Blog

Data Privacy & Protection and why it matters for eCommerce

EBS Integrator
Feb 18, 2022,

We’re talking about data privacy in all its glory – why it matters to you and your customers, and where it’s all heading in the future. Because this is a part of a series, we’ll try and focus mostly on the aspects that affect us in the eCommerce domain!

Let’s discuss why there’s so much hubbub around the topic of data privacy. This is not to say this discussion is anything new for the world, it’s been brought up countless of times, and the issue of “government spying” on you is as old as the idea of structured government is.

However, some would argue that the recent legal battles have put forth the topic under a new light.

What battles you say? Well, there’s that one with Amazon getting hit by a 887$ million fine by the Luxemburg National Committee for Data Protection (CNPD) for alleged breach of EU data-privacy laws. Or the US’s 87$ million settlement with TikTok users in US.

A person holding a banana Description automatically generated with low confidence

Naturally this isn’t the first time we go into the topic. After all proper clean desk policies, protecting the data of everyone who comes into contact with our company is particularly important to us. One of the best ways to achieve that is getting a 27001 certification, though admittedly it was a hard-work process for us, we’re glad we did it!

Before we continue:

Disclaimer: DO NOT treat this article as legal advice! For that we suggest you address a proper legal specialist in your market. Guess what? We have a few of those on our team, just give them a call, they would love to help you out!

With that said, let’s dive deep into the topic of Data Privacy and eCommerce!

What is Data Privacy today?

First of all, what is Data Privacy? That’s easy right? The question might sound simple to everyone, but what do you “know-know” about it?

“Data Privacy and Protection” is the catch all term focusing on aspects of proper handling of data and compliance with protection regulations.

Simply put, Data Privacy centres around how data is being gathered, processed, stored, managed and shared with any third parties. All of which following the applicable privacy laws such as General Data Protection Regulation (GDPR) or California Consumer Privacy Act (CCPA) among others.

However, aside from proper handling of data, Data Privacy is also the common perception of the public on how data is handled. Essentially, how do your customers view your security and how willing are they to entrust their data to you! Key word here is trust.

Text Description automatically generated

Trust is hard to come by, quite easy to break and incredibly hard to repair. Being a major customer pain point for your business, whatever it might be – extra measures must be taken to address it.

Data Privacy and Protection in eCommerce not only ensures proper following of international regulations and standards, but it also builds public perception towards your business, i.e your brand loyalty.

Data is a commodity, a valuable one!

Because Data is foremost a commodity, let’s talk about money.

We absolutely love harping on about how important BigData is for your success, but we’re yet to talk about how expensive it is.

The general price range varies from industry to individual social media, to market segments and many other factors. However, consider the following:

Background pattern Description automatically generatedUber owns no vehicles > it connects people with vehicles with people without.

A red background with white text Description automatically generated with medium confidence Airbnb owns no apartments > it connects people with apartments with people looking for one.

A white cross with a blue background Description automatically generated with low confidence Facebook creates no content > it connects people with content with people interested in the content.

A black and white logo Description automatically generated with low confidence eBay creates no goods > it connects people with goods, manufactured or otherwise, with people looking for goods.

All of these are aggregators, under a C2C model, they primarily connect data bits together, people in need with a provider of said need. And we don’t have to tell you how profitable those companies are. Speaking of profits.

81% of all Google’s revenue comes from advertisements, while its overall revenue for 2021 was 256.7$ billion. With Google averaging this data per user at about 182$, this is how much data on one user is worth to them.

Data brokers know this, and they are willing to pay top dollar for your pictures of your frothing cappuccino on a Sunday evening in the park! So much dollar in fact that the industry is projected to grow from 232$ billion dollars to 345$ billion dollars in the following couple of years.

This knowledge is also known to the bad actors of the world, the hackers, among other types.

How does it affect us?

But what does this have to do with us? So what if someone is willing to pay incredible amounts of money for a picture of my dog?

A small dog with its tongue out Description automatically generated with low confidence

Milking that user-engagement for all its worth.

Think of our web-paper trail, our legacy, from an early age everything a person does on the internet, is recorded, and stored somewhere. Every app you use, every email you create, every picture of your coffee you share is a valuable commodity. And we give that data, that commodity away almost freely!

A screenshot of a phone Description automatically generated with low confidence

Many applications on our phone request multiple permissions to various parts of it. Some people have hundreds of applications on their phone… with most simply ignoring and agreeing to the permission requests those apps make.

Which is understandable, most often than not, you’re not really given a choice. You can either agree, or not use the app – simple as that. And about 7 out of 10 all mobile applications share your data with third party services.

You might say – well we “agree” and give consent to that. There is a lot of talk about consent in the world of Data Privacy, though many argue that it’s an illusionary choice.

Did you know that apple’s terms and conditions consist of more than 100.000 words combined? With iTunes clocking over 19.000 words. That is longer than many books.

This all leads to situations with buying an iPhone and requiring read/agreeing to more than 7.000 words terms and conditions contract. And if you don’t, it effectively bricks your legal purchase, until you click that “I agree” button.

This leads to hyper customized advertisement to a very valuable clientele – people with a want, money and interest. We talked about how to use and why in our SEO vs PPC piece.

Why is it so important to consider?

But why are we even talking about this? The answer is quite simple – We as a company are foremost pro the recent developments towards a more secure and safe internet!

We’re trying to encourage a more responsible approach to your data and where you put it.

Because all that is happening is merely a possible precedent to something far more sinister. That one black mirror episode with social app scores springs to mind.

Completely normal

Think that is a stretch? Aside from all the horrible identity theft incidents, or anecdotal stories people tell each other how their phone suggested a purchase before they even knew they wanted it. Or predicting pregnancies, all the way back in 2012.

Reality is no less wicked as it is.

A person in a suit and tie Description automatically generated with medium confidence

With all the rules and regulations out there, senate hearings like the one with congress on Mark Zuckerberg are merely a beginning of the long list of revelations we’re sure will be revealed soon.

If you’re unfamiliar with the controversy we implore you to give a read about Facebook Shadow Profiles. In short, allegedly, Facebook knows about you and your interests even if you do not have a Facebook account.

eCommerce and Data Privacy

Aside from the dystopian future where there is absolutely no privacy anywhere, it matters cause you (probably) want your eCommerce platform to succeed?

To do that one of the things you absolutely want to do is win your customer’s trust!

In our day and age, people have started taking their data more seriously, and spending their money with outlets they trust won’t sell their personal information to the highest bidder.

We are not saying “Stop collecting your customers data”, absolutely not, after all, using that data is the key to success and data driven decisions. What we are saying however is that it becomes increasingly important to invest in data protection in order to maintain your consumer’s trust.

With 88% of surveyed consumers admitting their willingness to share their personal data relies heavily on their trust of the company. And as of March 2021, about 52% more consumers care about online privacy in the retail market, compared to last year.

The trend is growing and shows no signs of stopping, for which we are glad!

By the by, not following proper procedures, not only harms your brand, but also invites lawsuits or huge fines by the government from 20$ million to up to 4% of your annual revenue, whichever is highest.

So, what can we do to help our eCommerce Platform?

Here is a small list that we think to be the most important things you must consider for your eCommerce platform. This list is in no particular order of importance, as all of the following are significant.

  • Proper user agreement and policy following international regulations and standards is a must. These include the CCPA, National Data Protection laws, GDPR etc.
    Per example: Whether your business is targeting the EU demographic or not, if you have any interaction with any EU asset, hold any information on its citizens, or even use the EU languages on your platform, you fall under the GDPR act and must abide by it.
  • Advanced Cybersecurity measures, pouring money in your CyberSec department is a must, the costs might be scary, but the alternatives of data breach lawsuits or loss of brand loyalty far outweigh the alternatives.
    This means employing:
    Two-factor authentication for both users and your staff.
    Using top of the line encryption methods to store and conceal user information.
    Requiring advanced forms of password creation for your customers.
  • Make sure you inform your users that you are in fact employing as much effort as possible in protecting their data, this means relative blog posts, press releases, ISO certification etc.
  • Implement a “high severity incident management program” or a SEV. Understand that data breaches inevitably occur. They cost a lot, so be prepared on all fronts when that happens.
  • Non-intrusive cookie popups, with clear options and settings. A balancing act, you might be losing that enticing data revenue, but your users will be very happy and trust you more. Though with the impending cookie death, things will change drastically anyway.

Final Message & Farewell

Before you leave, we would like to take this opportunity to hammer down on one key message of this post.

Protecting the Data of your customers is crucial for your success, not only from the legal perspective but most importantly your customer trust!

With that said, tell us what your opinion on data privacy is; Still think “if you have nothing to hide, you shouldn’t be afraid”? Would love to discuss in the comment section below!

Stay classy business and tech nerds!