“[Why Are DSRs Important?]
By now, we understand why DSRs are important to your business — if you don’t follow the regulations, they can become one of the greatest financial threats to your organization as well as serious reputation damage to your brand.
But why are they so important to your users? Why can they end up costing tens of millions of dollars if you don’t handle them correctly? Why do people submit DSRs in the first place?
We’ll give you a few reasons:
[It’s a Protected Legal Right.]
The first reason is simple: It’s a protected legal right. When people submit DSRs, they exercise their legal right to control their data. Moreover, some would argue that these privacy rights are like any other human rights out there.
Again, these laws can vary depending on the locations of the users you serve. The GDPR is specifically designed to protect the data security of EU residents or any resident worldwide whose data was processed in the EU.
In the U.S., privacy and more general laws are broken down by industry sector and state. Federally, agencies such as COPPA, HIPAA, GLBA, and FCRA restrict data collection and protect the privacy of information concerning minors, health records, bank records, and credit reports. Overall, the FTC holds companies responsible for following their published privacy policies and requires them to implement reasonable and transparent data practices.
Let's now discuss the U.S. law in more detail. Currently, five other states have similar laws to California's CCPA (which we discussed earlier), and experts expect that many more will pass through 2024. Furthermore, federal legislation will be discussed to approve privacy laws all over the country, not just in states.
So, to summarize: Personal data is often protected by the law, and users can exercise the right to uphold these rights without discrimination. That alone is enough reason for a user to submit a DSR!
[Users Deserve Control Over Data.]
Beyond the laws and regulations, users deserve control over their personal data. As an organization, you are not entitled to this information – if given consent, you can develop your business and create a more positive user experience with this data. But this can only happen if users understand how their data is being used and have control over this.
DSARs help empower this awareness, but DSRs truly put more power in their hands to rectify or remove this data altogether.
Consumers are becoming more aware and proactive about their data in the current privacy landscape. As digital literacy increases, DSRs will likely follow suit. This leaves you two options:
To put DSRs on the back-burner and lose your users’ trust.
Prioritize DSRs as a part of your user experience. Develop a strong data privacy infrastructure that becomes a competitive advantage for your brand.
Recent studies show that over 3 in 4 consumers care most about the security and privacy of their financial data. This was followed by information about their personal identity, medical records, and contact information.
As technology is becoming more and more central to their lives, nearly half of users have had their personal data compromised in the last five years. Most importantly, respondents in both the U.S. and U.K. put more blame on companies for data breaches than on hackers.
This is proof your privacy and security systems play a pivotal role in your user experience. Being able to access and delete information is just another part of the user experience you must invest in. Just like you need a seamless onboarding experience, you need an easy offboarding experience.
Of course, this means it needs to be easy to access and understand. But as a New York Times article reads, the vocabulary used in most privacy policies requires the reading level of those with doctorate degrees and beyond.
In 2021, experts analyzed privacy notices and requests within Fortune 500 companies. Across the 52 companies, they disclosed a total of 4.7 million access, 4.3 million deletions, and 1.6 million “Do Not Sell My Info” requests.
On average, there were 14,998 access requests, 44,704 deletion requests, and 52,500 Do-not-sell requests.
According to Gartner’s research, handling a single data access request costs the organization around $1,600. That could sum up to a massive amount for companies that get a lot of requests.
[Benefits for Businesses Providing an Awesome Experience]
In the end, it’s about protecting your users’ rights and abiding by the laws — but beyond this, an awesome DSR fulfillment experience can make your business stand out.
You can build brand trust and loyalty, as well as avoid public criticism of a bad privacy experience, which so many other corporations try to hide.
You’ll never lose from putting your users’ needs first. So, we’ll begin to learn how to do this by exploring the channels for DSR submission in our next video.”