Asia Pacific Customers Won’t Accept Data Breaches as a Cost of Doing Business

 Author(s): , Posted on November 16th, 2011

The best business is repeat business – keeping the same customers for a long period of time.

However increased competition through deregulation of many industry sectors such as banking, telecommunications and energy providers, and access to a much wider market to buy from via the Internet, has moved power into the hands of the consumer to decide whether they want to continue doing business with you, or change to someone else.

Customer trust is key to developing customer loyalty.  But it can be quickly eroded if consumers feel that they have been put at risk – such as if they find out that an organisation they have been dealing with has suffered a data security breach.

This is particularly the case in Asia Pacific where, according to the latest Unisys Security Index™, at least 8 in 10 people in Australia, Hong Kong, and New Zealand would stop dealing with an organisation, such as close their account, if they found out that the privacy of their personal information had been compromised.  Of the 12 countries surveyed in the global research study, Australians are the most likely to say they would take such action, with Hong Kong and New Zealand not far behind.

Of course this is what people say they would do, and some sceptics point out that Sony hasn’t exactly fallen in a heap after its recent PlayStation security breaches.  But Sony’s PlayStation customers have made a significant investment in their console and games software so there is a deterrent to simply swap to another gaming platform.  In contrast, we are regularly bombarded with marketing offers from mobile phone carriers, home loan lenders and energy providers with attractive rewards to change over, often with the offer to manage the administration of changing providers for you.  In these “utility” markets it has never been easier to change – and the customer knows it.

The survey also found that many people say they would consider other actions such as publically exposing the issue and taking legal action.  It is almost as though they want to punish the organisation for putting them at risk.

There are currently no laws for mandatory data breach notification in Australia, Hong Kong or New Zealand.  Given the possible reaction of customers some might argue there is no incentive for businesses to tell customers about a data breach.  But organisations do have a responsibility to inform their customers immediately if there has been a breach so that customers can take actions to minimise their vulnerability to financial or identity fraud.  They may even win some brownie points if they are seen to act quickly and helpfully.  Also, consider the impact if an organisation is caught trying to cover up such a breach – damage to reputation and loss of customer trust.  Better to have quick and transparent communication with customers and work with them to reduce their vulnerability.  You have more chance of retaining your customers’ trust that way.

Mandatory data breach laws would make sense if it is found that businesses (and government organisations) fail to act responsibly off their own bat.  But the focus should be on those breaches where there is real risk of harm as a result of the breach (eg access to financial details; risk of identity theft; access to biometric data etc).

The Unisys Security Index (conducted since 2006 in Asia Pacific) has consistently found that the top two security concerns for the public are data security related:  people obtaining/using credit/debit card details; and unauthorised access to/misuse of personal information.

No wonder they are putting business and government on notice that that they are not going to passively accept privacy breaches.

Percent of public saying they would take the following action in the event of a data security breach
Change passwords
on that organisation’s websites and other websites you use
Stop dealing
with that organisation, such as close the account
Publicly expose
the
issue
Take
legal action
Continue dealing
with that organisation, but not online
Australia 88 85 64 47 24
Belgium 88 73 52 32 19
Brazil 90 79 56 86 37
Colombia 92 73 62 60 23
Germany 82 79 52 60 21
Hong Kong 79 81 60 40 36
Mexico 86 84 62 61 44
Netherlands 88 69 42 23 22
New Zealand 91 80 48 36 26
Spain 88 81 61 64 27
UK 83 82 56 54 25
US 87 76 65 53 31

Cheers,
John

Tags: , , , ,


About the Author

John Kendall is the Director of the Border and National Security Program for the global public sector practice at Unisys. Based in Canberra Australia, John has overall responsibility for Unisys border and national security initiatives around the globe. Read all Posts





«Social Computing Enablement – Do You Know What You’re Doing?

Consumerization of IT: Its Impact Upon Enterprise Mobility »






Back To Top
Copyright © Unisys 2017

We use cookies on this site. By using this site, you agree to our use of cookies. To change or learn more, see our Privacy Notice.