The Deloitte Australian Privacy Index 2016, which examined the practices of 116 companies, ranked banking and finance the “most trusted" of 13 sectors – followed by government, energy and insurance.
“Australians, whether Millennials or Baby Boomers, want to be confident that the organisations with which they entrust their personal data, are reliable, and that they treat their information with respect,” Tommy Viljoen, Deloitte’s national lead partner of cyber risk services, said.
“One of the most telling findings in this year’s consumer survey is that 94 per cent of the 1,000 participants value trust over convenience, whether using a website or a mobile app.”
The study also found that 67 per cent of respondents are concerned when organisations send personal information outside Australia.
Deloitte’s client manager of cyber risk services, Marta Ganko, said that as organisations collect and share more of their customers’ data with external parties, consumer confidence, trust, choice, as well as commercial interests, become important elements to balance in an increasingly “digitally borderless” world.
“This requires organisations to break down their own borders and operate transparently to continue building trust with consumers,” she said.
Ms Ganko added that the combination of emerging privacy regulation and the common practice of sharing data have highlighted new types of borders.
“National borders are obvious. However, there are more subtle borders such as those between organisations and their subsidiaries or third parties,” she said.
The organisations which did well in the study had mobile apps with a policy notification, provided a complete list of countries to which they disclose data and allowed users to restrict application permissions.
“Until now, the majority of organisations in Australia have only had to consider local privacy laws,” Ms Ganko said.
“However, the need to maximise commercial opportunities, implement efficiencies and reduce costs has led organisations to engage or partner with third parties, which are often located overseas and so are subject to different and sometimes more stringent laws.
“This means that Australian-based organisations have to now consider global approaches to managing privacy risks associated with trust and reputation.”