Finance industry ‘most trusted’ with data, study finds

According to the Deloitte Australian Privacy Index 2016, which is an assessment of the privacy practices of 116 companies, consumers trust organisations that use their information "reliably and respectfully".

On a list of 13 industries, banking and finance came out on top as the most trusted, followed by government, energy and insurance.

"Australians, whether millennials or baby boomers, want to be confident that the organisations with which they entrust their personal data are reliable, and that they treat their information with respect," said Deloitte national lead partner, cyber risk services, Tommy Viljoen.

"One of the most telling findings in this year's consumer survey is that 94 per cent of the 1,000 participants value trust over convenience, whether using a website or a mobile app."

The study also found that 67 per cent of respondents are concerned when organisations send personal information outside of Australia. About 22 per cent of consumers chose to complain after experiencing a privacy issue (see chart).

Deloitte client manager, cyber risk services, Marta Ganko said: "As organisations collect and share more of their customers' data with external parties, consumer confidence, trust, choice, as well as commercial interests, become important elements to balance in an increasingly digitally borderless world."

"This requires organisations to break down their own borders and operate transparently to continue building trust with consumers," she said.

Ms Ganko added that the combination of emerging privacy regulation and the common practice of sharing data have highlighted new types of borders.

"National borders are obvious; however, there are more subtle borders such as those between organisations and their subsidiaries or third parties," she said.

The organisations that did well in the study had mobile apps with a policy notification, provided a complete list of countries to which they disclose data and allowed users to restrict application permissions.

"Until now, the majority of organisations in Australia have only had to consider local privacy laws. However, the need to maximise commercial opportunities, implement efficiencies and reduce costs has led organisations to engage or partner with third parties, which are often located overseas and so are subject to different and sometimes more stringent laws," Ms Ganko said.

"This means that Australian-based organisations have to now consider global approaches to managing privacy risks associated with trust and reputation."