The Evolution Of Consumer Attitudes On Privacy

Fatemeh Khatibloo

With Anjali Lai

The tide is turning on privacy. Since the earliest days of the World Wide Web, there has been an increasing sense that the Internet would effectively kill privacy – and in the wake of the NSA PRISM program revelations, that sentiment was stronger than ever. However, by using our Forrester’s Technographics 360 methodology, which blends multiple qualitative and quantitative data sources, we found that attitudes on privacy are evolving: Consumers are beginning to shift from a state of apathy and resignation to caution and empowerment.

Read more

The Data Digest: The Evolution Of Consumer Attitudes On Privacy

Anjali Lai

With Fatemeh Khatibloo

The tide is turning on privacy. Since the earliest days of the World Wide Web, there has been an increasing sense that the Internet would effectively kill privacy – and in the wake of the NSA PRISM program revelations, that sentiment was stronger than ever. However, by using our Forrester’s Technographics 360 methodology, which blends multiple qualitative and quantitative data sources, we found that attitudes on privacy are evolving: Consumers are beginning to shift from a state of apathy and resignation to caution and empowerment.

In our recently published report, we integrate Forrester's Consumer Technographics® survey data, ConsumerVoices Market Research Online Community qualitative insight, and social listening data to provide a holistic view of the changes in consumer perceptions and expectations of data privacy. In the past year, individuals have 1) become much more aware about the ways in which organizations collect, use, and share personal data and 2) have started to change their online behavior in response: 

Read more

What Does Acxiom's $310M LiveRamp Bid Mean For Marketers?

Fatemeh Khatibloo

On May 14, Acxiom announced its intention to acquire LiveRamp, a "data onboarding service," to the tune of $310 million in cash. Several Forrester analysts (Tina Moffett, Susan Bidel, Sri Sridharan, and I) cover these two firms, and what follows is our collective thinking on the impending acquisition after having been briefed by Acxiom's leadership on the matter.

Read more

What Does "Heartbleed" Mean To Consumers?

Anjali Lai

With Kristopher Arcand

When news about the Heartbleed bug captured worldwide attention last month, consumers learned that their personal information, initially thought to be secure, had in fact been vulnerable to hackers for years. Arguably the worst Internet breach of all time, the revelation left many questioning what to do next.

To understand how consumer reaction to Heartbleed unfolded, we tuned into online chatter and engaged Forrester’s ConsumerVoices market research online community immediately after the news broke. While Forrester’s social listening data reveals that sentiment of consumer conversation about Heartbleed was consistently negative, online community response tells us that the negativity doesn’t stem purely from shock – rather, from a sense of helplessness and jadedness. 

 

Read more

If You Are CEO Of A Consumer Organization, You Have A New Job Responsibility -- Security

Stephanie Balaouras

On May 5, 2014, Target announced the resignation of its CEO, Gregg Steinhafel, in large part because of the massive and embarrassing customer data breach that occurred just before the 2013 U.S. holiday season kicked into high gear. After a security breach or incident, the CISO (or whoever is in charge of security) or the CIO, or both, are usually axed. Someone’s head has to roll. But the resignation of the CEO is unusual, and I believe this marks an important turning point in the visibility, prioritization, importance, and funding of information security. It’s an indication of just how much:

  • Security directly affects the top and bottom line. Early estimates of the cost of Target's 2013 holiday security breach indicate a potential customer churn of 1% to 5%, representing anywhere from $30 million to $150 million in lost net income. Target's stock fell 11% after it disclosed the breach in mid-December, but investors pushed shares up nearly 7% on the news of recovering sales. In February 2014, the company reported a 46% decline in profits due to the security breach.
     
  • Poor security will tank your reputation. The last thing Target needed was to be a permanent fixture of the 24-hour news cycle during the holiday season. Sure, like other breached companies, Target’s reputation will likely bounce back but it will take a lot of communication, investment, and other efforts to regain customer trust. The company announced last week that it will spend $100 million to adopt chip-and-PIN technology.
     
Read more

Mobile App Developers: Stop Capturing Unnecessary Data Before Regulators Stop You

Martha Bennett

The findings presented in an article by German magazine Computerwoche published on Feb 11, 2014, are a forceful reminder that messages about excessive data capture via mobile apps seem to have gone unheeded so far.  As reported, tests by TÜV Trust IT established that “almost one in two mobile apps suck up data unnecessarily”.

What’s “unnecessary” of course depends on your viewpoint: it may seem unnecessary to me if my mobile email app captures my location; the provider of the app, on the other hand, could be capturing the information to provide me with a better service and/or to make money from selling such data to a third party. The trouble is that I don’t know, and I don’t have a choice if I want to use the app. From a consumer perspective, this is not a satisfactory situation; I’d even go as far as calling it unacceptable. Not that it matters what I feel; but privacy advocates and regulators are increasingly taking notice. Unless app providers take voluntary measures, they may see their data capture habits curtailed by regulation to a greater degree than would otherwise be the case.

Let’s step back a moment and consider why so many mobile apps capture more data than is strictly speaking necessary for the functioning of the app:

Read more

Computers, Privacy & Data Protection Conference 2014: Embracing User Privacy As A Competitive Advantage

Dan Bieler

By Enza Iannopollo and Dan Bieler

The recent Computers, Privacy & Data Protection Conference (CPDP) showcased a series of innovative projects that are based on big data. Big data is one of the four imperatives that shape the age of the customer — one of Forrester’s main focus areas — and the changing regulatory framework of data protection in Europe has big implications for big data initiatives.

Central to data protection is the existing EU Data Protection Directive, which legislators have been trying to update for years to reflect the changing online realities. The proposed Data Protection Regulation focuses on a redefinition of the concept of “consent.” User consent now has to be freely given, specific, informed, and explicit.

This new definition forces businesses to be more transparent about how they gather, use, disclose, and manage customer data in the form of the principles of privacy notice and purpose limitation. Complying with these new privacy principles is a challenge in the age of the customer, as privacy regulation affects:

Read more

Acxiom's Untied Kimono

Fatemeh Khatibloo

Yesterday, Acxiom, one of the world's largest data brokers and a key player in the marketing services ecosystem, launched an important new consumer service (still in Beta) called "About The Data."  It's an initiative to show consumers some of the data that Acxiom has compiled about them, to provide education around how certain types of data are sourced and used, and to let users correct and/or suppress the use of these datapoints for marketing purposes. 

This is a big deal. Why? Because it's pushing Acxiom (and, frankly, the entire third-party data industry) way out of its comfort zone on a few levels.

  1. First, this is not a company that is used to dealing with consumers on a mass scale. Acxiom's DNA is fundamentally B2B; learning how to communicate to, and design tools for, individual consumers is a massive undertaking, and it shows in the UI. For example, when I attempted to register my address with a "#" preceding my apartment number, the format was rejected without any indication that symbols were disallowed in that field. As a tech-savant, it only took me one more attempt to figure that out, but not all consumers are so savvy. Similarly, clicking the "Home" button on the navigation bar logs users out without any notice or warning. 
     
Read more

The Cost of PRISM Will Be Larger Than ITIF Projects

James Staten

Earlier this month The Information Technology & Innovation Foundation (ITIF) published a prediction that the U.S. cloud computing industry stands to lose up to $35 billion by 2016 thanks to the National Security Agency (NSA) PRISM project, leaked to the media in June. We think this estimate is too low and could be as high as $180 billion or a 25% hit to overall IT service provider revenues in that same timeframe. That is, if you believe the assumption that government spying is more a concern than the business benefits of going cloud.

Having read through the thoughtful analysis by Daniel Castro at ITIF, we commend him and this think tank on their reasoning and cost estimates. However the analysis really limited the impact to the actions of non-US corporations. The high-end figure, assumes US-based cloud computing providers would lose 20% of the potential revenues available from the foreign market. However we believe there are two additional impacts that would further be felt from this revelation:

1. US customers would also bypass US cloud providers for their international and overseas business - costing these cloud providers up to 20% of this business as well.

2. Non-US cloud providers will lose as much as 20% of their available overseas and domestic opportunities due to other governments taking similar actions.

Let's examine these two cases in a bit more detail.

Read more

The Data-Driven World: A European Perspective

Martha Bennett

Notes from the TechAmerica Europe seminar in Brussels, March 27, 2013

This may not be the most timely event write-up ever produced, but in light of all the discussions I’ve had on the same themes during the past few weeks, I thought I’d share my notes anyway.

The purpose of the event was to peel away some of the hype layers around the “big data” discussion, and — from a European perspective — take a look at the opportunities as well as challenges brought by the increasing amounts of data that is available, and the technologies that enable its exploitation. As was to be expected, an ever-present subtext was the potential of having laws and regulations put in place which — while well-intentioned — can ultimately stifle innovation and even act against consumer interests. And speaking of innovation: Another theme running through several of the discussions was the seeming lack of technology-driven innovation in Europe, in particular when considered in the context of an economic environment in dire need of every stimulus it can get.

The scene was set by John Boswell, senior VP, chief legal officer, and corporate secretary at SAS, who provided a neat summary of the technology developments (cheap storage, unprecedented access to compute power, pervasive connectivity) giving rise to countless opportunities related to the availability, sharing and exploitation of ever-increasing amounts of data. He also outlined the threats posed to companies, governments, and individuals by those who with more sinister intent when it comes to data exploitation, be it for ideological, financial, or political reasons. Clearly, those threats require mitigation, but John also made the point that “regulatory overlays” can also hinder progress, through limiting or even preventing altogether the free flow of data.

Read more