Report: 9 in 10 brands not protecting customer data well enough

Third annual Deloitte Privacy Index 2017 finds 9 in 10 employees across Australia's top brands don't think the organisation does a good enough job of being transparent around customer information

Employees across more than nine in 10 of Australia’s top 100 brands believe their organisations don’t do a good enough job of being transparent with consumers about how their information is being used.

The new Deloitte Privacy Index 2017, launched to coincide with Australian Privacy Week kicking off today, found 91 per cent of staff across Australia’s listed and privately owned top 100 brands believe their organisation could be more transparent with how they’re using customer data.

In addition, 58 per cent of respondents believed regulatory compliance was more important to their organisation than building trust with customers (36 per cent), and 59 per cent claimed organisations are neglecting to build trust with their employees. Just four in 10 received privacy training at induction or on an adhoc basis.

The survey encompassed more than 1000 employees across the top 100 organisations, gauging opinions on expectations of trust, complaints and information handling. Deloitte said its aim was to identify the potential disconnect between organisations and what staff members believe is occurring when it comes to protecting customer data and honouring privacy.

Deloitte Cyber Risk Services partner, Tommy Viljoen, said the majority of companies today had mature website privacy and security controls and policies. But the rise of mobile apps, which are both more open and transparent to users, gave this year’s study new insight in the discrepancies between practices and actual operations.

Read more: Getting prepared for mandatory data breach reporting

What was clear from the report was that bundled consent, T&Cs and privacy policies cannot be relied on for information to be managed appropriately all the time.

“An organisation may feel, for example, it has all the requisite boxes ticked and all its policies and procedures in place. Yet it appears that many staff members may circumvent these processes, and find what they consider to be easier ways of doing things, even if ‘adequate’ monitoring processes are in place,” Viljoen commented.

“To preserve and indeed build trust, organisations need to be authentic. This requires transparency of how customer data is being managed, and staff members who are fully aligned to managing the information safely and securely and so act accordingly.”

Report co-author, Deloitte Cyber Risk advisory director, Marta Ganko, claimed organisations have a big challenge ahead to maintain and/or build trust, develop resilience and create an environment of real consumer and business confidence. She also pointed to a growing global trend for consumers to gain more power over their own data in the face of these issues.

“In Australia, the Productivity Commission has called for greater controls for consumers to both manage access to and the sharing of their data,” Ganko said.

Such provisions already are enacted in other parts of the world, including the European Union and include the Revised Payment Services Directive and the General Data Protection Regulations, she added.

Deloitte’s third annual privacy assessment also ranked the most trusted industries, putting financial services industry at the top of the table again this year, followed by government. Telecommunications and media jumped from 5th to become the third most trusted industry in the index, with energy and utilities, and industrials, rounding out the top five.

Another point made clear in the study was the importance of governance in achieving trusted status. Deloitte found the highest ranking industries have a privacy officer, regular privacy training and require third-parties to notify them in the event of a likely data breach.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, join us on Facebook:, or check us out on

Join the newsletter!

Error: Please check your email address.
Show Comments

Blog Posts

How can a brand remain human in a digital world?

Some commentators estimate that by 2020, 85 per cent of buyer-seller interactions will happen online through social media and video*. That’s only two years away, and pertinent for any marketer.

James Kyd

Global head of brand strategy and marketing, Xero

​Relevance and substance are the keys to marketing’s future

Marketing’s evolution and increased value-add to organisations is making headway in one essential direction: Driving brands to achieve maximum relevance in the heart and minds of customers.

Jean-Luc Ambrosi

Author, marketer

Why doing your job well is the key to innovation

The words ‘power company’ and ‘innovation’ probably don’t seem like a natural combination. In fact, when I first went for a marketing role with an electricity company, I semi-dreaded the work I thought I’d be doing.

Catherine Anderson

Head of marketing, Powershop Australia

When was this article posted?


Report Reveals the Channels That Really Influence Consumer Purchase Decisions

Read more

sorry, I did not see that my first attempt already posted.


5 ways Australian Unity is driving innovation

Read more

Examples of their "innovation": have had problems with them in their "innova...


5 ways Australian Unity is driving innovation

Read more

Examples of their "innovation": have had problems with them in other spheres.


5 ways Australian Unity is driving innovation

Read more

Examples of their "innovation":


5 ways Australian Unity is driving innovation

Read more

Latest Podcast

More podcasts

Sign in