Lack of awareness about privacy laws is largely because these regulations are not part of business-critical activities like taxation and licensing, so says a recent research conducted by WorldWideWorx and commissioned by global technology company, Zoho.
The researchers emphasised why businesses need to protect their customer’s data which is part of building trust and loyalty. In other words, businesses with much fancy for third-party personal data trackers are going to face hurdles because people are going to provide them (the trackers) with lesser personal data.
Thus, targeted digital advertising; the practice of delivering promotional content to users through various online and digital channels and/or leveraging mediums such as social media, email, search engines, mobile apps, affiliate programs and websites to show advertisements and messages to audiences, will witness some changes. The reason is not far-fetched as data protection regulations are changing the dynamics of customer data storage and usage. In some cases, a violation attracts sever punishments.
Africa is also coming up with such regulations. In Nigeria already companies have been sanctioned due to breaches of the Nigeria Data Protection Regulation (2019) and in South Africa the government is coming up with an Act and a regulatory body.
In this interview Andrew Bourne, Zoho’s Regional Manager for the Africa region tells us more about the research findings as they relate to individuals, businesses and governments.
Andrew is based in Cape Town, South Africa. He has more than 15 years of experience in sales and marketing, and has spent the last five years focusing on the implementation and testing of various business technologies. He is very passionate about Zoho and has exceptional insight into the business and marketing world.
Why do you think strict adherence to data privacy laws is important to the survival of businesses today?
Data privacy is important because you are handling customer’s data and in any business the customer comes first. So, you need to know where their information is going; it is protected. If anything negative happens to the data it comes back to you as a company; probably due to your negligence. In other words, handling your customer’s data badly will have a negative impact on your business. That is why we have seen a lot of companies that have already started complying with the GDPR – General Data Protection Regulation – which is the European data protection law. Trends have shown that a lot of African countries are releasing their data protection law.
Luckily enough, a lot of those laws are in line with the GDPR. So, the technologies that the companies are using allow them to be able to switch on to protect their customers’ data.
But, one thing we are looking at in this research paper was the third-party trackers. We found that part of what businesses don’t fully understand is where their data is being stored and they are not confident with how these third-party trackers are storing the data.
They are quite confident when the data is collected because it is quite simple and easy, but they are not too confident about the data storage.
Can you give us more highlights of the recent study by Zoho?
A lot of companies feel they can’t move away from using these third-party trackers. And one quick fix is that it is easy to advertise through these platforms like Facebook and Google. Secondly, the trackers assist them with revenue generation. But we do see that about 15% of the respondents do not need the Facebook or Google advertising; you see companies like Apple putting in their phone an application to either allow or decline from a company tracking you.
They have also demoed this with the release of the new Apple iOS 14.5 Privacy Update. iOS users are now given the option to indicate if they want to be tracked or not.
Only 13% said Yes, they are happy to be tracked. 87% said No, and opted not to be tracked.
There are companies that appreciate the need to adhere to data protection policies but at the same time, they have low awareness with regards to government policies that guide their activities. What do you think is responsible for this?
Yes. In Nigeria, about 72% of the surveyed businesses are not aware of the provisions of NDPR – Nigeria Data Protection Regulation. But, then, they have commitment to their customers because they strongly believe that the customer is the most important person. So, the government trying to enforce compliance is not necessarily important to them.
In South Africa, by July 1, 2021, the Act will come into force; there will be a regulator in place. Therefore, if companies are not abiding by the provisions of the law people will be able to report them to the regulator.
So, once judgement is passed and enforcement followed to the later, then, more companies will begin to take the policy more seriously. But at this point in time, obviously, there hasn’t been much concern because there hasn’t been any major enforcement.
Whether in Nigeria or South Africa, businesses will become more cautious of the regulations when major enforcements are announced.
In your recent article, you discussed the need for organisations to protect their employees’ data. If you flip that, do you think most employees understand the data protection rules or policies of where they work?
It is actually the company’s role to make it easy for their employees to understand it. A lot of policies are drafted by the legal departments using legal terms and in long documents which some employees might find difficult to digest. Making the policies easily understandable; maybe in plain English and bullet points, is a great step to communicating effectively to the staff members.
It stays on their mind as they go about interacting with the customers or other activities within the organisation.
Can you estimate the cost or pressure companies are facing due to both keeping third-party trackers and adherence to government data regulations?
The truth is that companies are getting revenues from the third-party trackers – assisting them in business generation and have proven themselves as cost-effective ways of marketing. So, it is going to be very difficult and depends on what the law says about the practice.
What I think is that the law will make it a lot harder to target your advertising because people will be feeding the platforms such as Google and Facebook with lesser personal information. So, that is what companies should look at: the way you use the data you have about your current customers.
It is very important. You will need to give them a very good customer experience so they go out and market your business to both friends and family, because I think it will become more difficult to narrow down your target market in these advertising platforms.
For companies using Zoho products/solutions, do you issue advisories to them on how to achieve data protection goals?
Exactly! Our technology allows you to manage customer experience. So, whether it is your support desk or CRM system; maybe you want to automatically wish your customer a happy birthday or anniversary celebration or you want to remind them there is a service coming up, Zoho’s technology allows you to do that.
We also have GDPR compliance; so you can switch on all the consent settings. You also further encrypt some private or personal information.
So, Zoho goes a long way to make sure that the privacy of our customers and privacy of their customers (they collect data from) is secured.
Many companies are applying AI tools to their businesses without understanding the data privacy policies. What should be the attitude of such organisations moving forward, especially as data protection regulations are receiving attention in Africa?
They need to read and understand the privacy policies and security policies of the AI tools they are using. They also need to understand what that AI is doing. For instance, in Zoho, our AI allows you to switch in details in all our applications. They also tell you the best time to email a customer.
It is not like it collects one’s data and circulates the same across systems. No. it is just an internal system. But if you are using AI to take people’s personal information then you need to be more careful. You really need to read the security policies of those AI tools before deploying them in your system, especially to ensure the safety of your customer’s data.
In the course of the recent survey commissioned by Zoho, what are the areas you think Africa as a Continent is performing great and areas that call for concern?
I think data transformation is taking shape in Africa. A lot of companies have been digitally transformed as well as the world. Everybody is using technology now to make things easier for people. One thing that was really good to see was there are a lot of companies that are ready to be digitally transformed.
Bearing in mind, in Nigeria, the majority of the respondents were between ages 18 and 44; such a young generation of business enthusiasts. It is important that they are ready to be digitally transformed.
What should the African market be expecting from Zoho in the nearest future?
We are going to keep pushing awareness. People need to be aware of the behaviours of these third-party trackers. Like I said earlier, Apple has really done well in trying to create more awareness.
Also, Zoho is going to keep providing its technology at an affordable price in Africa to make it easy for companies in the region to store and manage their customer data in a much secured environment.
So, we will keep pushing awareness and doing research to see exactly what is happening and give feedback to the market.
I think it is very important that companies start managing the data that they get from the customers; obviously manage the consent and they make sure that the service they offer the customer is valuable, so they can be happy with you and possibly promote your business to other people. It is going to be more difficult for targeted advertising.
If you consider what Facebook has faced in Europe and the recent challenges Twitter has faced India and then Nigeria; but then in Africa we haven’t seen a major sanction on third-party ad trackers, aren’t you concerned that the Continent has a porous data protection pipeline?
I think it is coming. It is just a matter of time. The African governments do take examples from Europe and other governments to advise them on certain policies. I think it is important that governments have to protect their citizens’ data. We will see African countries will follow in that direction.