The current state of consent management

Regulatory authorities have started to put the spotlight on data privacy and protection practices. European Union through its General Data Protection Regulation (GDPR) directive pushes companies to become more transparent in the ways they collect and manage consent and empowers citizens giving them more tools to manage their personal data. However, over more than one year since it entered into force, progress still needs to be made. Various surveys and researches (see here and here, for example) show that a significant amount of small and large companies still struggle to reach fully compliance with the legislation.

Furthermore, customers become more aware of the value of their personal data and seek increased privacy protection by managing their preferences. One might think that this behaviour only creates roadblocks to a company’s development, but research shows that solutions are also at hand. Interestingly, according to a study done by Accenture, customers are actually more willing to share their data if the companies are more transparent with the details of their demand. A tendency that is apparently on the rise.

Technology expected to take the legal heat off

New systems and best practices help companies remain complaint with the latest legal requirements. We have already mentioned GDPR, but companies must abide other regulations depending on their industry sector. We could briefly mention “Know Your customer” or “Anti-Money Laundering” in banking sector or sharing highly sensitive data such as medical tests or diagnosis in the health sector. Under specific regulations, companies are required to keep track and provide an audit trail of their consent interactions with their customers.

With every day passing, new digital tools and software that combine identity proofing, authentication, consent collection or personal data sharing are developed. Companies could manage consent collection in standardised processes where the identity of the customer is clearly linked to the type of consent given and to a specific time frame, meeting regulatory requirements. The adoption of such tools is expected to become mainstream in only one-two years’ time. In fact, Gartner estimates that “by 2021, 60% of enterprises will make use of tools or toolsets with blended trusted identity capabilities, which is an increase from fewer than 10% today.”

Building digital trust and data ownership symbiosis

On top of enabling companies meeting the legal requirements, identity and privacy management platforms contribute to building a trusted relationship between companies and their customers. They manage to create a safe environment where electronic identities attributes can be exchanged, supervised and even reused in a transparent way.

By implementing such dedicated tools, companies can manage and track consents at scale but, at the same time, they also empower their costumers and partners, giving them the opportunity to manage their own data. This is a rather uncommon approach, where companies are no longer waiting to comply with reactive regulatory requirements. But being proactive is the key to building and maintaining customers’ digital trust. Customers, in turn, would be able to view the data their shared, with whom and for specific purpose. They would also able to revoke consent at any time. In a nutshell, they could answer the questions at the beginning of the article with incredible accuracy in a few clicks.