The Data Digest: The Evolution Of Consumer Attitudes On Privacy

Anjali Lai

With Fatemeh Khatibloo

The tide is turning on privacy. Since the earliest days of the World Wide Web, there has been an increasing sense that the Internet would effectively kill privacy – and in the wake of the NSA PRISM program revelations, that sentiment was stronger than ever. However, by using our Forrester’s Technographics 360 methodology, which blends multiple qualitative and quantitative data sources, we found that attitudes on privacy are evolving: Consumers are beginning to shift from a state of apathy and resignation to caution and empowerment.

In our recently published report, we integrate Forrester's Consumer Technographics® survey data, ConsumerVoices Market Research Online Community qualitative insight, and social listening data to provide a holistic view of the changes in consumer perceptions and expectations of data privacy. In the past year, individuals have 1) become much more aware about the ways in which organizations collect, use, and share personal data and 2) have started to change their online behavior in response: 

Read more

Is The Data Broker Industry Really Ready For A Sea Change?

Fatemeh Khatibloo

Yesterday, FTC Commissioner Julie Brill published an essay on AdAge.com that calls on data brokers to join -- or, rather, establish -- an initiative called "Reclaim Your Name." The goal of the program would be to provide a single portal where consumers could see what data the industry has collected about them, provide options to opt in and out, and to correct data that might be inaccurate.

While the commissioner's article is a bit heavy on the "big data" rhetoric, her point is well taken: We have entered an era where the volume of data that individuals make available about themselves -- often inadvertently -- is increasing daily. Unfortunately, guidelines for how marketers and the larger data industry collect and use personal data are in short supply. This conflict is one of the major challenges that our industry faces in the coming decade: How can brands excel in the age of the customer if they're constantly under scrutiny about their privacy and data practices?

Acxiom, one of the world's largest data brokers, recently launched its own version of the kind of portal Commissioner Brill calls for. AboutTheData.com lets individuals see a subset of the data Acxiom knows about them, provides correction and opt-out opportunities, and aims to provide consumers with education about the data industry as a whole.

Read more

A Vision For Tomorrow's Consumer Data Ecosystem

Fatemeh Khatibloo

PIDM Landscape Wordle

Eighteen months ago, when I started down the path of what would become our body of Personal Identity Management (PIDM) research, there were only a few customer intelligence professionals who gave much credence to the picture we were painting. What a difference a year makes. Today, privacy, data governance, consumer empowerment, and understanding "the creepy factor" are core to the conversations I have with CI pros in both marketer and vendor organizations. 

At the center of those conversations is often the question, "Who are the players in tomorrow's consumer data ecosystem?" We've just published a report, Making Sense of a Fractured Consumer Data Ecosystem, that reviews the strengths and weaknesses of four existing vendor categories plus three emergent business models. These include:

  • Consumer data giants: Companies, like Acxiom, Epsilon, Experian, and Infogroup, that have an opportunity to become consumer-friendly data managers but are at greatest regulatory risk
  • Reputation management providers: Companies, like Intelius and Reputation.com, that could help consumers manage data access but need to focus on their B2C business models to do so
  • Online services giants: Companies, like Google, MSN, and Yahoo, that already have access to highly personal data but serve too many masters
Read more

Dear Marketer: The Oval Office Called. It Wants Its Privacy Back.

Fatemeh Khatibloo

 Yesterday, the White House released a long-awaited set of recommendations that are focused on helping individuals take greater control of how their data is collected and used for online marketing purposes. It includes what's being referred to as a "Consumer Privacy Bill of Rights."

The language is vague. The timeline to completion is long. The guidelines, for now, are "opt-in" for organizations. All true.

But folks? The glory days of scraping and selling and repurposing customer data are over. The Oval Office has spoken on the issue of privacy and personal data, and its bill of rights is crystal clear: Tell me what you’re collecting, how you’re using it, protect it well, give me a copy, and give me a chance to correct it, delete it, or opt out entirely.

Sound familiar? It should.  

We've written about personal identity management because we recognize that:

  1. Individuals want relevant offers and content, along with all the other great stuff that comes with sharing personal data.
  2. But, they are worried about privacy, security, and identity on the Web — and these concerns are only increasing.
  3. So, Do Not Track, the Privacy Bill of Rights, and similar guidelines will gain widespread approval and adoption . . .
Read more

Facebook Or Google: Who Will Win the Customer Engagement Battle?

Fatemeh Khatibloo

Plenty’s been written already about Facebook’s IPO filing yesterday. I won’t rehash the many excellent analyses that you’ve surely already seen.

Instead, I want to take this blog post into thought-experiment territory. I want to think about a world in which Google and Facebook are primary competitors in a mano-a-mano battle—not just for our eyeballs, but for our data, too. For the right, as it were, to be our “digital identity.”

---------------------------

Over the holidays, my mother—67 year old tech-accepter, Kindle-owner, smartphone-avoider—called me into the office to show me her Facebook newsfeed. “How,” she asked, “do they know that I’m interested in Persian classical music and that I live in Los Angeles?” As I was explaining behavioral targeting and computational advertising, I glanced over at the computer, only to see her click through and order tickets from that Facebook ad.

So I asked, “Do you trust Facebook?” To which she replied, “Of course not!” as she entered her credit card number, home address, and email address for a very spendy concert ticket.

“Do you trust Google?” I asked. “More than Facebook, I suppose,” she answered. “But Facebook shows me stuff I like more often than Google does.” 

---------------------------

That experience, plus a brainstorm with my colleagues on the Customer Intelligence team here at Forrester got me thinking: What if, as a consumer, you had to choose between Facebook and Google? Which service is more valuable to you? Which will BE more valuable in the future? I decided to compare the competitors (and let there be no mistake—Facebook’s S-1 filing very clearly identifies Google as Enemy No. 1) across the dimensions of Forrester’s customer engagement cycle:

 

Read more

Planning For Failure, Personal Edition -- Strategies To Protect Yourself In 2012

Rick Holland

This week I did a webcast, Planning for Failure, which makes the assumption that if you haven't been breached, it is inevitable, and you must be able to quickly detect and respond to incidents.  An effective response can be the difference between your organization's recovery and future success or irreparable damage.  While I was working on the slides for the webcast, I started to reflect back on the 2011 security breaches that personally impacted me.   Three breaches immediately came to mind:

  1. Texas Teacher Retirement System -  My personal data was stored unencrypted on a public server
  2. Epsilon - Email compromise that resulted in increased phishing attempts
  3. STRATFOR - My personal information, credit card and password hash were stolen
Read more

How Data Sensitive Are Your Customers?

Fatemeh Khatibloo

Most marketers and customer intelligence (CI) pros tend to lump together most types of customer data. Sure, things like passwords and social security numbers are considered more "sensitive," but for the most part, the systems that protect all the data -- and the privacy policies that communicate their capture and governance -- are largely the same.

This model used to work just fine. But in an era where consumers are becoming increasingly aware of data capture, data breaches, and the value of personal data, it's not enough to treat all data (nor all customers) the same. In researching our latest report, "Personal Identity Management Success Starts With Customer Understanding," we found that:

  • Individuals see different types of data differently -- they're most worried about what we consider individual identity data, and far less concerned about the capture and use of their behavioral data
  • Most consumers are willing to share their data in exchange for value. But, what they consider "valuable" is very age-dependent -- in other words, the same consumer isn't equally motivated by discounts and cash rewards. 
  • A surprising number of consumers "just say no" if a privacy policy doesn't pass their sniff test, and the numbers seem to be rising. 
Read more