How can we balance privacy and user experience?

Today there is no such thing as a non data-driven company. But firms face a tough choice when it comes to handling and optimizing the vast amount of information available to them. Corporate leaders are scrambling to jump on the “Big Data” bandwagon to extract maximum value for their business. Meanwhile, providing adequate safeguards for customer data too often remains in the lurch.

To thrive in today’s market, simplicity and ease-of-use is essential to succeed and achieve broad consumer adoption. Yet while we live in a “one-click world” – IT at its core will remain complex. Each step towards customization and improved usability requires increasingly more personal data, and simplified user interfaces fundamentally challenge a company’s ability to apply best practices when collecting and processing user data.

Failure of corporations to meet heightened data protection standards and related customer expectations will result in steep fines, a lack of customer trust, and could possibly even put the entire company at risk. This is especially true in Europe. At the same time, companies that lose sight of the customer experience as they implement regulatory compliance protocols will not be successful long term. The conundrum is a kind of “digital Scylla and Charybdis”.

How did we get to this point?

There is no doubt that IT has been consumerized. Smartphones, tablets, and wearables have all fundamentally altered our productivity, our interaction with the world, our purchasing habits and banking, and the means by which we consume media content. According to a November 2015 survey released by telecoms equipment giant Ericsson, the total number of mobile phone subscriptions in Q3 2015 was around 7.3 billion globally. This is roughly the same number of people as are on the planet, though many still remain unconnected while lots of people in richer countries have multiple accounts.

We are becoming increasingly reliant on these new technologies. About half of U.S. smartphone owners check their devices multiple times an hour and another 20 percent of Americans look at their phone about hourly, according to a 2015 poll from Gallup.

At the same time, however, even more is still to come. Currently our online habits center on a few basic functions like email, search, online shopping, and social media. But once connected homes become ubiquitous, smart cars are the norm, and Virtual Reality/Artificial Reality devices proliferate life will never be the same again.

That day will be here sooner than we realize. According to the Ericsson report, Machine-to-Machine (M2M) use is expected to grow at a compound annual growth rate of 25 percent up to 2021. In total, it is expected that around 28 billion connected devices, or roughly four for every person on the planet, will be in use by 2021; of those, more than 15 billion will be connected M2M and consumer electronics devices.

Looking forward, these machines will even move towards analyzing human behavior in real time and provide what has been described as “contextually aware suggestions.”

Unfortunately in this period of rapid innovation and a race to market, developers have failed to focus on data privacy and security concerns. This strategy cannot be successful moving forward. Both government regulators and consumers are fighting back.

Last month the European Union passed new comprehensive data protection laws –some of the most progressive and stringent in the world. In the United States, the FTC is taking on an increasingly active role of policing the data-driven activities of companies under Section 5 of the Federal Trade Commission Act prohibiting ‘‘unfair or deceptive acts or practices in or affecting commerce.’’ In China, a draft Network Security Law released over the summer notably included requirements for Chinese network operators to safeguard personal information and obtain consumer consent to use personal data.

Additionally, consumers are increasingly aware that their data hold significant value to companies and that right now firms are keeping the vast share of the derived economic benefit to themselves. According to a special Eurobarometer Study published in June 2015, only 15 percent of Europeans feel they have complete control over the information they provide online; 31 percent think they have no control over it at all; and 67 percent respondents are concerned about not having complete control over the information they provide online.

All Roads Lead to UX

These trends are now coming to a head and are forcing both startups and established corporations to define their identities in this new age, and how they want to present themselves to the public. Getting their approach to privacy right while remaining consumer friendly will be absolutely critical to their future. Once they choose their way forward, next steps will need to include re-engineering their culture, corporate DNA, enterprise architecture, and overall mindset. It is no longer just about information domination and siloed knowledge stacks.

Companies must create a digital inventory so they have complete understanding of their data needs and holdings. Designers, developers, and marketers must closely coordinate with experts on data privacy and risk management. Clear ongoing lines of communication will be necessary as they together build new products or re-engineer or update existing ones.

Indispensable tools in this endeavor will be what is known as the Privacy Impact Assessment (PIA) – a systematic review of each project’s data management to ensure it is compliant with relevant regulations. Many companies already conduct similar programs to vet their cybersecurity protocols. Those can now serve as a blueprint for PIAs to ensure privacy compliance whenever a company creates a new offering, modifies its business model, or faces a changing regulatory landscape.

Privacy is a critical competitive differentiator and will require the successful implementation of such protocols. Customers must feel they are entering into a relationship with the company on equitable terms. Firms must avoid antagonizing users with unnecessary data requests, even as they simplify and streamline the user experience. That is how companies from now on can create a sustainable business.