Consumer products companies’ effort to capture more detailed information about consumers presents a growing problem. Today, 80 percent of consumers say they are more likely to buy from consumer products companies that they believe protect their personal information. It must be noted though, that only 37 percent of those consumers believe that these companies are adequately doing so, according to new research from Deloitte LLP.


Deloitte’s new study, “Building Consumer Trust: Protecting personal data in the consumer product industry,” is based on two surveys completed last summer. One survey polled 70 U.S. consumer product industry executives and senior managers, and the second survey polled 2,001 adult U.S. consumers.


“Consumer product companies are collecting more detailed individual profiles, and unfortunately, the more data a company gathers, the more attractive that information becomes to malevolent parties,” says Pat Conroy, vice chairman, Deloitte LLP and consumer products sector leader. “Many of these companies have yet to establish themselves as stewards of consumer data protection, but stand to gain a great deal by strengthening their privacy and security practices and communicating them to consumers. Doing so can help distinguish these companies from competitors and subsequently impact purchase decisions.”


Consumers recognize that as companies invest more in targeted digital marketing and compile individual consumer profiles, it creates a greater risk for data breaches. At the same time, recent data breaches in various industries have heightened consumers’ awareness of data security and privacy. In the Deloitte survey, 83 percent of the participating consumers reported they were extremely or moderately aware of recent retail breaches. Furthermore, 83 percent of those consumers consider security breaches of personal data stored with consumer product companies to be a serious or moderate problem.


Making the situation more serious, 59 percent of the consumer respondents stated that the knowledge of a data breach at a company would negatively impact their likelihood of buying from that company. What’s more, only 51 percent of the consumer respondents say they would be “forgiving” of a consumer product company that experienced a breach as long as the company quickly addressed the issue.


Despite a tendency to overestimate consumer comfort with data privacy and security practices, executives do recognize the risks. Reputational damage to the brand tops the list of risks executives cited (76 percent) with regard to data privacy and security in the survey, followed by loss of current consumers (69 percent) and loss of potential new consumers (64 percent).


The flip side of the coin, however, is many executives surveyed are less than completely confident in their own companies’ data and security practices. Only 41 percent of the surveyed executives believe consumer data privacy is “absolutely critical” at their company. Tellingly, 30 percent of the executives “strongly agree” that their company’s privacy and security policies have kept up with recent technology and regulatory changes, or that their company has a consumer communication strategy in place if a data breach occurs.


In the end, the Deloitte research shows many consumer product companies do not seem positioned to gain consumer trust based on their current data privacy and security strategies, policies and systems. On the other hand, as the report notes, the field appears wide open for consumer product companies to differentiate themselves through creating a reputation for strong data privacy and security practices. The report authors believe consumer product executives should consider viewing data privacy and security not just as a risk management issue, but as a potential source of competitive advantage that may be a central component of brand-building and corporate reputation.


What are your thoughts on data security at consumer products companies? As a consumer, how would learning about a data breach impact your purchasing decisions?