Despite GDPR, consumers still don’t understand how brands use their data
New research shared exclusively with Marketing Week finds that the proportion of people who don’t understand where and how organisations use their data has gone up despite GDPR.
With GDPR coming into effect today (25 May), new research shared exclusively with Marketing Week finds there is a growing gap in consumers’ understanding of how organisations use their data.
The survey, conducted by OnePoll for the Chartered Institute of Marketing (CIM), finds 48% of consumers do not understand where and how organisations typically use their personal data. That is up from 31% when the research was last conducted two years ago.
Just 7% feel they have a good understanding of how companies use their data, with 45% saying they “somewhat understand”. But less than a fifth (18%) believe businesses treat people’s personal data in an honest and transparent way.
A third of consumers (29%), say they have received communication from a business they did not give permission to contact them in the past month, while 19% believe they have received something in the past six months and 13% in the past year. Just 17% believe they have never been contacted by a brand without their permission, while 17% are unsure.
We need to start thinking more about how we treat people like people and less like robots.
Jascha Kaykas-Wolf, Mozilla
Less than half (41%) of those questioned are aware of the new data regulations, but of those that are, 68% think it will improve how organisations use data. However, just 43% say they “know their rights as a consumer in relation to data protection”.
The figures suggest brands and regulators need to do a better job of explaining how data is used, and what the new data laws mean. The Information Commissioners’ Office launched a consumer campaign last month, but some have questioned if it is high-profile enough to garner people’s attention.
READ MORE: Harry Lang – Where’s the GDPR campaign to tell consumers about their data rights?
“People who are more aware of the regulations are more likely to say they understand data protection and trust the organisations using their data more,” says Chris Daly, chief executive of the CIM. “GDPR should therefore be seen as an opportunity for responsible marketers and brands to reignite public trust and confidence.”
However, Mozilla’s CMO Jascha Kaykas-Wolff believes many brands are not taking advantage of this opportunity. As well as being the company behind the Firefox web browser, Mozilla is also a not-for-profit that does work on digital policy, web literacy and advocacy. And Kaykas-Wolff says that while GDPR can help the internet become a “bit more healthy”, brands have passed up the chance to really overhaul privacy policies and how they talk to consumers about data.
Trust in how brands use data on the rise
Despite the lack of understanding, trust in how marketers use consumers’ data has improved. In the last survey, 57% of the public did not trust marketers to use their data responsibly but this has fallen to 37% in the latest survey. However, only 6% would trust all organisations, with 48% saying only some have their trust.
Daly says: “Marketers have long understood that data is a crucial tool to help them reach target markets and create engaging content. However, recent scandals have heightened public concern about the abuse of personal data, and highlighted consumer uncertainty about exactly how it is used.
“The impact has been a decline in trust in brands. Social media platforms have taken the biggest hit, but all marketers should be concerned to prove to consumers that they take data protection seriously.”
Distrust in social media sites such as Facebook and Twitter is particularly high at 73%. Just 16% agree that technology platforms treat personal data in an honest and transparent way and only 6% feel they “mostly” understand how their data is used.
“Why not at the front end say here’s what’s happening and here’s how we’re taking care of your information differently. There’s a gap that needs to close with tech companies in that we need to start thinking more about how we treat people like people and less like robots.”
While brands are publishing huge security policies – like this one from tesco that makes you click on loads of little arrows to expand it, scrolling the screen each time which makes it more difficult – it’s not surprising that people don’t understand what’s happening. I’d be amazed if even 1% of visitors fully read policies like this. Brands need to make the information clear and concise, like the GDPR requires.