A new study conducted by the
Ponemon Institute and
TRUSTe shows that a strong commitment to privacy and trust will also have the effect of endearing a company to its customers.
The study, "Most Trusted Companies for Privacy," asked consumers to name companies they felt were most trustworthy with regard to handling personal information. The 6,300 respondents answered Web- and postal-based surveys asking them to choose any companies they preferred among 24 industries, such as banking, healthcare and telecom.
"Good privacy practices are an element of trust and that helps build a brand," says Fran Maier, executive director of TRUSTe, a non-profit organization that offers a privacy certification and seal program. "So [organizations] should look at it more on a strategic than a compliance standpoint. I do think privacy officers at companies are concerned about compliance. But perhaps they would be best to step above it. Obviously they have to be compliant, but [they should] start thinking about how they could leverage the resources they're putting into compliance into building the brand."
Auction site eBay received the highest marks among all companies listed. Also among the top 10 were American Express, Procter & Gamble, Amazon and Hewlett-Packard. "I think that eBay is proactive in managing [privacy] issues," says Dr. Larry Ponemon, founder of Ponemon Institute. "They were one of the first companies that actively tried to educate people about spoofing and phishing. They also have a first rate privacy policy and a strong privacy and business risk management team."
"It wasn't just companies you like, but companies you like and you think are responsible with your personal information," says Maier of the request of study participants. "Most of these companies in the top 10 and top 20 lists really have made a commitment to communicating their privacy and data collection requirements to consumers. We also learned that the things they really care about are that the company does a good job in how they do it; that they don't over-collect information and they're responsible with it and that they don't over-abuse the marketing."
The study also revealed that Internet companies, banks and healthcare organizations were the most trusted, while consumers trusted the privacy practices of hospitality, retail and food service companies the least.
"Internet companies, banks and healthcare companies have been in the bull's eye of compliance issues, legal regulations and/or public perception," says Maier. They did really well, "because they've had to," she says. Regulations such as Gramm Leach Bliley and HIPAA seem to have had a strong impact on consumers' perceptions of trustworthy organizations, Ponemon adds. "An alternative reason for our result is simply that banks and health care organizations are collectors of sensitive personal information, which demands higher privacy and data protection safeguards."
Among the most important factors consumers considered when naming companies were the organization's overall reputation regarding the quality of its product or service, its privacy policy as well as its privacy education and outreach.