Secure your business

Oversharing or over sharing? Millennials and data privacy

Highlights
  • Millennials have grown up on technology, they readily shop online and share on social media.
  • They require organisations justify asking for their personal information by providing value in return.
  • Knowing that breaches can happen, Millennials expect corporate transparency and strong data-protection policies.

The security of personal information submitted online is a hot-button issue. We investigate how generation Y approaches privacy.

Millennials are a driving force in today’s digital marketplace. They’re shopping online while scrolling through their emails for deals and discounts. They like and share products across all social media channels. And they’re filling out forms and submitting orders at the tap of a fingertip or click of a mouse, entrusting their contact and payment information to just about any company. 

Female using tablet in skyline

We know that older generations are typically far more hesitant to part with their personal details online. Are Millennials overconfident or naive about the security of their personal information?

How Millennials are different

In considering Millennials’ expectations, we must first look at what differentiates this generation from those that came before. Millennials are digital natives, born and raised on a stream of information. They’ve grown up with the internet. They’re not afraid of technology and have happily integrated it into every aspect of their lives.  

While digital natives live and breathe technology, only some are aware of how their devices work. “When you’re teaching a large security class – and I have taught them – it goes from complete boredom on one end because they’ve got no interest, and complete boredom on the other end because they already know everything you’re trying to tell them,” says Professor Jill Slay, director of the Australian Centre for Cybersecurity.

Those who are tech-savvy are aware of the risks of data interception and loss, and they’re the ones who take steps to secure their personal information – using virtual private networks (VPNs) when browsing and services that encrypt their data. Those who aren’t savvy often don’t know how to add this layer of personal security.

Digital natives who are unfamiliar with the back-end workings of their electronic world usually follow two trends: they limit what personal information they share over the internet; second, they only entrust their information to service providers they perceive as having a sound security set-up.

Personal data as currency

“When it comes to the security of personal data, everyone is concerned – but younger generations tend to want more details and to be more actively involved in deciding what information they are willing to trade for benefits,” Commonwealth Bank of Australia’s Head of Business Unit Cyber Architecture and Application Assurance, Brendan Hopper, says.

“Younger generations tend to want more details and to be more actively involved in deciding what information they are willing to trade for benefits.” 

Brendan Hopper, Head of Business Unit Cyber Architecture and Application Assurance, Commonwealth Bank of Australia

In Hopper’s experience, younger customers want to know why an organisation needs each item of personal information about them. Asking for details without providing a good reason will alienate these customers. However, when given a strong reason, digital natives may open up to sharing additional information. In this case, says Hopper, “the younger generation sees personal data almost as a form of currency”.

Reputation matters

However, Millennials are only likely to hand over this currency if they think their service provider will store it securely, and this perception can vary from industry to industry. While insurance providers and banks are often seen as safe information keepers, it still comes down to the individual brand’s reputation: past performance shapes customer expectations.

An organisation can enhance its reputation by adopting a transparent data-handling policy. Using a dedicated channel such as a page on its website or app, an organisation can map out what data it collects and why, how it’s stored, and who has access to it. Patrick Kelso, A consulting CTO/CISO for SME and Non-Profit Enterprises with a background in financial institutions, recommends giving customers the power to have their personal data deleted.

“You should be making sure people know what information you have, who else has access to it and in what circumstance they can make you remove that information, even if there’s no law,” Kelso says. “Make it a voluntary thing: ‘if you want that information gone, we’ll delete it’.”

Transparency and reporting

Kelso also says brands can perform audits of their privacy procedures and post the findings to show how these procedures adhere to the Australian Privacy Principles under the Privacy Act (1988).

Hopper notes that younger generations have also grown up with security breaches. While they accept breaches will happen occasionally, digital natives want to know how their service provider will take action to protect their interests.

“One example is mandatory breach reporting,” says Ajoy Ghosh, CISO for icare, the NSW government’s insurance and care services provider. By making reporting mandatory, it orients the organisation’s culture towards protecting the client, and this reinforces trust.”

Of course, every business should have a security framework worthy of the trust it inspires in digital natives. “If you have the data, you need make sure access is restricted, that it’s always encrypted, and if you’re transferring it from one computer to another, the data is encrypted during transfer as well,” Kelso says. “And these are all well-established, proven technologies that are easy to use.”

Between strong digital measures and an open dialogue with clients, service providers maintain the confidence of both tech-savvy and tech-shy Millennials – as well as everyone else.

Learn how to proactively defend your business, brand, infrastructure and information assets against internal and external threats, with the Telstra Cyber Security Report 2017. Download the report.

Download now

Related News

How to create an empowered and productive workforce
Liberate your workforce
Liberate your workforce
How to create an empowered and productive workforce

To meet the demands of a modern workforce, business leaders must decide on the right platform and implementation strategies for their business while catering to current conditi...

Two business partners working outside
Liberate your workforce
Liberate your workforce
How to drive workplace innovation with new technologies

The hunger for staying ahead of the pack as new technologies pave the way for change is especially important in the workplace. We discover the best ways to harness new tech and...

Man holding tablet and post it notes
Liberate your workforce
Liberate your workforce
How digital transformation can enhance your CX

Australian business leaders are waking up to the benefits of enhanced customer experience (CX) on their bottom line, and it impacts more than just customer care and marketing d...

Data sheds light on shadow IT
Optimise your IT
Optimise your IT
Data sheds light on shadow IT

The rise of “shadow IT” has seen various corporate departments take control of their own data and prevent central IT from managing service and costs effectively.