Banking Review

Googley eyes

Google’s admission that it spied and collected private information shows
how trust is an increasingly vital component of businesses succeeding online

BY ALASTAIR MACGIBBON

When we talk about building trust with online customers, we usually list brand, making sure the online customer experience meets or exceeds expectations, fraud prevention, data protection and IT security as essential considerations. But events in the last month have highlighted the need for privacy to be added to that list as well.

Google’s admission that it collected wi-fi data and unencrypted Internet traffic via its streetview vehicles (http://www.thepunch.com.au/articles/google-the-pot-and-the-kettle/) and changes to default privacy settings by Facebook, which exposed more personal information to a wider audience, have caused front page news in mainstream media.

Public and government reaction to both events indicate a maturation in the way we view our online activities. And not before time: our online and offline lives are heavily co-mingled. We have always expected a high degree of privacy offline but that is worthless if our privacy doesn’t exist online too. We are starting to pay attention to just who knows what about us online. And it is a little worrying (http://www.guardian.co.uk/commentisfree/2010/may/25/personal-secrets-to-Internet-companies).

How Google, Facebook, the public and governments reacted is an important lesson to financial institutions, most of whom have had a very long history offline before engaging in the online channel.

The public has trusted financial institutions as custodians of their money and their privacy since there has been money. Customers should have that trust no matter which channel they use, whether it is via the Internet, an ATM or a teller at a branch. This is where the organisational and regulatory maturity of financial institutions should be a competitive advantage over their pure-play online rivals and others operating in the Internet space.

While there are amazingly successful, popular and profitable online brands, they are relatively immature and inexperienced in dealing with many of the issues offline institutions have dealt with for centuries, including privacy. And it will take time for them to catch up. In the meantime, financial institutions should unashamedly use privacy to their advantage.

Simplify the message
This will require effectively communicating a simple, clear, statement _ or promise _ of privacy to online customers. That won’t be easy because privacy statements have become wordy, legalistic documents, unread by most customers.

There are lessons elsewhere for turning such documents around to the advantage of the customer and the organisation: customer charters, like AAMI’s, were seen as ground breaking in their time, with simply worded promises. Financial institutions have started to simplify and market their customer service commitments and have built these into effective marketing campaigns.

To achieve this in the area of privacy, privacy advocates within financial institutions will need to work collaboratively with their marketing and legal teams to ensure the privacy promise is simple, meaningful, easy to digest and legal.

In addition, they will need to work more closely with fraud and IT security teams. In most institutions, that’s where the real cultural shift will have to occur. Fraud prevention is often seen as an anathema to privacy. And vice versa. Yet it stands to reason that privacy is impossible if accounts are not secure, and if customers don’t perceive them as secure. Equally, we have often justified the collection and comparison of data for fraud prevention purposes without fully understanding the impact such practices may have on a customer’s view of privacy.

Clearly, it is a delicate balance, but if it is achieved, it can be a very powerful beacon of hope to online customers waking up to the value of privacy online.

We have yet to see a large scale shift in online behaviours directly as a result of privacy concerns: the maturation I referred to above is a slow one, but in the right direction. It is likely that, over the next few years, we will see a significant segment of the online community behaving differently, with privacy becoming a major determinant of behaviour. We can only hope it isn’t too late.

Alastair MacGibbon is an internationally respected authority on high-tech crime including Internet fraud, consumer victimisation, and a range of Internet security issues. He is the founder of the Internet Safety Institue, and managing partner of Internet consultancy the Surete Group.