Ignoring customer privacy, website usability puts online sellers at risk

Distrust of how online retailers handle their customers’ personal information is at an all-time high, costing sellers in lost revenue and repeat orders.

More than a quarter (26%) of consumers have abandoned a brand in the last 12 months due to privacy concerns. Establishing a higher level of trust is no longer an either/or alternative; is becoming an increasingly important basis for the success, if not survival, of digital retailers.

Technology and security provider Thales published its 2024 Digital Trust Index in February. The report shows that only 8% of consumers feel comfortable sharing their personal data with online sellers. Based on responses from 12,426 consumers around the world about their relationships with online brands and services, the findings question the growing popularity of online shopping.

The survey results cover more than just food and soft goods purchased online. Media and entertainment, social media and logistics companies are falling to the bottom of industry rankings.

Thales has found that the majority of retail customers now demand a good balance between security and positive digital experiences in all online business meetings. Research has also shown that newer forms of online engagement create barriers to ensuring customer trust.

By sharing information, consumers place greater trust in banking, healthcare and government services. According to Thales’ vice president of identity and access management, Danny de Vreeze, this is a universal trend across all markets surveyed.

“This is perhaps unsurprising given the degree to which these industries are regulated, the types of information they are responsible for, and the measures they have in place to ensure the security of consumer data,” he said.

Problems ignored, no solution

In this year’s report, retail and hospitality were ranked fourth among the least trusted sectors. This is in line with the findings of the 2022 report, where the retail industry was still among the least trusted industries, advises Haider Iqbal, director of product marketing at Thales IAM.

“But interestingly, although retail was not among the most trusted entities in either 2022 or 2024, consumers had significantly greater trust in retail organizations in 2022 (20%) compared to this year’s results (8%),” Iqbal told the E- Czasy Handlu daily.

With such a high percentage of consumers distrusting data security, the issue seems to fall on deaf ears. While there is a clear awareness of the need for data protection, he noted that achieving this goal does not always lead to actionable results.

“Regional dynamics appear to be the most important driver for action. Thanks to strong enforcement of GDPR by regulators, retail players in Europe are taking greater steps towards better practices and controls in implementing consumer data privacy,” Iqbal offered.

The penalty for violating H&M’s personal data protection opened the eyes of the industry. However, as the report points out, retail companies should not pay attention to data privacy just because regulators want to enforce it.

“They should look into it because their customers demand it,” Iqbal advised.

Climbing the Digital Trust Index

The report’s findings confirm that the right to privacy and security is non-negotiable. Most customers (89%) are willing to share their data with organizations.

However, this comes with some caveats that are non-negotiable. For example, over a quarter of consumers (29%) abandoned a brand in the last 12 months because it required too much personal information.

“While companies are subject to international data protection rules regardless of sector, those lower in the rankings are subject to fewer directives directly relating to both data security and privacy,” de Vreeze proposed.

As more companies increase their digital presence, there are lessons to be learned for unregulated industries as consumer preferences evolve.

More than four in five (87%) expect some level of privacy rights from the companies they do business with online. The greatest expectation is the right to be informed that their data is being collected (55%), closely followed by the right to have their personal data deleted (53%).

Online customers also expect greater concessions in the privacy standards that companies adhere to. For example, 39% expect the right to rectify their data, 33% expect the right to request a copy of their data, and 26% expect the right to transfer data from one platform to another.

Frustration online increases brand loyalty

The Thales report also highlighted the role that a well-oiled website plays in fostering customer loyalty, regardless of the privacy factors they encounter. Customer concerns go deeper than how online services use their data.

In addition to privacy requirements, organizations must also provide a seamless online experience to gain the trust of their customers. Today’s consumers are increasingly time-conscious, with over a fifth (22%) saying they would immediately stop interacting online when faced with a frustrating experience.

Respondents also identified pop-up ads as their main source of frustration (71%), followed by password resets (64%) and having to re-enter personal information (64%). In the study, 59% of respondents also found complex cookie options to be their biggest frustration.

“Our findings show that 93% of consumers abandon an online brand after five minutes or less if they encounter a frustrating experience. In fact, 25% give up within the first one or two minutes. This means that companies only have a short time to give users the digital experience they want,” Iqbal said.

Lip service is no longer effective, consumers are demanding action

As Iqbal sees retailers react, they will soon have no choice but to simply pay lip service to privacy and data security. Given that GDPR precedes any U.S. legislation – and follows actions such as the CCPA in California and the VCPA in Virginia – it sees more regulatory action being taken on consumer data rights.

“With more scrutiny than ever before of large language models (LLMs) and where they get their training data, this conversation will become even more important and will ensure that legislation ensures that the right to privacy and security is as non-negotiable as respondents report about that’s what they’re asking for,” he predicted.

The report highlights that, according to Iqbal, e-mail (40%) and telephone calls (28%) are not only the preferred communication channel for consumers in retail, but also in other industries. An important trend to note is that there are now many more channels and touchpoints available for retail services.

The concept of having a good omnichannel experience strategy is not limited to the banking industry, for example. In-store/personal communication is still extremely important as a means of communication (32%) in retail. The industry must accept this reality and prepare to build consistent omnichannel experiences for its consumers,” he insisted.

What is the end game?

Iqbal maintains that trust is not a monolithic concept, especially in the digital world. Organizations need to develop their own formula for measuring trust.

“The perception of trust in a retail brand is likely to be very different from the perception of trust in a bank or insurance company,” he noted, adding that Thales “understands that this concept of trust can vary greatly, not only from one industry to another, but also across within the industry.”

With this understanding, organizations need to have foundational capabilities in their digital channels to improve data security and data privacy controls, Iqbal explained. For example, when a company discovers the causes of customer abandonment but lacks the resources and flexibility to deal with them, it must be prepared for a constant churn of consumers.

“If you continue to rely on legacy, often monolithic systems to meet the modern and rapidly changing needs of consumers and regulators, you are not prepared for the future,” Iqbal concluded.