Gary DavisGary Davis

As consumers become more connected—in their day-to-day interactions to their usage of advanced tech and devices—their personal information becomes more exposed and at risk than ever. Consumer experiences continue to prioritize convenience and personalization, from online shopping and booking travel to easy sign-in across personal accounts. Similarly, devices aim to make life easier and connect consumers to family, friends, work, their homes and more. And today’s consumers have come to expect this.

While such services and products have certainly proven effective for users, if data and privacy aren’t prioritized by the brands creating these in-demand experiences, the various touchpoints with consumer information leaves the door open for breaches and hacks.

Recently, it seems that privacy and security breaches now drive news cycles, with massive data breaches, potential customer information at risk and misuse of personal data making headlines far too often. Ongoing conversations surrounding GDPR, the Cambridge Analytica scandal and recent Collections where billions of usernames and passwords were made available for sale on the dark web are just a few examples.

Such hacks not only impact users but brands’ integrity, reputation and overall consumer loyalty. And often, the one on the frontline handling such crises is the PR professional. However, bouncing back from data mismanagement or a security breach is more than just a PR challenge; it has significant and lasting costs, trust and reputation implications. In some cases, reputation and financial recovery time have taken up to a year or more.

So, just managing the crisis as it happens shouldn’t be the PR team’s only purview. Brands must understand the role effective communications plays in earning and maintaining consumer trust during both good and bad times. It no longer suffices for companies to exclusively prioritize IT departments or teams when it comes to data privacy policies or concerns; they must be in alignment with communications and marketing teams to ensure those teams are equipped to manage any situation that may come their way.

Data is currency, and its misuse shouldn’t be taken lightly. Businesses can easily find themselves in a position where they’re responsible for additional costs or decrease in revenue, loss of brand value from consumers and stakeholders or damaged reputation. These results can impact clicks on ads, purchasing and usage habits, the withholding of personal info and more. According to the NCSA U.S. Consumer Privacy Index, privacy concerns this year have led to a decrease in consumer trust and brand engagement. In fact, key findings show that:

  • 51 percent of consumers haven’t clicked an online ad.
  • 44 percent of consumers have withheld personal information.
  • 36 percent of consumers have stopped using a website.
  • 32 percent of consumers haven’t downloaded an app or product.
  • 29 percent of consumers have stopped using an app.
  • 28 percent of consumers stopped an online transaction.
  • 74 percent of consumers have limited their online activity.

It’s important to note that a responsibility to protect sensitive personal data isn’t one-sided. It falls on both companies that harbor consumer data as well as users’ best practices when it comes to personal information. However, brands now more than ever must prioritize data security and privacy in order to remain competitive in today’s digitally driven, device first market; they must not only practice it as a key brand pillar, but must have a plan ready and practiced should things go awry.

Unfortunately, data breaches aren’t always preventable, and while cybersecurity firms continue to chime in regarding better data privacy practices, there’s a new imperative call to action to add to the mix. Brands must do their due-diligence to align with and leverage communications and marketing departments during the good and bad to showcase their data and privacy efforts. This can be done in simple yet effective ways, including:

  • Collect only data that’s needed to deliver your service.
  • Be transparent about data usage and use layman’s language as opposed to technical legalese.
  • Use simple language in describing use of consumer information and make it readily available.
  • Use privacy as a differentiator from competitors, but only if your company genuinely embraces a privacy-first business model.
  • Stay informed on the current state of all things data and privacy, and use readily available knowledge on the subject to improve current strategies.
  • Build a crisis communications plan and plan for the worst.

In today’s hyper-connected world, brands face the risk of data breaches, cyber-attacks and more. While this might be the cost of doing business, sticking your head in the sand to ignore this reality isn’t going to cut it. PR teams are often on the frontline of handling issues and have experience in understanding how such news will be amplified through media, online forums, social media and more.

Brands must involve their communications teams in developing a crisis communications plan for any situation—and before anything actually happens—in order to have a unified approach that not only uses best practices, but also plans effectively for how they’ll communicate to customers, partners and the world if the worst happens. For businesses to effectively survive in today’s risky world, PR teams no longer just deserve a seat at the table, they should demand it.


Gary Davis is Chief Consumer Security Evangelist at McAfee.