Privacy: Lessons Learned and Prognostications

Fatemeh Khatibloo

Earlier this year, I had the pleasure of moderating a panel of leading privacy professionals for the Churchill Club.

During the session, we recapped the highlights—and lowlights—of privacy in 2014, discussed some of the major trends and issues in the space, and made some predictions for 2015 and beyond.

What stood out for me, as a customer insights (CI) professional, is how critical our teams are to the work of privacy and how much we must guide the process of contextual privacy. There is a lot of work to be done to build stronger organization-wide consensus around better privacy. Like they were the nexus point between business technology and marketing teams, CI pros are now the nexus between security, legal, and marketing teams.

I’ve linked the full session below. Please enjoy, and please consider getting involved in Data Privacy Day 2016 - the effort could use more marketers and business leaders.

Observations From Mobile World Congress 2015 From A CIO's Perspective

Dan Bieler

Mobile World Congress (MWC) was a real marathon: According to my wearable gadget, I walked 70,278 steps, or 53.7 km, in four days. So was it worth it apart from the workout?

MWC was certainly busy; it attracted more than 90,000 attendees, including about 50,000 C-level executives (of whom 4,500 were CEOs) — making it the largest MWC event to date. While MWC does not attempt to cater to CIOs’ requirements — only about one-third of the attendees come from outside the technology sector, mostly from government, financial institutions, and media and advertising firms — the event deals with all the critical topics that CIOs will have to address in the years ahead.

This year’s MWC focused on innovation, which is arguably the single most important business priority to ensure business survival in a rapidly changing marketplace. As a business enabler, every CIO must meet the expectation of today’s business customer that he can get what he wants in his immediate context and moment of need. MWC highlighted that:

  • Mobile is critical to provide a great user experience. Therefore, mobile is becoming a critical factor for CIOs in driving product, service, and process innovation and enhancing customer and employee engagement.
  • Consumerization is redefining enterprise mobility. At MWC we saw more and more vendors targeting the mobile mind shift taking place in the business segment. This is reflected in the shift of most mobile business solutions away from traditional sales and field force automation toward delivering mobile moments.
Read more

Privacy Becomes A Competitive Differentiator In 2015

Heidi Shey
We are in a golden age of data breaches - just this week, the United States Post Office was the latest casualty - and consumer attitudes about data security and privacy are evolving accordingly. If your data security and privacy programs exist just to ensure you meet compliance, you’re going to be in trouble. Data (and the resulting insights) is power. Data can also be the downfall for an organization when improperly handled or lost. 
 
In 2015, Forrester predicts that privacy will be a competitive differentiator. There is a maze of conflicting global privacy laws to address and business partner requirements to meet in today’s data economy. There’s also a fine line between cool and creepy, and often it’s blurred. Companies, such as Apple, are sensitive to this and adjusting their strategies and messaging accordingly. Meanwhile, customers — both consumers and businesses — vote with their wallets. 
 
Read more

It’s Time For Healthcare CISOs To Close The Faucet Of Data Loss

Christopher Sherman

By all accounts, we’re approaching a new order of integration between technology and medicine. Real-time medical diagnostic data obtained from our mobile phones will soon be integrated directly into our electronic medical records where clinicians can use the data to make more-accurate (and potentially dynamic) treatment plans. Hospital staff can communicate and react to changing patient conditions faster and with less disruption to the patient experience than ever before, thanks to increasingly integrated mobile messaging systems and other mobile applications (for both the patients and clinical staff).

Applying big data analytics to PHI promises to improve patient outcomes and lead to more efficient —and less costly — patient care. It’s hard not to feel a level of excitement as this convergence of healthcare, mobile technology, and big data progresses at an accelerated rate. However, with all of this new patient data being collected by insurance payers, medical providers, and third-party services, healthcare employee endpoints have become an especially vulnerable source of data loss.

In our recently published brief, “Stolen And Lost Devices Are Putting Personal Healthcare Information At Risk,” we present a number of findings related to healthcare data loss from our latest Forrester surveys as well as those from our data partners. Most notably:

Healthcare records are five times as likely to be lost due to device theft/loss.¹ If you’re a CISO at a healthcare organization, endpoint data security must be a top priority in order to close this faucet of sensitive data. Consequences will increasingly be more than just a mere slap on the wrist with fines, as consumers fight back.

Read more

The Evolution Of Consumer Attitudes On Privacy

Fatemeh Khatibloo

With Anjali Lai

The tide is turning on privacy. Since the earliest days of the World Wide Web, there has been an increasing sense that the Internet would effectively kill privacy – and in the wake of the NSA PRISM program revelations, that sentiment was stronger than ever. However, by using our Forrester’s Technographics 360 methodology, which blends multiple qualitative and quantitative data sources, we found that attitudes on privacy are evolving: Consumers are beginning to shift from a state of apathy and resignation to caution and empowerment.

Read more

The Data Digest: The Evolution Of Consumer Attitudes On Privacy

Anjali Lai

With Fatemeh Khatibloo

The tide is turning on privacy. Since the earliest days of the World Wide Web, there has been an increasing sense that the Internet would effectively kill privacy – and in the wake of the NSA PRISM program revelations, that sentiment was stronger than ever. However, by using our Forrester’s Technographics 360 methodology, which blends multiple qualitative and quantitative data sources, we found that attitudes on privacy are evolving: Consumers are beginning to shift from a state of apathy and resignation to caution and empowerment.

In our recently published report, we integrate Forrester's Consumer Technographics® survey data, ConsumerVoices Market Research Online Community qualitative insight, and social listening data to provide a holistic view of the changes in consumer perceptions and expectations of data privacy. In the past year, individuals have 1) become much more aware about the ways in which organizations collect, use, and share personal data and 2) have started to change their online behavior in response: 

Read more

What Does Acxiom's $310M LiveRamp Bid Mean For Marketers?

Fatemeh Khatibloo

On May 14, Acxiom announced its intention to acquire LiveRamp, a "data onboarding service," to the tune of $310 million in cash. Several Forrester analysts (Tina Moffett, Susan Bidel, Sri Sridharan, and I) cover these two firms, and what follows is our collective thinking on the impending acquisition after having been briefed by Acxiom's leadership on the matter.

Read more

What Does "Heartbleed" Mean To Consumers?

Anjali Lai

With Kristopher Arcand

When news about the Heartbleed bug captured worldwide attention last month, consumers learned that their personal information, initially thought to be secure, had in fact been vulnerable to hackers for years. Arguably the worst Internet breach of all time, the revelation left many questioning what to do next.

To understand how consumer reaction to Heartbleed unfolded, we tuned into online chatter and engaged Forrester’s ConsumerVoices market research online community immediately after the news broke. While Forrester’s social listening data reveals that sentiment of consumer conversation about Heartbleed was consistently negative, online community response tells us that the negativity doesn’t stem purely from shock – rather, from a sense of helplessness and jadedness. 

 

Read more

If You Are CEO Of A Consumer Organization, You Have A New Job Responsibility -- Security

Stephanie Balaouras

On May 5, 2014, Target announced the resignation of its CEO, Gregg Steinhafel, in large part because of the massive and embarrassing customer data breach that occurred just before the 2013 U.S. holiday season kicked into high gear. After a security breach or incident, the CISO (or whoever is in charge of security) or the CIO, or both, are usually axed. Someone’s head has to roll. But the resignation of the CEO is unusual, and I believe this marks an important turning point in the visibility, prioritization, importance, and funding of information security. It’s an indication of just how much:

  • Security directly affects the top and bottom line. Early estimates of the cost of Target's 2013 holiday security breach indicate a potential customer churn of 1% to 5%, representing anywhere from $30 million to $150 million in lost net income. Target's stock fell 11% after it disclosed the breach in mid-December, but investors pushed shares up nearly 7% on the news of recovering sales. In February 2014, the company reported a 46% decline in profits due to the security breach.
     
  • Poor security will tank your reputation. The last thing Target needed was to be a permanent fixture of the 24-hour news cycle during the holiday season. Sure, like other breached companies, Target’s reputation will likely bounce back but it will take a lot of communication, investment, and other efforts to regain customer trust. The company announced last week that it will spend $100 million to adopt chip-and-PIN technology.
     
Read more

Mobile App Developers: Stop Capturing Unnecessary Data Before Regulators Stop You

Martha Bennett

The findings presented in an article by German magazine Computerwoche published on Feb 11, 2014, are a forceful reminder that messages about excessive data capture via mobile apps seem to have gone unheeded so far.  As reported, tests by TÜV Trust IT established that “almost one in two mobile apps suck up data unnecessarily”.

What’s “unnecessary” of course depends on your viewpoint: it may seem unnecessary to me if my mobile email app captures my location; the provider of the app, on the other hand, could be capturing the information to provide me with a better service and/or to make money from selling such data to a third party. The trouble is that I don’t know, and I don’t have a choice if I want to use the app. From a consumer perspective, this is not a satisfactory situation; I’d even go as far as calling it unacceptable. Not that it matters what I feel; but privacy advocates and regulators are increasingly taking notice. Unless app providers take voluntary measures, they may see their data capture habits curtailed by regulation to a greater degree than would otherwise be the case.

Let’s step back a moment and consider why so many mobile apps capture more data than is strictly speaking necessary for the functioning of the app:

Read more