A recent article in the Harvard Business Review makes the case that having good customer data privacy isn’t just for avoiding crises — it can also boost business. One aspect of that is communicating properly.

The article, “Data Privacy Is a Growth Strategy,” provides an overview of academic research showing the benefits of practicing what researchers call “customer data privacy stewardship.” In a Q&A accompanying the piece, Google’s former chief privacy officer also makes some important points.

As for the academic research, an examination of 280 brands over four years showed a link between strong privacy practices and higher customer intent to purchase. In addition, an experiment found that participants were less likely to use a fictional tax-services company if it was revealed to have weak privacy practices. “Another study found that the shareholder value of brands that embrace privacy is $869 million higher on average than those that don’t,” according to the HBR.

Take Responsibility

The research suggests that data-privacy practices should be “visible to customers,” should reflect that the company takes responsibility for those practices and should be embedded in operations, not merely symbolic, according to the HBR.

Such stewardship should show that the organization truly cares about customers’ privacy and should reduce customer anxiety “about their data being misused or exposed,” the HBR wrote.

The article quotes Natalie Chisam, assistant professor of marketing at the University of Nebraska–Lincoln. “Privacy stewardship is not about avoiding mistakes or reacting after breaches,” she says. “It’s about proactively showing customers that their data is handled with care, restraint and accountability.”

One point that Keith Enright, the former Google chief privacy officer, makes is that the privacy practices need to be communicated properly.

‘Clear, Concrete’

“The best way to tell everyone is to make it clear, concrete and visible in places where customers already make decisions,” says Enright, now chief strategy officer at the Harvey AI legal-services platform (after a stint as partner at the Gibson Dunn law firm). “Start by explaining in simple language what data you collect, why you collect it and how you keep it safe, without jargon or legalese.”

Enright also has advice for when a breach does happen. “Don’t waste the crisis,” he says. “Instead use it to fix deeper cultural and structural issues, not just patch the immediate problem. You should bring in people who can diagnose what failed and work constructively with regulators to navigate the investigation. You also need to make sure your promises about privacy match what you can really deliver, because trust drops quickly after a breach and rebuilds slowly.”

Image Credit: s7akti/Pixaby

Sign up for our free weekly newsletter on crisis communications. Each week we highlight a crisis story in the news or a survey or study with an eye toward the type of best practices and strategies you can put to work each day. Click here to subscribe.