This article was written in collaboration with Will Hallisey

Introduction

There was a time when users would click “accept” on terms of service with no real thought as to the destination of their personal information as it disappeared into the ether. The same period in which an overwhelming documentation of life online led to Facebook becoming the largest photo repository in the world with over 15 billion photos and a firm duopoly in targeted advertising. But times have changed and after years of questionable data use by corporations, consumers and legislators consumers will no longer accept such deep intrusions.

With data privacy rules and regulations dominating headlines globally and big data continuing to grow, there is a natural tension that is hard to ignore. We have seen how enterprises (e.g. big tech) have been questioned on their data practices, and companies across all stages are having to quickly adapt and navigate an increasingly intricate policy landscape to ensure the continued use of one of their greatest assets: user-generated data.

Below we will explore how we arrived at our current state, and also highlight the challenge created by the Privacy Paradox — consumers’ expectation of a personalized experience without the use of their personal data. The below will shed light to why Founders have little choice but to recognize that privacy matters, putting this topic front and center of not just politics, but also the boardroom.

Why are we just seeing this now?

The constant headlines of violations and security breaches have brought renewed attention to this topic. In the U.S., for example, violations of user’s privacy rights, and (lack of) security of personal identification information (PII) have led to significant fines with Zoom agreeing to pay $85 million in December 2021 for sharing users’ private information without consent and misrepresenting the application as an end-to-end encrypted service. Furthermore, Facebook settled its own data privacy lawsuit for $90 million in February 2022 for continuing to track users after they log out. As far as breaches, the 2020 Sunburst/Solarwinds hack and the 2017 Equifax intrusion laid bare the PII of hundreds of millions. Under this daily reality of constant breaches of information storage, consumers are increasingly focused on security, reevaluating their third party permissions to their data.

Why are the Implications of a Shift to Privacy Preference Important?

Companies are now being squeezed on both sides resulting in real market capitalization implications. First, they are now limited to how they can use their data assets. Case in point, in early February, Meta Platforms experienced its biggest one-day drop ever after weak growth and an announcement that Apple’s IOS privacy changes would affect ad targeting and analytics, resulting in a $10 billion decline in revenue for the year.

Second, a shift to privacy focused user experiences compounded by government scrutiny of data gathering and tracking practices has required a significant shift, with companies spending more to ensure proper use of such data. This is becoming increasingly difficult with seventy-one percent of consumers expecting companies to deliver personalized interactions. And seventy-six percent get frustrated when this doesn’t happen. Balancing this with the multiple reports and studies indicating that a majority of Americans are uncomfortable with how companies are using their data.

In building technologies that enable curation, moderation, and autonomy over provided information and to protect personal data from exploitation by advertisers, demand for data privacy has expanded massively. Specifically, the global data privacy software market size is expected to reach $17.75 billion by 2028, with a compound annual growth rate of 41.5% across the forecast timeline. And with increasingly widespread adoption of 5G (global market valued expected to be valued at $620.72 billion by 2030), an expanding of IoT (global market valued expected to be valued $12.6 trillion in value by 2030) and growth in other relevant spaces, concerns around confidential and personal information have increased just as quickly, kept in focus by large and constant network intrusions and the theft of personal information.

A New Approach to Privacy-First Company Building

This paradox between individuals wanting a more personalized experience, but not having their data used showcases the natural tension between monetizing data as an asset and respecting the privacy of the individual. And because data privacy law is a patchwork across countries and regions, it is important for companies to “localize” data privacy as they would any other feature of their product. This may require different user interfaces, features, or processes, but it is necessary to abide by regional requirements to avoid consumer backlash. Understanding the cost burden is real, I am reminded of the famous quote “If you think the cost of compliance is expensive, try non-compliance.” And all this cost is not money out the door — it is an opportunity for companies to build a respected brand and a deep customer loyalty based on informed data usage.

There is a unique competitive advantage in building privacy-first platforms that understand the protection of personal data as a fundamental standard, including reduced cost through proactive, not reactive countermeasures, increased investor confidence, and deterrence of intruders. Granted, easier said than done. Taylor Culver, an expert in bridging the gap between data and people, highlights this challenge and argues that “…data leaders struggle with finding a path to success because there is no universally proven roadmap to success.” Partly because there is no universally agreed-upon framework to extract the value of data.

The general theme around privacy regulations is that privacy, by nature, is personal, and it should remain such. Therefore, data privacy has to be viewed through a national, regional and individual lens. Especially important in times of uncertainty and volatility, managing data volume and regulatory responsibilities to build customer trust and loyalty will be crucial — with a heavy majority of customers (88%) who believe trust becomes more important in times of change.

With data protection essential to building a business trusted by its customers, it’s important for investors and company founders to have an educated understanding of data management — and an internal framework of how to best extract value from such data. This understanding is essential in weighing the risk / opportunity calculus data management poses when considering new products, operations, or even expanding into new regions.