Businesses are failing the digital trust test as their ability to protect customers lags expectations, according to a survey by McKinsey.

It found that while 70 per cent of consumers trust the companies they do business with to protect data, 57 per cent of executives in those companies said they had suffered a material data breach during the past three years.

Bad at assessing risk

In fact, in the past year one in ten consumers stopped doing business with companies that did not protect data. They cited either ethical concerns or data breaches in their responses.

In addition, the survey report – Why digital trust truly matters – found that businesses were bad at assessing their ability to manage digital risk. While 90 per cent of organisations said they were somewhat effective at mitigating digital risk in reality they are not.

“The data show that this assuredness is largely unfounded,” the report said. “Less than a quarter of executives report that their organisations are actively mitigating a variety of digital risks across most of their organisations.” Those included risks posed by AI models, data retention and quality, and lack of talent diversity. While organisations mitigate cybersecurity risk mostly frequently, only 41 per cent of respondents did so.

Building trust

Consumers value services that provide quality, availability, security and privacy, ethics and integrity, transparency and honesty and resiliency, according to the IT trade body ISACA.

If organisations get these metrics right, they can gain competitive advantage over competitors, it said in Digital trust: a modern-day imperative.

The paper specifically warns about the practice of using dark patterns to trick consumers into providing data. These include, for example, displaying a greyed-out “opt out of tracking” button to make it appear that tracking is compulsory when it is not.

“Tricking users into giving consent to use their data,” the report said, “that is, an obscuring data-handling practice, violates digital trust and must be avoided.”

In fact, digital trust between employer and employee is also critical. Businesses need to provide transparent digital tools to their workers that do not embed, for example, hidden monitoring tools.

Read, Why digital trust truly matters

Read, Digital trust: a modern-day imperative