Recherche avancée

Sur d’autres sites (3768)

• Data Privacy in Business : A Risk Leading to Major Opportunities

  9 août 2022, par Erin — Privacy

  Data privacy in business is a contentious issue. 

  Claims that “big data is the new oil of the digital economy” and strong links between “data-driven personalisation and customer experience” encourage leaders to set up massive data collection programmes.

  However, many of these conversations downplay the magnitude of security, compliance and ethical risks companies face when betting too much on customer data collection. 

  In this post, we discuss the double-edged nature of privacy issues in business — the risk-ridden and the opportunity-driven. ​​

  3 Major Risks of Ignoring Data Privacy in Business

  As the old adage goes : Just because everyone else is doing it doesn’t make it right.

  Easy data accessibility and ubiquity of analytics tools make data consumer collection and processing sound like a “given”. But the decision to do so opens your business to a spectrum of risks. 

  1. Compliance and Legal Risks 

  Data collection and customer privacy are protected by a host of international laws including GDPR, CCPA, and regional regulations. Only 15% of countries (mostly developing ones) don’t have dedicated laws for protecting consumer privacy. 

  

  Global legislature includes provisions on : 

  • Collectible data types
  • Allowed uses of obtained data 
  • Consent to data collection and online tracking 
  • Rights to request data removal 

  Personally identifiable information (PII) processing is prohibited or strictly regulated in most jurisdictions. Yet businesses repeatedly circumnavigate existing rules and break them on occasion.

  In Australia, for example, only 2% of brands use logos, icons or messages to transparently call out online tracking, data sharing or other specific uses of data at the sign-up stage. In Europe, around half of small businesses are still not fully GDPR-compliant — and Big Tech companies like Google, Amazon and Facebook can’t get a grip on their data collection practices even when pressed with horrendous fines. 

  Although the media mostly reports on compliance fines for “big names”, smaller businesses are increasingly receiving more scrutiny. 

  As Max Schrems, an Austrian privacy activist and founder of noyb NGO, explained in a Matomo webinar :

  “In Austria, my home country, there are a lot of €5,000 fines going out there as well [to smaller businesses]. Most of the time, they are just not reported. They just happen below the surface. [GDPR fines] are already a reality.”​

  In April 2022, the EU Court of Justice ruled that consumer groups can autonomously sue businesses for breaches of data protection — and nonprofit organisations like noyb enable more people to do so. 

  Finally, new data privacy legislation is underway across the globe. In the US, Colorado, Connecticut, Virginia and Utah have data protection acts at different stages of approval. South African authorities are working on the Protection of Personal Information Act (POPI) act and Brazil is working on a local General Data Protection Law (LGPD).

  Re-thinking your stance on user privacy and data protection now can significantly reduce the compliance burden in the future. 

  2. Security Risks 

  Data collection also mandates data protection for businesses. Yet, many organisations focus on the former and forget about the latter. 

  Lenient attitudes to consumer data protection resulted in a major spike in data breaches.

  Check Point research found that cyberattacks increased 50% year-over-year, with each organisation facing 925 cyberattacks per week globally.

  Many of these attacks end up being successful due to poor data security in place. As a result, billions of stolen consumer records become publicly available or get sold on dark web marketplaces.

  What’s even more troublesome is that stolen consumer records are often purchased by marketing firms or companies, specialising in spam campaigns. Buyers can also use stolen emails to distribute malware, stage phishing and other social engineering attacks – and harvest even more data for sale. 

  One business’s negligence creates a snowball effect of negative changes down the line with customers carrying the brunt of it all. 

  In 2020, hackers successfully targeted a Finnish psychotherapy practice. They managed to steal hundreds of patient records — and then demanded a ransom both from the firm and its patients for not exposing information about their mental health issues. Many patients refused to pay hackers and some 300 records ended up being posted online as Associated Press reported.

  Not only did the practice have to deal with the cyber-breach aftermath, but it also faced vocal regulatory and patient criticisms for failing to properly protect such sensitive information.

  Security negligence can carry both direct (heavy data breach fines) and indirect losses in the form of reputational damages. An overwhelming 90% of consumers say they wouldn’t buy from a business if it doesn’t adequately protect their data. This brings us to the last point. 

  3. Reputational Risks 

  Trust is the new currency. Data negligence and consumer privacy violations are the two fastest ways to lose it. 

  Globally, consumers are concerned about how businesses collect, use, and protect their data. 

  

  • According to Forrester, 47% of UK adults actively limit the amount of data they share with websites and apps. 49% of Italians express willingness to ask companies to delete their personal data. 36% of Germans use privacy and security tools to minimise online tracking of their activities. 
  • A GDMA survey also notes that globally, 82% of consumers want more control over their personal information, shared with companies. 77% also expect brands to be transparent about how their data is collected and used. 

  When businesses fail to hold their end of the bargain — collect just the right amount of data and use it with integrity — consumers are fast to cut ties. 

  Once the information about privacy violations becomes public, companies lose : 

  • Brand equity 
  • Market share 
  • Competitive positioning 

  An AON report estimates that post-data breach companies can lose as much as 25% of their initial value. In some cases, the losses can be even higher. 

  In 2015, British telecom TalkTalk suffered from a major data breach. Over 150,000 customer records were stolen by hackers. To contain the issue, TalkTalk had to throw between $60-$70 million into containment efforts. Still, they lost over 100,000 customers in a matter of months and one-third of their company value, equivalent to $1.4 billion, by the end of the year. 

  Fresher data from Infosys gives the following maximum cost estimates of brand damage, companies could experience after a data breach (accidental or malicious).

  

  3 Major Advantages of Privacy in Business 

  Despite all the industry mishaps, a reassuring 77% of CEOs now recognise that their companies must fundamentally change their approaches to customer engagement, in particular when it comes to ensuring data privacy. 

  Many organisations take proactive steps to cultivate a privacy-centred culture and implement transparent data collection policies. 

  Here’s why gaining the “privacy advantage” pays off.

  1. Market Competitiveness 

  There’s a reason why privacy-focused companies are booming. 

  Consumers’ mounting concerns and frustrations over the lack of online privacy, prompt many to look for alternative privacy-centred products and services. 

  The following B2C and B2B products are moving from the industry margins to the mainstream : 

  • Private search engines (Duckduckgo)
  • Password managers (1password, Dashlane)
  • Online identity networks (id.me)
  • Web analytics solutions (Matomo) 
  • And secure messaging apps (Signal) among others 

  Across the board, consumers express greater trust towards companies, protective of their privacy : 

  

  And as we well know : trust translates to higher engagement, loyalty, and – ultimately revenue. 

  By embedding privacy into the core of your product, you give users more reasons to select, stay and support your business. 

  2. Higher Operational Efficiency

  Customer data protection isn’t just a policy – it’s a culture of collecting “just enough” data, protecting it and using it responsibly. 

  Sadly, that’s the area where most organisations trail behind. At present, some 90% of businesses admit to having amassed massive data silos. 

  Siloed data is expensive to maintain and operationalise. Moreover, when left unattended, it can evolve into a pressing compliance issue. 

  A recently leaked document from Facebook says the company has no idea where all of its first-party, third-party and sensitive categories data goes or how it is processed. Because of this, Facebook struggles to achieve GDPR compliance and remains under regulatory pressure. 

  Similarly, Google Analytics is riddled with privacy issues. Other company products were found to be collecting and operationalising consumer data without users’ knowledge or consent. Again, this creates valid grounds for regulatory investigations. 

  Smaller companies have a better chance of making things right at the onset. 

  By curbing customer data collection, you can : 

  • Reduce data hosting and Cloud computation costs (aka trim your Cloud bill) 
  • Improve data security practices (since you would have fewer assets to protect) 
  • Make your staff more productive by consolidating essential data and making it easy and safe to access

  Privacy-mindful companies also have an easier time when it comes to compliance and can meet new data regulations faster. 

  3. Better Marketing Campaigns 

  The biggest counter-argument to reducing customer data collection is marketing. 

  How can we effectively sell our products if we know nothing about our customers ? – your team might be asking. 

  This might sound counterintuitive, but minimising data collection and usage can lead to better marketing outcomes. 

  Limiting the types of data that can be used encourages your people to become more creative and productive by focusing on fewer metrics that are more important.

  Think of it this way : Every other business uses the same targeting parameters on Facebook or Google for running paid ad campaigns on Facebook. As a result, we see ads everywhere — and people grow unresponsive to them or choose to limit exposure by using ad blocking software, private browsers and VPNs. Your ad budgets get wasted on chasing mirage metrics instead of actual prospects. 

  Case in point : In 2017 Marc Pritchard of Procter & Gamble decided to first cut the company’s digital advertising budget by 6% (or $200 million). Unilever made an even bolder move and reduced its ad budget by 30% in 2018. 

  Guess what happened ?

  P&G saw a 7.5% increase in organic sales and Unilever had a 3.8% gain as HBR reports. So how come both companies became more successful by spending less on advertising ? 

  They found that overexposure to online ads led to diminishing returns and annoyances among loyal customers. By minimising ad exposure and adopting alternative marketing strategies, the two companies managed to market better to new and existing customers. 

  The takeaway : There are more ways to engage consumers aside from pestering them with repetitive retargeting messages or creepy personalisation. 

  You can collect first-party data with consent to incrementally improve your product — and educate them on the benefits of your solution in transparent terms.

  Final Thoughts 

  The definitive advantage of privacy is consumers’ trust. 

  You can’t buy it, you can’t fake it, you can only cultivate it by aligning your external appearances with internal practices. 

  Because when you fail to address privacy internally, your mishaps will quickly become apparent either as social media call-outs or worse — as a security incident, a data breach or a legal investigation. 

  By choosing to treat consumer data with respect, you build an extra layer of protection around your business, plus draw in some banging benefits too. 

  Get one step closer to becoming a privacy-centred company by choosing Matomo as your web analytics solution. We offer robust privacy controls for ensuring ethical, compliant, privacy-friendly and secure website tracking. 

• The Ultimate List of Alternatives to Google Products

  2 août 2022, par Erin — Privacy

  For many businesses, Google products can play an integral part in the productivity, function and even success of the company. This is because Google has designed their digital ecosystem to infiltrate every aspect of your work and personal life at low-to-no cost.

  On the surface, this seems like a no-brainer. Why not have a cost-effective and seamlessly connected tech stack ? It’s the complete package. 

  From Gmail to Google Analytics, it becomes hard to untangle yourself from this intricate web Google has managed to spin. But like a web, you know there’s also a catch.

  This leads us to the big question… Why stop ?

  In this blog, we’ll cover :

  Why de-Google ?

  Google products are convenient and seemingly free. However, in recent years, Google’s name has become synonymous with privacy breaches, data leaks and illegal under the General Data Protection Regulation (GDPR).

  As their track record shows a glaring disregard for data protection, a growing list of EU member countries like Austria, France, Denmark and Italy have banned Google products, such as Google Analytics, Google Workspace and Google Chromebook.

  Google offers free products and services, but not out of altruism. There’s a trade-off. By using Google’s “free” products, your customers’ and your own online activity becomes a commodity that can be sold to advertisers.

  When the risks of using Google products are considered, it becomes clear the need to plot a pathway to de-Google your business. If you’re wondering how in the world to uncoil from this web, fortunately, there are plenty of privacy-friendly, secure alternatives to Google products that you can choose.

  Disclaimer : Below, we’ve tried our best to provide a comprehensive list of alternatives to Google products for businesses, but because you know your business best, we’d also encourage you to do your own research to ensure the tool will suit your unique needs.

  Best Google alternative tools for business

  Overall business tools

  Google Workspace alternatives

  Google Workspace isn’t GDPR compliant by default, so businesses are at risk of fines and reputational damage. More EU countries are reaching the same conclusion that Google products are violating EU law. Data Protection Authorities from Norway and Denmark have deemed Google Workspace illegal in accordance with the GDPR. 

  Nextcloud

  Nextcloud is an open-source and self-hosted productivity platform that offers a suite of services to replace the major features found in Google Workspace, such as Google Drive, Calendar, Docs, Forms and Tasks. 

  You can share files and collaborate without worrying about data being shared with unauthorised individuals or companies. As a self-hosted suite, you’re in full control of where your data is, who has access to it and can comply with the strictest of data protection legislations.

  

  Zoho

  Zoho is a Google Workspace alternative built on the same principles as Google’s productivity suite. It offers a suite of online office tools, including email, calendar and task management, but with an emphasis on privacy protection. Zoho doesn’t rely on advertising revenue to support their business which means your personal data will never be sold or used for targeted ads. 

  With over 75 million users globally, Zoho offers data encryption at rest and at transit, multi-factor authentication and complies with strict security standards set by HIPAA, the Cloud Security Alliance and the GDPR.

  

  Gmail alternatives

  Google only encrypts emails via STARTTLS. In other words, your data isn’t end-to-end encrypted and can be decrypted by them at any time. Gmail also has a history of allowing third-party app developers that work with Gmail to access private and personal Gmail messages for their own market research purposes.

  ProtonMail

  ProtonMail is a secure, open-source email service that provides end-to-end encryption, so only the sender and receiver can access the messages. Proton deliberately doesn’t possess the key needed to decrypt any part of the message, so you know your sensitive business information is always private. 

  To protect users from digital surveillance, they also provide enhanced tracking protections and don’t rely on ads, so your data isn’t mined for advertising purposes. Not only that, you can also sync ProtonMail with a host of other Google alternative products, such as Proton Calendar and Proton Drive.

  

  Mailfence

  Mailfence is a highly secure communications and planning platform that offers a complete email suite, as well as, Documents, a Calendar and Groups. It provides end-to-end encryption and comes with a built-in data loss prevention system that prevents unauthorised access to your sensitive information. 

  Mailfence is completely ad-free and promises to never commercialise its databases or share data with third parties for targeted ads.

  

  Tutanota

  Tutanota is an open-source email service known as one of the first to offer end-to-end encryption. It boasts a user-friendly interface and offers a fast, simple and secure email service that works on web and mobile platforms. Stringent security, in addition to TOTP and U2F for two-factor authentication means you control who has access to your email and messages. 

  It requires no phone number or personal information to register for a free account. In addition, Tutanota doesn’t earn money through ads, its servers are based in Europe and it is fully GDPR compliant.

  

  Google Calendar alternatives

  Calendars can contain a lot of personal information (who you are meeting, location, contact info, etc.), which is well worth keeping private. 

  Proton Calendar

  With Proton Calendar all event details – participants, locations, event names, descriptions and notes are end-to-end encrypted. It has a clean and easy-to-use interface, and you get a full set of advanced features to replace Google Calendar, such as the ability to create events and reminders, add multiple calendars and set up repeating events. You can easily sync all your calendars between mobile and desktop apps.

  

  Mailfence Calendar

  Mailfence Calendar lets you manage, schedule and track your events and meetings. Similar to Google Calendar, you can invite people to events using their Mailfence email IDs, but it doesn’t track your location or email address.

  

  Tutanota Calendar

  Tutanota Calendar offers built-in encryption, so no one else can decrypt and read your information.

  You can keep track of your appointments and meetings in a secure environment that only you have access to. You get features, such as day/week/month view, all-day events, recurring events, upcoming events view and shared calendars. You can also sync it with other apps such as Outlook.

  

  Nextcloud Calendar app

  Nextcloud also offers a Calendar app which easily syncs events from different devices with your Nextcloud account. You can integrate it with other Nextcloud apps like Contacts, Talk and Tasks.

  

  Google Drive alternatives

  The GDPR emphasises end-to-end encryption as a safeguard against data leaks, but Google Drive isn’t end-to-end encrypted, so Google has access to the data on its servers. 

  In their privacy policy, they also state that this data can be analysed for advertising purposes, so although you’re using “free” Cloud storage, users need to be aware that they’re paying for this by giving Google access to any and all data stored in Google Drive.

  Proton Drive

  Proton Drive is a secure and private Cloud storage service that provides you with an easy-to-use, customisable and secure file management system.

  It uses end-to-end encryption to secure your data and keep it safe from prying eyes. As you have full control over your data, you can decide how long it’s stored and who has access to it. You can also choose how much of your information is shared with other users.

  

  Nextcloud

  Nextcloud works on your own server, so you can access and share your data wherever you are. It’s a file hosting service that lets you store files, sync them across your devices and collaborate with others on projects. 

  It also provides encryption for all the files that you store on its servers, so you can rest assured that no one can see your information without your permission.

  

  Syncthing

  Syncthing is a free, open-source file synchronisation program that allows you to store and access your files wherever you are. It’s designed to be fast, secure and easy to use, making it a great alternative to Google Drive. 

  With Syncthing, you can sync files across multiple computers and mobile devices at once. So if you create, delete or modify files on one machine, they will automatically be replicated on other devices. Data is saved directly to a location you choose, so you can securely backup your data without needing a third-party cloud service.

  Google Docs alternatives

  Google states they can “collect information” from Google-hosted content such as Docs by means of automated scanning. 

  Not only does this stoke spying fears, it also raises concerns over who holds power over your content. If they look through your docs and decide that you’ve violated their terms of service, you can get locked out of your Google Docs – as was the case when a National Geographic crime reporter had her story “frozen” by Google.

  LibreOffice

  LibreOffice is a free, open-source office suite with all the features you need to create and edit documents, presentations and spreadsheets. It’s compatible with many different languages and all Microsoft Office file formats. 

  Unlike Google Docs, LibreOffice doesn’t store your documents on the Cloud. As it runs on your own computer, you maintain complete control and the data is kept as private and as secure as you wish. LibreOffice also has an online version that works with most web browsers and can be used on Windows, Mac and Linux operating systems. 

  The open-source nature ensures security as the code is constantly improved and scouted for vulnerabilities.

  

  Nextcloud Office

  Like Google Docs, Nextcloud Office lets you create new documents and spreadsheets and collaborate with teammates or colleagues. But unlike Google Docs, Nextcloud doesn’t collect any data on who is using its platform, or what they’re doing on it. You can even encrypt the files you store in Nextcloud, so no one else can see them unless you give them access to your account.

  

  Google Keep alternative

  Standard Notes

  Standard Notes is an open-source online notebook app that offers a variety of useful features, such as tasks, to-dos and spreadsheets. 

  Unlike Google Keep, which has access to your notes, Standard Notes is end-to-end encrypted, which protects all your information and keeps it securely synced across all your devices. Standard Notes supports text, images and audio notes. As open-source software, they value transparency and trust and don’t rely on tracking or intrusive ads.

  

  Google Chrome alternatives

  Google Chrome is notorious for stalking users and collecting information for their own gains. Their browser fuels their data gathering infrastructure by being able to collect info about your search history, location, personal data and product interaction data for “personalisation” purposes – essentially to build a profile of you to sell to advertisers.

  Firefox

  Firefox is one of the most secure browsers for privacy and is trusted by 220 million users. It easily compares with Chrome in terms of ease of use and performance. 

  On top of that it offers enhanced privacy protections, so you get a browser that doesn’t stalk you and isn’t riddled with ads.

  

• Privacy in Business : What Is It and Why Is It Important ?

  13 juillet 2022, par Erin — Privacy

  Privacy concerns loom large among consumers. Yet, businesses remain reluctant to change the old ways of doing things until they become an operational nuisance. 

  More and more businesses are slowly starting to feel the pressure to incorporate privacy best practices. But what exactly does privacy mean in business ? And why is it important for businesses to protect users’ privacy ? 

  In this blog, we’ll answer all of these questions and more. 

  What is Privacy in Business ?

  In the corporate world, privacy stands for the business decision to use collected consumer data in a safe, secure and compliant way. 

  Companies with a privacy-centred culture : 

  • Get explicit user consent to tracking, opt-ins and data sharing 
  • Collect strictly necessary data in compliance with regulations 
  • Ask for permissions to collect, process and store sensitive data 
  • Provide transparent explanations about data operationalisation and usage 
  • Have mechanisms for data collection opt-outs and data removal requests 
  • Implement security controls for storing collected data and limit access permissions to it 

  In other words : They treat consumers’ data with utmost integrity and security – and provide reassurances of ethical data usage. 

  What Are the Ethical Business Issues Related to Privacy ?

  Consumer data analytics has been around for decades. But digital technologies – ubiquitous connectivity, social media networks, data science and machine learning – increased the magnitude and sophistication of customer profiling.

  Big Tech companies like Google and Facebook, among others, capture millions of data points about users. These include general demographics data like “age” or “gender”, as well as more granular insights such as “income”, “past browsing history” or “recently visited geo-locations”. 

  When combined, such personally identifiable information (PII) can be used to approximate the user’s exact address, frequently purchased goods, political beliefs or past medical conditions. Then such information is shared with third parties such as advertisers. 

  That’s when ethical issues arise. 

  The Cambridge Analytica data scandal is a prime example of consumer data that was unethically exploited. 

  Over the years, Google also faced a series of regulatory issues surrounding consumer privacy breaches :

  • In 2021, a Google Chrome browser update put some 2.6 billion users at risk of “surveillance, manipulation and abuse” by providing third parties with data on device usage. 
  • The same year, Google was taken to court for failing to provide full disclosures on tracking performed in Google Chrome incognito mode. A $5 billion lawsuit is still pending.
  • As of 2022, Google Analytics 4 is considered GDPR non-compliant and was branded “illegal” by several European countries. 

  If you are curious, learn more about Google Analytics privacy issues. 

  The bigger issue ? Big Tech companies make the businesses that use their technologies (unknowingly) complicit in consumer data violations.

  In 2022, the Belgian data regulator found the official IAB Europe framework for user consent gathering in breach of GDPR. The framework was used by all major AdTech platforms to issue pop-ups for user consent to tracking. Now ad platforms must delete all data gathered through these. Biggest advertisers such as Procter & Gamble, Unilever, IBM and Mastercard among others, also received a notice about data removal and a regulatory warning on further repercussions if they fail to comply. 

  Big Tech firms have given brands unprecedented access to granular consumer data. Unrestricted access, however, also opened the door to data abuse and unethical use. 

  Examples of Unethical Data Usage by Businesses 

  • Data hoarding means excessively harvesting all available consumer data because a possibility to do so exists, often using murky consent mechanisms. Yet, 85% of collected Big Data is either dark or redundant, obsolete or trivial (ROT).
  • Invasive personalisation based on sensitive user information (or second-guesses), like a recent US marketing campaign, congratulating women on pregnancy (even if they weren’t expecting). Overall, 75% of consumers find most forms of personalisation somewhat creepy. 22% also said they’d leave for another brand due to creepy experiences.
  • Hyper-targeted advertising campaigns based on data consumers would prefer not to share. A recent investigation found that advertising platforms often assign sensitive labels to users (as part of their ad profiles), indicative of their religion, mental issues, history with abuse and so on. This allows advertisers to target such consumers with dubious ads. 

  Ultimately, excessive data collection, paired with poor data protection in business settings, results in major data breaches and costly damage control. Given that cyber attacks are on the rise, every business is vulnerable. 

  Why Should a Business Be Concerned About Protecting the Privacy of Its Customers ?

  Businesses must prioritise customer privacy because that’s what is expected of them. Globally, 89% of consumers say they care about their privacy. 

  As frequent stories about unethical data usage, excessive tracking and data breaches surface online, even more grow more concerned about protecting their data. Many publicly urge companies to take action. Others curtail their relationships with brands privately. 

  

  On average, 45% of consumers feel uncomfortable about sharing personal data. According to KPMG, 78% of American consumers have fears about the amount of data being collected. 40% of them also don’t trust companies to use their data ethically. Among Europeans, 41% are unwilling to share any personal data with businesses. 

  Because the demand for online privacy is rising, progressive companies now treat privacy as a competitive advantage. 

  For example, the encrypted messaging app Signal gained over 42 million active users in a year because it offers better data security and privacy protection. 

  ProtonMail, a privacy-centred email client, also amassed a 50 million user base in several years thanks to a “fundamentally stronger definition of privacy”.

  The growth of privacy-mindful businesses speaks volumes. And even more good things happen to privacy-mindful businesses : 

  • Higher consumer trust and loyalty 
  • Improved attractiveness to investors
  • Less complex compliance
  • Minimum cybersecurity exposure 
  • Better agility and innovation

  It’s time to start pursuing them ! Learn how to embed privacy and security into your operations.