EU Managing Director | TRUSTe
In our data-driven world, it is vital that businesses know how to win and maintain consumer trust online. In the EU this can sometimes seem even more complicated because of the increasing complexity of privacy regulations and the different approaches to implementation across 27 Member States.
With the introduction of the EU Cookie Directive and the proposed EU Data Protection Regulation, there have been concerted efforts by regulators to set common standards for data privacy across the EU. But as anyone doing business in the EU should be aware, there are still markedly different approaches to compliance and consumer attitudes across key EU markets.
Based on our comprehensive research and analysis, here are six practical privacy steps you can take to win the trust of EU consumers:
- Audit the tracking activity on your website
You’ve worked hard to bring engaged visitors to your website, but chances are you’re not the only one greeting them when they arrive. Most websites today have invisible third-party trackers that collect data about site visitors. In order to comply with the EU Cookie Directive, and provide transparency and choice for customers, you must first have a thorough understanding and awareness of the trackers that are on your site.
We used the TRUSTe deep-scanning tracker technology to provide a snapshot of cookie usage on the homepages of the top 50 websites in France, Germany, Great Britain and the Netherlands in November 2012. We found that French websites were dropping nearly twice as many third-party cookies (434) on their homepages as websites in the Netherlands (237). Do you know what’s happening on your site?
2. Check the exact compliance requirements of all the countries where you are doing business in the EU
Since 2009, all but two EU Member States have passed their own Cookie Laws that implement the Cookie Directive. However, these Cookie Laws are not uniform, and t vary in the standard of consent required – reflecting the differences between each Member Countries’ data protections laws. This in turn has resulted in a confusing patchwork of compliance obligations.
If your business is operating in more than one EU country, then you need to ensure that you are compliant with the different requirements of each of the countries. Check with the map above of EU member countries by consent standard as of November 2012.
3. Provide users with notice of the tracking on your site and provide them with a way to opt out on your site
It is not just a legal requirement under the EU Cookie Directive, our research has shown that EU consumers have high levels of privacy concerns and 83% of them thought that companies should get their permission before tracking them online.
The consequences of getting this wrong for businesses are significant with 36% of French consumers choosing not to visit a company website due to privacy concerns and 34% of German consumers not using a smartphone app. Across four key European markets, 68% of consumers expected companies to comply with the Cookie Directive and an average of 41% planned to only visit websites that did.
Tools such as the TRUSTed Consent Manager make it simple to give notice and offer users a way to opt out of the tracking on your site.
4. Work with an external privacy management expert to review your online privacy practices
Depending on the size of your organisation, and the privacy expertise available in-house, you may find it helpful to consult a privacy expert who can ensure that your traditional website and mobile-optimised privacy policies are fit for purpose.
A review of your privacy practices can also help identify any potential privacy threats or risks to your business that you might not be aware of.
5. Let your customers know how good your privacy practices are by displaying a privacy certification or seal
One of the most straightforward ways to win trust is to be transparent and reassure your customers that you use best practices for protecting their privacy. Research in July this year found that 60% of UK users look for privacy seals on a website. In our EU research, 62% of French consumers, 57% of German and British consumers and 49% of Dutch consumers trusted a website more if they saw a certification or seal.
There are a number of different privacy seals available in the EU, but research has shown that TRUSTe is the #1 online privacy brand in the UK with 50% consumer awareness. More than 5,000 online properties worldwide display the green TRUSTe Certified Privacy Seal ® on their websites or in their apps – including businesses in the UK, France and the Netherlands.
6. Ensure that any advertising on your site is compliant with latest EDAA guidelines and consumers can opt out through the interactive icon
October saw the launch of the European Interactive Digital Advertising Alliance (EDAA). The EDAA is responsible for the licensing of an interactive icon to identify ads on all websites that are delivered to internet users through online behavioural advertising (OBA), as part of the pan-European self-regulatory programme. Consumers will be able to access a preference manager directly from the interactive icon on the online ad allowing them to opt out from OBA.
Our research showed that 79% of UK consumers are aware of online behavioural advertising (OBA) and 53% of do not like it. However, the research also showed that good privacy practices make a difference and 42% of consumers were more favourable about advertisers if presented with the EDAA programme. You can find out more information at the EDAA website www.edaa.eu.
Over the past six months at TRUSTe we have conducted comprehensive research into the attitudes of EU consumers to data privacy, in-depth analysis of the tracking activities and compliance on top EU websites, and reviewed the business impact of robust privacy compliance solutions.
We have highlighted some of our findings here but for more detailed consumer insights, relevant statistics and policy guidelines download your copy of the free TRUSTe Whitepaper “Winning the Trust of EU Consumers” here.