Data privacy is a complex and contested issue because the business model of many of the most successful commercial organisations is based on data monetisation, especially ad-targeting. This monetisation model, centred on selling the user’s data to the highest bidder and getting as much data to as many bidders as possible, conflicts with data privacy. The global digital advertising industry has grown at an approximately 12% compound annual growth rate between 2014 and today, meaning that these practices are diffusing rapidly.
Listed below are the key macroeconomic trends impacting the data privacy theme, as identified by GlobalData.
Pandemic increased focus on privacy
The pandemic forced many societal changes but three had enormous privacy implications. Firstly, there was the urgent need for personal health-related data to understand comorbidity factors and exposure risk to guide government policy. Rather than being pushed aside, privacy teams and privacy principles attained greater prominence.
Secondly, more working from home increased the risk staff would fall for phishing attacks, send sensitive data via insecure channels, or otherwise bypass protection measures to facilitate their work. Employees are at the heart of some of the world’s most notorious data breaches, including the now infamous Equifax data breach that exposed the records of nearly 146 million Americans, and the pandemic massively increased the risk that employees would bypass internal processes to get their job done more easily.
And thirdly, customers’ increased digital usage. More customers moved online, and existing customers doing more high-value and high-risk tasks increased privacy risks. The need to digitise other sales and service pathways, and launch new features, saw banks work faster, risking some privacy policies not being followed.
Ultra-low interest rates drive data-driven revenue generation
Amid long-term ultra-low rates worldwide, many banks began exploring alternative revenue models, many of which are premised on data monetisation and data sharing. This may include banks selling aggregated data to retailers to inform branch location decisions or making aggregated consumer data available to developers to build over-the-top services for their customers.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataIt can be ingesting external data to enhance internal decision-making such as for credit risk assessment purposes, or the use of data to help improve the bank’s existing artificial intelligence (AI), big data, and predictive analytics investments—all of which are critical revenue-generating activities, yet all of which are critical data privacy considerations also.
Rise of super-apps in banking
Super-apps, routed in the Alibaba and Tencent models in China, is the aspiration of tech companies and banks alike as they consider the future of financial services. The ability to use data from one activity, or vertical, and bring it to bear on another activity or vertical, creates this so-called fly-wheel momentum, which makes it harder and harder for second-comers to catch up, by virtue of ever more personalised services.
From this perspective, payments data is perhaps at its most potentially powerful since targeted ads, offers, and push notifications can all be funnelled into the same device that is making the payment, even at the point-of-sale (POS) itself to present offers in real time. However, financial services providers need express permission to use each type of data to support each new type of activity.
Data privacy is expensive to get right but more expensive to get wrong
Firms that are subjected to a data breach experience both direct and indirect costs. The direct costs include breach detection and escalation costs. This includes the time and cost of notifying customers affected and setting up a communication platform to help victims. Firms that are subsequently found guilty of a breach due to non-compliance with existing privacy laws then typically incur additional costs in the form of legal fines. For example, BBVA was fined $5.5m in December 2020, and Capital One was fined $80m earlier in the same year for a large data breach.
Indirect costs centre on reputational costs, which can only be measured on an economic estimate of lost business opportunities, and these costs are growing over time in direct proportion to growing consumer awareness of the topic and regulatory crackdowns.
Ad-driven business models
Having forged pure ad business models for the collection, sale, and use of personal data, with several non-material costs for customers, big tech companies are now trying to revise their reputations.
As stringent data privacy measures obstruct data collection, ad-funded companies like Meta will reshape their business models and diversify revenue streams. Meta, for example, plans to build new adtech and ecommerce tools.
Meanwhile, TV broadcasters’ and publishers’ reputations will be strengthened by the increased scrutiny on internet platforms, their biggest competitors. Against this backdrop, incumbent financial services providers may benefit from a clampdown on some of the more ‘fast and loose’ data players in adjacent verticals.
This is an edited extract from the Data Privacy in Banking – Thematic Research report produced by GlobalData Thematic Research.
Related Company Profiles
Equifax Inc
Tencent Holdings Ltd