give them control over their data—including the option to choose how their data is used—and clear choices among privacy settings. Don’t sell their data to third parties without their explicit permission.

View more

4. Should a breach occur, act quickly and transparently

Transparency requires sharing not just the fact of the breach as soon as it occurs, but doing so through multiple channels and providing continual updates. Your company will therefore need a communications plan, which addresses victim notification as well as brand preservation as part of your incident response procedures.

Aside from quick action to repair the breach, consider some of the top responses (see graphic) that consumers say will rebuild trust after a breach occurs. Pay attention to cultural differences: consumers in some countries are far more likely to attribute importance to a “personal touch” (such as a public apology or the opportunity to talk to a customer support specialist) than in others.

View more


A tipping point is near. This could be the year of reckoning in trust

Nine in ten business leaders say that building and maintaining customer trust will be the competitive advantage of the future. But right now, few are prepared to seize that advantage, and the odds of consumers trusting companies’ technology are falling, not rising. Thirty-six percent are less comfortable sharing information now than a year ago. Only 17% are more comfortable. And though customization is one of the greatest business opportunities of the Fourth Industrial Revolution, most consumers are planning to stay away: 56% would rather keep their information private and settle for generic products and services, rather than sharing personal information to enable products and services tailored to their needs.

Companies can no longer assume that consumers will tolerate subpar privacy and security practices. Consumers are learning more about the different ways their privacy can be breached, thanks to citizen activists, investigative journalists and scholars. And regulators are studying how current and emerging business models and practices enabled by the internet of everything (IoE) can lead to increasing violations of consumers’ privacy.

Since consumers want a better choice, sooner rather than later a company will provide it—and business leaders increasingly recognize the imperative, with 83% saying that “We have reached a tipping point in which customers are demanding control of their data.”

Even if consumers are skeptical, they haven’t lost hope: They want to find companies they can trust. The road is therefore wide open for forward-thinking companies to give consumers the privacy, security, transparency and control that they crave, in a way that truly will create a competitive advantage.

This road will not be easy. It also has no end. Designing privacy and security throughout the organization is an ongoing responsibility. Technology evolves at a breathtaking, accelerating pace, as do the business opportunities that it supports, leading to ever-new practical and ethical questions.

How should businesses use publicly available data on consumers? How far should you go in subliminally "nudging" behaviors? What’s the right balance to strike between national security concerns and personal privacy? New questions, unimaginable today, will surely appear tomorrow. Regulators’ requirements too are constantly changing, and consumers’ values—what data they are willing to share, and at what price—are also in flux.

The target, already hard to hit, is moving, but the reward of success is tremendous: consumers who will give you loyalty, and willingly share the data that is the basis for the business models of the future.

tolerance is declining
tolerance is declining

Contact us

Sean Joyce

US and Global Cybersecurity and Privacy Leader, PwC US

Jay Cline

US Privacy Leader, Principal, PwC US

Anand Rao

Global & US Artificial Intelligence and US Data & Analytics Leader, PwC US

Alison Kutler

Principal, Strategic Policy Leader, PwC US

Follow us

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Hide