Search
SOLUTIONS
SERVICES
CAMPAIGNS
TECHNOLOGY
INSIGHTS
COMPANY
OUR WORK
OUR WORK
CONTACT
CONTACT
Technology

Lawsuit Underscores the Cost of a Consumer Privacy Violation

March 9, 2021 | by Investis Digital
  1. Home
  2. Blog
  3. Technology
  4. Lawsuit Underscores the Cost of a Consumer Privacy Violation
Consumer privacy has escalated into one of the most compelling reputation management issues of our time.

Consumer privacy has escalated into one of the most compelling reputation management issues of our time. A company that fails to respect consumer privacy is vulnerable to paying heavy fines and suffering a negative public relations backlash.

This reality was recently cast into sharp relief when credit-card company Experian was accused in a lawsuit of selling people’s data improperly. The lawsuit says Experian improperly collected data on consumers from sources such as website-tracking cookies and sold it for commercial gain. The action could result in Experian paying damages to nearly every adult in England and Wales, which could cost Experian as much as £34.5 billion – an amount that exceeds the market capitalization of the company.

The lawsuit stems from an October 2020 ruling by the U.K. Information Commissioner’s Office that Experian had sold information about millions of people without their consent, in violation of General Data Protection Regulation (GDPR). An important note is that the commission recognizes that while companies have privacy information on its websites about their activities, it still poses an issue when its privacy information does not clearly explain what they will be doing with user’s data.

As it pertains specifically to Experian’s case, the commission said that by July 21, 2021, they will need to:

  • Set out improvements to privacy information to make clear what personal data is collected, where it has come from, what it is being used for, or who the data is being sold to and why.

  • Delete any data supplied under the lawful basis of consent which is now being processed using a different lawful basis of legitimate interests.

  • Stop the processing of any personal data that has been collected unlawfully.

Failure to do so would result in a fine as heavy £20m, or 4 percent of its global growth, whichever is higher. And mind you, this blow to the company’s reputation came well before the legal action. Companies that have failed to comply will now face two headaches: complying with the commission and responding to a consumer privacy lawsuit that could destroy the organization.

How might a company protect itself from running afoul of the consumer privacy regulations? Unfortunately, the answer is not simple. As Stu White, head of product management and data protection officer, wrote recently on the Investis Digital blog, “ . . . the privacy regulation landscape has become a lot more complex over the past two years. While eventually there is likely to be more standardization in how privacy regulations are applied across the globe, this is a distant ideal that unfortunately won’t be realized for many years to come.”

According to White, this complexity stems from two factors:

  • Regulatory authorities are issuing rulings in cases where they do not fundamentally understand the technology involved.

  • Regulations are made more complicated by global politics. For example, because of the United Kingdom’s divorce from the European Union through Brexit, the United Kingdom may end up with its own consumer privacy legislation apart from GDPR.

There is no one-size-fits-all approach. For instance, there are regional variations for dealing with cookies. How does a business manage regional requirements for consumer opt-in/opt-out? Getting those nuances right is hard and potentially costly.

As a result, a growing number are turning to outside companies for help. Investis Digital is one of them. We offer solutions such as Cookie Manager 2.0 that help businesses stay compliant with privacy regulations. However a business proceeds, we suggest making consumer privacy a year-round job and a C-level priority. The downside of not doing so is too great. To learn how we might help, contact [email protected]

For more information: