SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Widespread uncertainty and distrust about data privacy in ANZ
Fri, 29th Jan 2021
FYI, this story is more than a year old

There is widespread public uncertainty and distrust around how organisations handle their data, according to new research from OPenText.

From a survey of 1,000 Australia and New Zealand-based respondents, 39% do not trust third-party organisations to keep their personal information safe or private.

According to the findings, the majority (80%) of ANZ consumers don't have a clue how many organisations use, store or have access to their personal data, including their email addresses, contact numbers and bank details.

Yet 36% of ANZ consumers say they are very aware of the laws that protect their personal data. Only 16% of respondents said they would proactively get in touch with an organisation to see how it is using their personal data or to check if it is storing their personal data in a compliant manner. With 14% having already done so at least once.

Only 9% of ANZ consumers believe we are already at the point when every business is meeting its legal obligations to keep customer data private.

In addition, 23% of respondents either see this as a distant future or believe it will never happen. Just under half (44%) of ANZ consumers would pay more to do business with an organisation that is committed to protecting their data privacy surpassing Germany (41%), Spain (36%) and France (17%).
"The COVID-19 crisis has accelerated the pace of digital transformation, forcing companies further up the adoption curve almost overnight as they pivoted to remote work and digital customer experiences," says Lou Blatt, senior vice president and CMO at OpenText.

"Digital is now central to almost every business interaction generating more data for companies to manage and secure. This shift coupled with increased consumer data privacy expectations means organisations are now under significant pressure to ensure that their data privacy systems can scale appropriately for this digital-first era."

Andy Teichholz, senior industry strategist, compliance and legal, OpenText adds, "In our new digital economy, people around the world are becoming acutely aware of how their information is being collected, stored, and used.

"The GDPR ushered in a new paradigm that elevated awareness about the importance of privacy and the exploitation of data," he says.

"Some of the largest countries around the world have responded by enacting or augmenting their privacy protections to closely mirror the GDPR.

"We see this in Brazil and recently in California through the recent passage of California Privacy Rights Act (CPRA). Other countries are on their way too." Teichholz says.

"Steps are being taken in Canada, China, and India to potentially modernise and augment their data privacy rights and protections."

With stricter data privacy enforcement and consumers empowered to act on their rights, Teichholz says companies must be prepared to deploy technology and aggressively operationalise their data privacy programs to meet the most stringent standards.

"Beyond potential fines, any organisation that fails to comply with data privacy laws risks breaking trust with their customers," he says.

"By investing in comprehensive privacy management capabilities underpinned by information governance and automation, organisations can achieve data protection by design and default satisfying regulatory requirements, avoiding non-compliance penalties and more importantly, maintaining customer trust.