Digital Trust is Essential for Data Privacy Protection
As the holiday shopping season builds momentum, Americans await a gift that is much desired but difficult to provide: digital trust. According to the Frost and Sullivan 2018 Global State of Online Digital Trust Survey, 50 percent of companies have been involved in publicly-disclosed data breaches, in which almost all resulted in negative revenue impact and an erosion of consumer trust.
A common perception in the United States is that these data breaches, usually involving sensitive, personally-identifiable information, are transitory events to be minimized because they cannot be prevented every time. But this misses an important aspect of the problem—namely, how to build digital trust as companies expand their business models to monetize a dramatically increasing amount of data that is being collected from users.
Here, it is useful to look abroad to see how other countries are building digital trust as a cultural norm and a societal expectation. Although some of these countries have smaller populations, they can be viewed as laboratories for scaling up in the U.S. if a strategic push for greater digital trust among the public at large is to be pursued.
Finland is a case in point. It’s ranked third (while the U.S. is ranked eighth) by the 2019 Bloomberg Innovation Index among the most innovative economies in the world. Finland recognizes that digital trust is essential to innovation, and that it entails a series of interconnected elements. For example, Eurostat ranks Finland first in trust in a country’s political system, and second in trust in a legal system. Its corporate ethics ranking is comparable too, according to the World Economic Forum.
Finland has not sacrificed business growth by promoting digital trust, either. Again, according to the World Economic Forum, it ranks second in the world for using information and communication technologies to boost competitiveness and well-being. Doing well by doing good is not a contradiction.
Neighboring Estonia was the first country to endure a cyberattack on a national scale. The attack took down banks, media outlets, and government institutions in 2007. Yet since then, it has been named “the most advanced digital society in the world” by WIRED. Estonia now is home to NATO’s Cooperative Cyber Defense Centre of Excellence and the European IT Agency. It owns and manages data centers in other countries in order to protect the Estonian Government Cloud. And in a first under international law, these Data Embassies under Estonia’s control now have the same diplomatic rights as physical embassies.
Estonians are impressed by these initiatives, and have been supportive of the government’s move to provide 99 percent of public services online, 24/7. Its parliament and civil courts are entirely paperless, and there is a high level of satisfaction among users in having access to a more efficient, customer-friendly system for day-to-day interactions with a broad range of government benefits and services. This aggressive move to eGovernment, which is working well in practice, would not be possible without first developing a national sense of digital trust.
The United States must begin to close its own digital trust gap, both for its domestic needs and for its broader ability to have its companies expand into markets abroad where digital trust is required to be globally competitive. According to PwC’s 2017 U.S. Consumer Intelligence Series, only 25 percent of American consumers believe that most companies handle sensitive personal data responsibly. This stark number underscores the lack of confidence that has resulted from data privacy being treated largely as an afterthought once a major data breach occurs.
The more prudent approach would be a long-term focus on building digital trust. Here, there should be a coordinated effort by the private and public sectors since major aspects of digital life, such as ecommerce and eGovernment, will first depend upon a positive perception of digital trust. Government regulation regarding better consumer notice and consent provisions may be useful, but the uncertainty whether and when any effective new national laws may be enacted requires voluntary activities to build digital trust, which will take time.
So at the very least, each online company should send its customers a holiday ecard that says “We Take Digital Trust Seriously—Here’s How.” Within it, the message should articulate what practical steps are being taken to bring these words to life. In doing so, companies will need to look inward regarding their own ability to foster such trust, and assess whether they can do better in creating a digital trust environment that produces enduring loyalty among its customers.
Stuart N. Brotman is a Fellow at the Woodrow Wilson International Center for Scholars in Washington, DC. He is based in its Science and Technology Innovation Program, focusing on digital privacy policy issues.