Secure your business

Oversharing or over sharing? Millennials and data privacy

Highlights
  • Millennials have grown up on technology, they readily shop online and share on social media.
  • They require organisations justify asking for their personal information by providing value in return.
  • Knowing that breaches can happen, Millennials expect corporate transparency and strong data-protection policies.

The security of personal information submitted online is a hot-button issue. We investigate how generation Y approaches privacy.

Millennials are a driving force in today’s digital marketplace. They’re shopping online while scrolling through their emails for deals and discounts. They like and share products across all social media channels. And they’re filling out forms and submitting orders at the tap of a fingertip or click of a mouse, entrusting their contact and payment information to just about any company. 

Female using tablet in skyline

We know that older generations are typically far more hesitant to part with their personal details online. Are Millennials overconfident or naive about the security of their personal information?

How Millennials are different

In considering Millennials’ expectations, we must first look at what differentiates this generation from those that came before. Millennials are digital natives, born and raised on a stream of information. They’ve grown up with the internet. They’re not afraid of technology and have happily integrated it into every aspect of their lives.  

While digital natives live and breathe technology, only some are aware of how their devices work. “When you’re teaching a large security class – and I have taught them – it goes from complete boredom on one end because they’ve got no interest, and complete boredom on the other end because they already know everything you’re trying to tell them,” says Professor Jill Slay, director of the Australian Centre for Cybersecurity.

Those who are tech-savvy are aware of the risks of data interception and loss, and they’re the ones who take steps to secure their personal information – using virtual private networks (VPNs) when browsing and services that encrypt their data. Those who aren’t savvy often don’t know how to add this layer of personal security.

Digital natives who are unfamiliar with the back-end workings of their electronic world usually follow two trends: they limit what personal information they share over the internet; second, they only entrust their information to service providers they perceive as having a sound security set-up.

Personal data as currency

“When it comes to the security of personal data, everyone is concerned – but younger generations tend to want more details and to be more actively involved in deciding what information they are willing to trade for benefits,” Commonwealth Bank of Australia’s Head of Business Unit Cyber Architecture and Application Assurance, Brendan Hopper, says.

“Younger generations tend to want more details and to be more actively involved in deciding what information they are willing to trade for benefits.” 

Brendan Hopper, Head of Business Unit Cyber Architecture and Application Assurance, Commonwealth Bank of Australia

In Hopper’s experience, younger customers want to know why an organisation needs each item of personal information about them. Asking for details without providing a good reason will alienate these customers. However, when given a strong reason, digital natives may open up to sharing additional information. In this case, says Hopper, “the younger generation sees personal data almost as a form of currency”.

Reputation matters

However, Millennials are only likely to hand over this currency if they think their service provider will store it securely, and this perception can vary from industry to industry. While insurance providers and banks are often seen as safe information keepers, it still comes down to the individual brand’s reputation: past performance shapes customer expectations.

An organisation can enhance its reputation by adopting a transparent data-handling policy. Using a dedicated channel such as a page on its website or app, an organisation can map out what data it collects and why, how it’s stored, and who has access to it. Patrick Kelso, A consulting CTO/CISO for SME and Non-Profit Enterprises with a background in financial institutions, recommends giving customers the power to have their personal data deleted.

“You should be making sure people know what information you have, who else has access to it and in what circumstance they can make you remove that information, even if there’s no law,” Kelso says. “Make it a voluntary thing: ‘if you want that information gone, we’ll delete it’.”

Transparency and reporting

Kelso also says brands can perform audits of their privacy procedures and post the findings to show how these procedures adhere to the Australian Privacy Principles under the Privacy Act (1988).

Hopper notes that younger generations have also grown up with security breaches. While they accept breaches will happen occasionally, digital natives want to know how their service provider will take action to protect their interests.

“One example is mandatory breach reporting,” says Ajoy Ghosh, CISO for icare, the NSW government’s insurance and care services provider. By making reporting mandatory, it orients the organisation’s culture towards protecting the client, and this reinforces trust.”

Of course, every business should have a security framework worthy of the trust it inspires in digital natives. “If you have the data, you need make sure access is restricted, that it’s always encrypted, and if you’re transferring it from one computer to another, the data is encrypted during transfer as well,” Kelso says. “And these are all well-established, proven technologies that are easy to use.”

Between strong digital measures and an open dialogue with clients, service providers maintain the confidence of both tech-savvy and tech-shy Millennials – as well as everyone else.

Learn how to proactively defend your business, brand, infrastructure and information assets against internal and external threats, with the Telstra Cyber Security Report 2017. Download the report.

Download now

Related News

People working in a modern office
Liberate your workforce
Liberate your workforce
Innovating through a multi-channel journey

This year marks a decade since the launch of the first Apple iPhone, sparking a fundamental shift in people’s perceptions of mobile working and the tasks they expect to be able...

two young professionals working in front of a laptop
Liberate your workforce
Liberate your workforce
Stop, listen and collaborate

The time is right to audit the enterprise collaboration tools your employees actually use and discover what they need, so you can nurture an effective digital workplace with ev...

small fishes swimming around
Reach global markets
Reach global markets
Diverse and digital: All eyes on Indonesia

New technologies and cloud computing are making expansion into Indonesia easier than ever. Find out how to get a slice of this booming economy. Indonesia is one of the most di...

Man in a paddock with cows
Create transformative innovation
Create transformative innovation
IoT helping you to solve business challenges rapidly

Be they simple or state-of-the-art, there are many ways sensors are bringing the Internet of Things (IoT) to life. From driverless cars to vats of dairy milk, the applications ...