PLEASE NOTE: Our website uses a technology called cookies to improve your experience. One of the cookies we use is essential for parts of the site to operate and may have already been set. You may delete and block all cookies from this site, but parts of the site will not work. For more information see our privacy policy.

To accept cookies from this site (and hide this notice) please check this box and click the continue button.

HomeThe IssuesOur ServicesOur TeamPublicationsTestimonialsNewsletterContact us

On the case - September 2007

September 2007

Do data protection breaches really lead to brand damage?


Big brands work hard to create “halos” around their products and services but becoming (and remaining) a trusted data controller has only recently become a bankable brand value.


New research by international credit reference and data company Experian suggests that some organisations are still blissfully unaware of the negative impact of a data protection breach. The research contrasts what big brands think about data security with the reactions of their customers. Over a third of the organisations felt that a data breach would have little or no effect on their brands whilst three quarters of their customers said it would affect their decision about using a company again.


It is likely that ABN Amro Bank and Nationwide Building Society, both of whom have had to deal with the fallout from serious data breaches, would endorse these findings.


Yet there is still complacency; a recent damning report from the UK’s House of Lords Science & Technology Committee said the responsibility for protecting users fell to the IT industry, ISP’s and the banks. It criticised the present “Wild West” attitude of leaving Web security up to the individual as unrealistic and pointed to the “extraordinary complacency” of some banks.


Competitive positioning is also a factor. If one brand makes a virtue of careful data management and permission-only marketing it can gain an advantage over rivals. It is not altogether a coincidence that Microsoft - chasing both Yahoo and Google in the US search market - has recently announced that it will it will make search query data anonymous after 18 months by removing cookie IDs, IP addresses and other identifiers from search terms which will be held separately from account information. Readers of this column will remember that Google bowed to pressure from Europe’s data protection Tsars to do something similar just a couple of months ago.


Peer pressure can also have an impact as McDonald’s recently found with an SMS campaign that did not include the required simple unsubscribe in the message. It was the mobile marketing community - through the DMA and the MMA - which hounded McDonald’s for the omission because it ran the risk of bringing the industry into disrepute and could have a negative impact on individuals’ experience of using text as a medium.


Whatever the drivers, data trust is a valuable brand asset, but it can easily evaporate if data breaches become public.

Other recent items: