Companies lack adequate data privacy, consent tools for evolving regulations and dynamic digital economy: global survey

Almost all IT professionals taking part in a recent global survey agreed customer data privacy concerns are a critical issue at the C-level, but fewer than one in 10 of respondents believe that current privacy and consent methods are adequate.

Conducted by independent research organization TechValidate on behalf of ForgeRock, an open platform provider of identity management solutions – the survey sought to assess the role of data privacy and consent in building a trusted digital world.

Although responses showed 93% agreement among IT professionals that customer data privacy concerns are a critical issue at the C-level, just nine percent of IT professionals surveyed believe that current privacy and consent methods are adequate, notes a statement issued last week by ForgeRock.

In all, more than 300 IT professionals were surveyed, with responses representing 11 verticals (including healthcare, retail, telecommunications and finance) from 38 countries across North America, Europe and Asia-Pacific-Japan (APJ).

ForgeRock further reports there was global agreement that the evolving landscape demands flexible privacy and consent methods. In all, 96% of surveyed IT professionals agreed there is an increasing need for dynamic and flexible privacy tools that are adaptable to future borderless regulatory requirements and consumer expectations, the company statement notes.

“The rapid growth of the (Internet of Things) IoT and the digital economy is posing enormous challenges to businesses and the public sector in terms of protecting personal data privacy and building trusted relationships,” the statement notes. ForgeRock cites figures from Gartner, Inc., which forecasts 6.4 billion connected things will be in use worldwide in 2016, up 30% from 2015, and will reach 20.8 billion by 2020.

“According to most organizations, customers are demanding more control over how their personal data is managed and shared,” the statement notes. “In addition, most agreed that ensuring data privacy and consent was important for building customer loyalty,” it adds.

Asked about the data privacy expectations of their customers, 95% of responding IT professionals agreed with each of the following statements:

• individuals are becoming increasingly concerned about their personal data privacy and their ability to control, manage and share data about themselves online;
• organizations want to build trust by giving customers the ability to consent to data-sharing and to control who their personal data is shared with; and
• the ability to preserve and prove customer privacy builds loyalty for their brand.

Despite the acknowledged importance of data privacy, just 9% of those surveyed say they believe current methods (such as, check boxes and cookie acknowledgment) used to ensure data privacy and consent will be able to adapt to the needs of the emerging digital economy.

In addition, ForgeRock reports the survey found respondents based in the United States are more confident than their counterparts based in Europe that the U.S. will adopt stricter EU-style privacy legislation. In all, 85% U.S.-based IT professionals say they believe the U.S. will eventually do so compared to 66% of European IT professionals.

With regard to emerging data privacy regulations, responses show the following:

• 96% of IT professionals believe emerging European regulations for data protection are creating a need for better tools and standards for ensuring protection of personal data, privacy and consent;
• 84% of U.S. respondents (and 87% percent of APJ-based respondents) believe the U.S. will eventually adopt regulations similar to those of Europe; and
• only 66% of EMEA-based respondents believe the U.S. will eventually adopt such regulations.

“As connected devices and technologies take on a greater role in public and private life, there are massive business benefits to building in new identity and data privacy solutions that can scale over time,” ForgeRock CEO Mike Ellis says in the statement. “Organizations clinging to legacy identity management technologies – which are currently inadequate – will be at a major disadvantage,” Ellis continues.