31 August 2023

Understanding Digital Trust:
3 proven strategies for data privacy and security

The ever-evolving digital trust landscape presents unprecedented challenges for both consumers and the organisations serving them. New research from Bank of New Zealand (BNZ) shows a significant jump in scam activity over the past 12 months, with nine out of ten New Zealanders targeted by a scam, up 13 percent on the same time last year. As the types and sophistication of threats multiply, traditional channels for engagement, transactions, and communication become more susceptible to vulnerabilities.

The intricate web of identity, privacy, security, and data is impossible to overlook. While the public counts on service providers to responsibly manage their data, frequent news of breaches underscores that risk and doesn’t solely come from external threats but also from organisations with inadequate or even questionable data practices.

The plummeting costs of data collection and storage over the past two decades spurred a ‘collect-all-you-can’ mentality. The rationale? Perhaps this massive data might be valuable someday for unforeseen analysis or even monetisation.

However, this unrestrained data collection approach poses risks for both organisations and the people they serve. Many companies might not even be aware of the nature or purpose of the data they’ve amassed. And although addressing these existing data excesses is critical, this article narrows its focus to a forward-looking approach for new initiatives.

“This isn’t an outright refusal to collect data. Instead, it’s a shift towards gathering data based on immediate necessity, not speculative future use.”

  1. A halt to data collection

Let’s reconsider the default of ‘collect data endlessly.’ I prefer the philosophy, ‘we don’t want your data.’ This isn’t an outright refusal to collect data. Instead, it’s a shift towards gathering data based on immediate necessity, not speculative future use. The goal isn’t data accumulation; it’s achieving a defined outcome. And if the purpose of data collection is nebulous, you’re inadvertently escalating risks without tangible benefits.

Such an approach might seem contradictory to certain business models. However, even in data-centric industries, this mindset is paramount to evaluate the associated risks adequately.

Minimising data is a proactive step towards risk reduction. Yet, the residual data, particularly sensitive or personal information, still requires protection during transactions. How can consumers ascertain your trustworthiness?

2. Consent is key

Incorporating user consent into your customer journey from the very beginning is not just a recommended practice; it’s an imperative one in today’s data-driven landscape. Users are increasingly concerned about how their personal information is collected and used, and businesses that prioritise transparency and user control gain a significant competitive advantage. This means that the process of obtaining consent should be straightforward and user-friendly. Instead of hiding data practices behind convoluted jargon-laden terms and conditions, companies should strive to present this information in a clear and concise manner that the average user can easily understand. By doing so, users can make informed decisions about sharing their data. Companies that do this well are transparent and frame the data collection through the lens of give, get. For example, when we better understand your organisation, it allows us to provide back personalised reporting that will inform your future practice optimisation.

Moreover, it’s crucial to consider the timing of consent collection. Whenever possible, opt-in consent should be brought to the forefront at the point of data collection. This approach respects the user’s autonomy and ensures that they are aware of how their data will be used right from the start. It also aligns with emerging data privacy regulations that emphasize user choice and control. By making user consent an integral part of the customer journey, businesses not only demonstrate their commitment to ethical data handling but also foster trust and positive relationships with their customers, ultimately leading to stronger brand loyalty and long-term success.

3. Look to your secure channels

A recent survey by Atomic.io asked banking customers what they consider to be their most trusted digital channel. Nearly half (44%) say their web or mobile app is their most trusted channel. Prioritising communication through authenticated platforms over traditional low-trust channels like email and SMS can further bolster this trust. Organisations should harness the potential of authenticated web and mobile apps as primary communication and transaction mediums. Admittedly, many have found it challenging to embed the versatility of traditional communication methods into these apps. This hurdle often leaves their communication strategies fragmented.

However, emerging technologies and services are poised to bridge this divide. By offering integrated in-app solutions at strategic touchpoints, they ensure that communication and transactions occur where the customer trusts them the most.

The digital world is moving at a rapid pace and so are the scammers going after consumer data. By incorporating these concepts into your larger data privacy and security strategy, you can stay ahead of the curve and ensure your customer’s trust is at the centre of all you do.

By Ross Kettle

This article was first published by Atomic Insights.

Waylon Kenning

Waylon Kenning

Director of Emerging Technology, MSD

Dr Warren Williams

Dr Warren Williams

Tumu Whakarae/Chief Executive, Katoa Connect Trust

Juliana Cafik

Juliana Cafik


Tākina Convention & Exhibition Centre