Data privacy awareness is on the rise. Users become more and more concerned with how online service providers collect and protect their personal information. And so should you. Discover how to balance the risks and benefits of collecting data in the age of customer centricity.

1. The Real Cost of Data Privacy...
...and how to balance the risks and benefits to
your business in the age of customer centricity
Ewa Agata Bałazińska, Piwik PRO
INference, 9th of December 2016

2. The Real Cost of Data Privacy
Ewa Agata Bałazińska
Content & Communications Manager
Piwik.pro

3. The Real Cost of Data Privacy
Aurélie Pols
Whitepaper on data protection
best practices written by a
renowned privacy expert

4. The Real Cost of Data Privacy
Agenda
1. Data Breaches: The New Norm?
2. The Promise of the Brave New Digital World
3. When There Is One Cookie Too Many
4. Businesses and Customers: Friends or Foes?
5. Why Should My Business Care?
6. Regulators Looking for a Third Way
7. Some Transcontinental Stories to Consider
8. What Does the Future Hold For Us

5. The Real Cost of Data Privacy
Data Breaches: The New Norm?
• A day doesn’t go by
without another big data
breach hitting the
headlines.
• Hacks, leaks, poor
security, configuration
error, etc.
• Both large companies
and start-ups
• Can your business afford
to suffer from a breach?
There’s more at risk than
just losing data.
Data Biggest Data Breaches by Information Is Beautiful

6. The Real Cost of Data Privacy
$4 million
the average total cost of a data breach incident
Ponemon Institute & IBM Study: 2016 Cost of Data Breach Study. Impact of Business Continuity Management

7. The Real Cost of Data Privacy
But there’s even more
to lose.

8. The Real Cost of Data Privacy
The Promise of the Brave
New Digital World
• The Customer Journey is a
concept used in sales &
marketing, but also with
usability and design.
• The emergence of tools for
better understanding the
customer journey: from initial
contact, through the
engagement process, towards
a long-term relationship.
• The promise of new
opportunities for both
businesses (more insights and
sales) and users (usability,
customization of content and
offers).
• Referrers &
Campaigns
reports: where
does the
journey begin?
• Entry pages &
Visitor log:
where are the
first touch
points with the
brand?
• Tracking touch
points in the
middle of the
sales funnel,
also for
individual
users.
• Tracking non-
standard touch
points
• Tracking
customers in
the final stages
of the
conversion
funnel
• Touch points
beyond the
funnel
• Reports on
length of the
customer
journey
• Intranet
analytics
• App Store
analytics
• Custom
dashboards
• Custom
variables &
dimensions
Awareness Consideration Conversion Retention

9. The Real Cost of Data Privacy
The Promise of the Brave
New Digital World
American customers say
they might provide
personal information,
depending on the deal
being offered and how
much risk they face.
Pew Research Center

10. The Real Cost of Data Privacy
The Promise of the Brave
New Digital World
American customers say
they might provide
personal information,
depending on the deal
being offered and how
much risk they face.
Pew Research Center

11. The Real Cost of Data Privacy
When There Is One Cookie Too Many
• Tension between what really needs to be
tracked and unrestricted data collection
‘just-in-case we need it one day’.
• First-party vs. third-party cookies: The
majority of breaches occur as a result of third
parties.
• “Stitching” the customer journey on multiple
devices with a variety of techniques,
including probabilistic or deterministic re-
identification matching.
• Shift in power balance: the customer and
citizen’s identity is increasingly
commercialized, leading to discrimination
and general discontent.
Source: Michelle O'Connell’s collection/ Flickr

12. The Real Cost of Data Privacy
When There Is One Cookie Too Many
• Many companies attempt to
match personally identifiable
information (PII), such as a
name and address, with
consumer profiles they have
at their disposal.
• Even if based on a cookie
usage, such collection can
still include sensitive data.
• The Creepy Factor Stories

13. The Real Cost of Data Privacy
Businesses and Customers:
Friends or Foes?
If your customers trust you,
they love you
and they will be passionate
about your love…
…but if you breach their trust,
you will not just create Dislike
You will create hate.
People don’t go from Love to Dislike
TRUSTPRIVACY
$+$-
LikeDislike
Inspired by The International Association of Privacy Professionals

14. The Real Cost of Data Privacy
Businesses and Customers:
Friends or Foes?
The rise of adblocking
software, with an
estimated cost to
publishers in 2015
as high as
$22 billion
Growth of third-party
cookie rejection -
some reports point to
numbers as high as
40%
of users. Source: The PageFair & Adobe Report

15. The Real Cost of Data Privacy

16. The Real Cost of Data Privacy
Why Should My Business Care?
• Privacy awareness is on
the rise: among clients
and citizens alike
• Users are concerned
with how online service
providers collect and
protect their personal
information.

17. The Real Cost of Data Privacy
Why Should My Business Care?
• Data privacy can no
longer be an afterthought
according to reports by
• More and more research
confirms that data privacy
can be a differentiator
and game-changer if you
want to win and retain
customers.

18. The Real Cost of Data Privacy
You want to have TRUST
throughout the entire ecosystem

19. The Real Cost of Data Privacy
Regulators Looking for a Third Way
DIRECTIVE 2009/136/EC OF THE EUROPEAN
PARLIAMENT AND OF THE COUNCIL of 25
November 2009, amending Directive 2002/22/EC
on universal service and users’ rights relating to
electronic communications networks and services,
Directive 2002/58/EC concerning the processing of personal data
and the protection of privacy in the electronic communications
sector, and Regulation (EC) No 2006/2004 on cooperation
between national authorities responsible for the enforcement of
consumer protection laws.

20. The Real Cost of Data Privacy
Guidelines by
1. Collection Limitation
2. Data Quality
3. Individual Participation
4. Purpose Specification
5. Use Limitation
6. Openness
7. Security Safeguards
8. Accountability

21. The Real Cost of Data Privacy

22. The Real Cost of Data Privacy
Compliance refers to everyone, both
corporate players and start-ups alike
• Data protection laws apply to
individuals and all businesses,
regardless of their size or
development stage.
• Need to keep an eye on what
software is used in your
organization, how it is licensed
and whether the licences are up
to date. The same concerns apply
equally to data security.
• A breach can lead to a fine with
sums that might be small change
for a big company but could be
crippling for a start-up.

23. The Real Cost of Data Privacy
Need to be grown-up
about data security.

24. The Real Cost of Data Privacy
Beware the small print!
• FREE SOFTWARE IS GREAT.
Except it’s not free.
• Software provider profits from
your data and your users’ data.
You are the product here and
you compromise your visitors’
• Would you give away your
CRM and other sensitive data
to ad agencies serving your
competitors?
Excerpt from the Google Analytics’ Terms of Service

25. The Real Cost of Data Privacy
Some Transcontinental Stories
to Consider
Obliterating the internal
data processing framework
known as SafeHarbor:
The European Court of
Justice in Luxembourg
declares SafeHarbor illegal
in October 2015. Data of EU
citizens can’t be processed
by US entities on the basis
of SF, more guarantees are
needed.
February 2016:
Announcement of
PrivacyShield, new
framework for
transatlantic data flows
between US and UE.
Source: European Commission
Edward
Snowden
2013
Max
Schrems
2015

26. The Real Cost of Data Privacy
Not just the European Union...
According to Russian law from
2014, companies must store
user data on Russian soil,
something U.S. technology
firms currently don't do.
Until now, Russia has not
enforced this law and LinkedIn
seems to be the first company
that has been actively pursued.

27. The Real Cost of Data Privacy
What Does The Future Hold For Us?
• General Data Protection Regulation
to come into force in 2018
• Stems from the need to focus on
the rights of the customers and
citizens in the European Union.
• Much heftier fines for lack of
compliance than before: up to
€20m or 4 % of global turnover,
whichever is the higher.
EU Commission Vice-President, Viviane Reding
Citizens do not always
feel in full control of
their personal data
Source: WFA Marketers

28. The Real Cost of Data Privacy
5 top changes that GDPR will bring
about...
Data-driven consent: An individual user must be provided with accurate
information on the kind of data to be collected or processed, and for what
purpose. ”Explicit” consent is needed in the case of processing particularly
sensitive data.
Comprehensible policy: a request for user’s consent for data processing
must be performed in an easy, accessible form and written in clear and
plain language.
“Right to be forgotten”: All subjects have the right to have their data
removed from a database upon demand.
Compliance of all subjects: All vendors who deliver cloud service to
businesses in the EU or process data in any other way must meet the
requirements of the new ruling. GDPR comes into force in the spring of
2018, so businesses are to use this transitional period to apply its
provisions.
Data protection officer: If a company manages a great amount of sensitive
data, it is obliged to appoint a data protection officer.
1
2
3
4
5

29. The Real Cost of Data Privacy
Final Takeaways
• Don’t risk your revenue, insights, reputation
or your customers’ trust.
• Just because technology lets you spy on
your users doesn’t mean you should do so.
• Be grown-up about your data security, no
matter how big or small your business is.
• Use suggested frameworks, such as OECD
guidelines, to inspire your internal data
protection policies.
• Make sure your setup is ready for the
forthcoming European regulations.

30. The Real Cost of Data Privacy
If you want to learn more about mitigating data risks,
read our free whitepaper.
Download from Piwik.pro

31. Thank you!
content@piwik.pro
piwik.pro/blog
@piwikPRO /PiwikPro /piwik-pro