Putting consumers in control: The power of consent
In today’s ever-evolving digital landscape, the concept of consumer consent has taken centre stage for companies. Gone are the days when consent was assumed; today, the control is firmly in the hands of the consumer.
For those companies that handle consumer data, consent has to be a priority. While consumers want the services they can get from them, they also want to have control over their personal information when applying for those services.
“An individual’s consent journey has evolved considerably over time,” says Bryan Orsmond, chief information officer at Comcorp, a leading software innovator and authentication technology specialist. “In the 1950s, handshakes and one’s word was sufficient. Later this was replaced with ID books, smart cards, check boxes and signatures on forms. In these early days, and before the rise of mass marketing and social media, consent to hold and process personal information was not a big issue.”
Today, consumer rights and the right to retain control over one’s digital footprint and data is covered by strict laws governing the storage and processing of personal data – like South Africa’s Protection of Personal Information Act (POPIA) and the European Union’s General Data Protection Regulation.
“We need to recognise that ownership of a person’s identity, their data and their consent belongs solely to them, and they dictate their terms of use,” stresses Orsmond.
For the consumer, the issue with providing consent comes down to a lack of trust and transparency; they have become increasingly sceptical of companies that use their data. They need to know their private information will only be legitimately used. Once this can be achieved and trust built up, consumers will benefit from the convenience of sharing data to enable digital financial transactions.
From the perspective of companies that process consumers’ information, obtaining consent can introduce additional friction (resistance) along the journey. “While a degree of friction is actually good, it is when companies are not properly geared for obtaining and managing consent that the friction becomes a hinderance for both the business and the consumer,” says Orsmond.
He shares four ways to empower consumers through data control:
- One fundamental principle of data control is consumer consent. Individuals should have the power to decide what data they share and for what purpose. Companies must be transparent about the data they collect and obtain explicit permission from users. This step ensures consumers actively participate in shaping their online experience.
- It is essential to acknowledge and respect the legal frameworks governing a consumer’s data to ensure consumer consent is not only obtained, but also honoured. This means respecting and acknowledging whose data it is.
- Consumers need to be fully informed about the data that companies wish to use, the reasons behind it, and the involved parties. Providing easy-to-understand privacy policies and terms of service is crucial. When consumers understand the scope of data collection, they can make informed decisions about what to share and what to keep private.
- Consent holds little value if it is not provided by the rightful data owner. Businesses have the responsibility to ensure the strong authentication of individuals when obtaining and recording their consent. Neglecting this crucial step not only puts the consumer at risk of identity fraud, and companies at risk of impersonation fraud, but also violates laws such as the POPIA.
In conclusion, the consumer is in control of their own data, and companies can play a significant role in empowering them. By prioritising consent, companies can build trust, improve customer satisfaction, and contribute to a more consumer-friendly digital landscape where privacy and personalisation co-exist harmoniously.