Search
Close this search box.

Fines for data mishandling won’t be the greatest cost to your business. Fixing reputational damage will be.

While a minimum $50m fine is not to be sneezed at, that could be just the beginning of your financial woes if your brand experiences a data breach.

In November, the Albanese government approved legislation to significantly increase penalties for repeated or serious privacy breaches. 

The Privacy Legislation Amendment Bill increased the maximum penalty for serious or repeated breaches from $2.22 million to $50 million, or three times the value of any benefit obtained through the misuse of information; or 30 per cent of a company’s adjusted turnover in the relevant period – whichever is the greater. 

According to the government, the larger penalties send a clear message to companies that they must do better to protect the data they collect.

And that’s just Australian fines. Did you know that a foreign national interacting with your brand is often subject to the laws of their country? For example, a German on holiday in New York interacts with your Australian website and provides their name and home address. They, and their data, are still subject to GDPR, which earlier this year issued a fine to US company Meta for €1.2 billion ($1.9b AUD).

No matter the size of the fine, Matthew Hauck, COO of web security company Ensighten says this will likely turn out to be the second biggest cost for businesses that mishandle data.

The greater financial impact will be the hit to reputational damage and the associated costs incurred trying to fix it. This is backed by a Forbes report that found 46 per cent of organisations “experienced damage to their reputation and brand value” after a cybersecurity breach.

Speaking to Digital Balance customers recently, Hauck said: “Loyalty and brand trust are elements brands compete on and the way they manage data is fast becoming integral to the way consumers view them.

“Brands that produce negative press, because they didn’t protect customer data, will incur not only the cost of the regulatory fines and consequences from civil action but also the cost of repairing that reputational damage.”

According to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was USD 4.45 million, a 15 per cent increase over three years.

Couple that with the finding that 65 per cent of customers lose trust in a company after a data breach and that 85 per cent of customers would stop engaging with that company altogether and you can see the impact this would have on the bottom line.

To mitigate this risk, Ensighten’s Hauck cautions against siloing data within organisations.

“If you have systems that contribute to go-to-market motions, the people who control those systems will inevitably be intertwined with your strategy as a marketer and your desire to continue to serve your customers in the way that you do today. So if you’re pulling information from a CRM, it’s important there is evidence that data was sourced responsibly and in accordance with the law.

“If you’re using information that is first party to your brand, that you’ve collected yourself, you’re probably on pretty solid ground. But if you’re using an integrated system or something that was subscribed to or a list that you purchased, there’s probably a bit more diligence you want to undertake.”

Given the ACCC’s new focus on third-party data brokers, this is another reason to rethink your use of third-party data. Bear in mind also that 19 per cent of organisations included in the Forbes report suffered reputation and brand damage as a result of third-party security breaches.

Being proactive about data security will save your business money in the long run with the IBM Cost of a Data Breach Report estimating the average savings for organisations that use security AI and automation extensively is USD 1.76 million compared to organisations that don’t.

Looking after your data will also provide brand benefits in the long term. Hauck noted: “Brands that manage data well will build a reputation that enables them to collect more data because their customers are more willing to give it to them knowing it is in safe hands.

“Those brands will be able to act in strategic, targeted ways while brands that mishandle data will increasingly find themselves coming up short in the ability to personalise their offering.”

Clearly, attention to data protection is no longer optional for businesses. That is unless you’re willing to wear the financial impact of reputational damage leading to customer losses and reduced access to data which will ultimately hinder your brand’s long-term viability.


This article first appeared in AdNews Australia

Contact us

to discuss a range of services and support to suit your business needs and goals.

* Required field

Latest Blog Posts

Need Some Help?

We can work onsite or remotely with you and your team to provide capacity uplift or ongoing support as you need.

Need additional MarTech resources to supplement your team for special projects or to provide given expertise?

Data quality and integrity is key to any data strategy. We undertake audits and health checks that can give you peace of mind.

If you know your data could be working harder, but you’re not sure where to start, we can help.

We can help you build dynamic dashboards based on important metrics to fully inform the business.

Is it a CDP or a DMP that is right for your organisation? Let us help you work through the pros and cons.

Let us show you how to bring your online and offline data together to create a best picture of your customers.

Free assessments

Martech Talks: The End Of Cookies

This webinar was recorded in May 2024.

Note that the information contained in this presentation should not be taken as legal advice. Digital Balance and its partners recommend that you undertake your own legal investigation.

Martech Talks: The Four Stages Of Attribution Excellence

This webinar was recorded in April 2024.

Download the full 2024 Digital Experience Benchmarks report from Contentsquare.

Note that the information contained in this presentation should not be taken as legal advice. Digital Balance and its partners recommend that you undertake your own legal investigation.

Martech Talks: The Four Stages Of Attribution Excellence

This webinar was recorded in October 2023.

Note that the information contained in this presentation should not be taken as legal advice. Digital Balance and its partners recommend that you undertake your own legal investigation.

Martech Talks: Privacy and Data Governance

This webinar was recorded in August 2023.

Note that the information contained in this presentation should not be taken as legal advice. Digital Balance and its partners recommend that you undertake your own legal investigation.

Martech Talks: Privacy Changes and Data Security

This webinar was recorded in July 2023.

 

Note that the information contained in this presentation should not be taken as legal advice. Digital Balance and its partners recommend that you undertake your own legal investigation.