NEW YORK, NY, USA, 24 November 2020—During this time of tightening COVID-19 restrictions and more physical restrictions, retailers are more focused than ever on reaching the online customer. However, as societies move to “safer at home” scenarios are they “safer online” as well? As the holiday shopping season ramps up this week, Deloitte is revealing the top data privacy practices retailers need to keep top of mind
The recent Deloitte “2020 Deloitte Holiday Retail Survey: Reimagining Traditions,” while focused on American consumers, is a good indicator of how most global consumers will likely behave this year in light of COVID-19. 64% of survey respondents indicated that their holiday shopping budgets will be spent online during the holidays—a number which will likely only increase in the coming weeks. At the same time, Cyber Monday has also bypassed Black Friday in importance for all generations (59% of respondents plan to shop on Cyber Monday versus 48% on Black Friday). These trends have brought cyber practices to the forefront for many retailers.
Given the cost of a security breach—losing your customers’ trust and perhaps even defending yourself against a lawsuit—safeguarding personal information is just plain good business. Earlier this year, we saw the rise if phishing campaigns for consumers around the pandemic; cybercriminals will simply adjust their phishing lures now to email themes to current holidays and events,
said Emily Mossburg, Deloitte Global Cyber Leader.
"Striking the right balance between secure transactions, data privacy and positive user experiences is crucial for organizations to confidently expand online services and customer reach."
Customers, vendors and supply chain partners want to know that cybersecurity is a priority for the organizations and institutions to which they entrust their transactions, information, and personal data. Employees want to feel certain that their work-related data is secure, and that the networks they need to do their jobs will function properly.
Organizations should ask themselves what they must do to build and maintain trust.
Just before the holiday season began, the European data protection rules changed with immediate impact on current data sharing practices. Since the Court of Justice of the European Union (CJEU) made their judgement in the Schrems II case there is work to be done for organizations that share/transfer personal data from/to the USA and EU countries. International operating retailers that transfer data will have to make sure the contractual agreements on data sharing match the increased strictness of the European court and subsequent guidance from the European Data Protection Board.
Even with the promise of Coronavirus vaccines on the way, retailers should not rest easy in preparation for next year’s holiday retail season as online marketers targeting consumers will have to start thinking of new ways to target, engage and redirect customers to their platforms. To make the Internet safer, the use of third-party cookies will no longer be possible by 2022. This means a major shift in digital marketing practices, in favor of privacy protection of consumers.
These decisions reinforce the importance of data protection to global commerce and the critical role that privacy professionals play in implementing protections in line with foreign legal requirements.
Organizations that created new workforce strategies and customer service approaches under the pandemic pressure of 2020 will need to determine if they warrant longer term adoption and transform the ad hoc procedures into best practices for the future. From a Cyber lens, digital trust is a critical facet of society’s ability to thrive in the next normal.
Retailers are trying to get closer to their customers by using new technologies like augmented and virtual reality and this should come with a focus on consumer trust,
said Annika Sponselee, Deloitte Global Data and Privacy Leader.
"Retailers should provide straightforward language in their privacy communications explaining how they are protecting it and why data from consumers is being used."
“Deloitte,” “us,” “we” and “our” refer to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities (collectively, the “Deloitte organization”). DTTL (also referred to as “Deloitte Global”) and each of its member firms and related entities are legally separate and independent entities, which cannot obligate or bind each other in respect of third parties. DTTL and each DTTL member firm and related entity is liable only for its own acts and omissions, and not those of each other. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more.
Deloitte provides industry-leading audit and assurance, tax and legal, consulting, financial advisory, and risk advisory services to nearly 90% of the Fortune Global 500® and thousands of private companies. Our professionals deliver measurable and lasting results that help reinforce public trust in capital markets, enable clients to transform and thrive, and lead the way toward a stronger economy, a more equitable society and a sustainable world. Building on its 175-plus year history, Deloitte spans more than 150 countries and territories. Learn how Deloitte’s approximately 415,000 people worldwide make an impact that matters at www.deloitte.com.
Deloitte Global Communications
Tel: +1 202 738 7586
Mobile: +1 202 734 3207
Deloitte Global Communications
Tel: +1 212 266 4281
Mobile: +1 347 491 0819