Data privacy and crossing the line | KPMG | UK
Share with your friends

Data, privacy and crossing the line

Data, privacy and crossing the line

Consumers are increasingly aware that organisations are collecting, using, retaining and disclosing their information. Are they growing uneasy: When does ‘helpfully close’ cross the line to become ‘creepy and intrusive’?


Global Privacy Lead

KPMG in the UK


Also on

Customer data has never been easier to acquire, analyse and act upon. According to Crossing the Line, a global survey of 6,900 consumers conducted by KPMG, an average of 56% of people are either ‘concerned’ or ‘extremely concerned’ about the way companies handle and use their personal data.

The report concludes that businesses need to take stock of their current approach to privacy to create value for the organisation, its customers and its employees.

“Companies must act with discretion and put in place more transparency when it comes to data collection – or risk losing the trust of existing and potential customers, and with them, revenues,” says Mark Thompson, Global Privacy Advisory Lead for KPMG. 

However, the report determines there is no single rule for companies to consider. Whilst there are trends, where the line gets drawn is individual to each customer. And customer trust isn’t the only issue at stake, the EU’s General Data Protection Regulation (GDPR) will have a massive impact.

The lessons from banking

One option is to look at the sectors experimenting with crossing the line – such as social media groups. Their business model is predicated on knowing as much about users as they can. Yet in our survey, only 13% of consumers said they trusted social media companies – despite their dominance of the digital landscape.

Financial services firms sit at the other end of the scale. Banks and insurers often process sensitive information and rely heavily on perceptions of trust – 41% of consumers in the survey said they trusted their bank with their data, ahead of even healthcare providers (39%) and law enforcement (36%). 

That trust is not always a result of altruism. The banking industry is starting to explore opportunities to leverage personal information. But levels of trust in banks may change if they begin using it in many of the ways social media does. 

Equally, as businesses move outside their sector specialisms – for example technology firms taking on financial services; or retailers offering lifestyle services – they might find that what’s considered acceptable data use in their core business suddenly seems  intrusive in a new context.

Quid pro privacy?

In other words, the line is fungible. Attitudes change between generations, different sectors and over time. 

“As customers develop a keener sense of the value of their personal data, there will be more demands to ensure they do not blur the line between cool – services that efficiently anticipate your needs – and creepy,” Thompson says.

The advice? Make it easier for consumers to control how their data is collected – and be transparent in how it’s used. As organisations deploy more sophisticated (and often passive) forms of data collection, having a clear quid pro quo with customers is the best defence against inadvertently crossing the line.

Creepy or cool?

Concept  Creepy Cool
Apps that access your contacts and photos 84% 16%
Electronic billboard greeting you by name with contextual ads 78% 22%
Firm accessing your GPS data to have a taxi ready when you arrive at a station 63% 37%
Smart energy meters that tell utilities your daily habits 43% 57%
Trackers to help emergency services find your vehicle 22% 78%


  • On your board agenda: How well do our customers understand what data we collect on them, how we store it and how it’s used?
  • Anticipate tomorrow…: Wearables, the Internet of Things and cognitive technologies are growing fast. How do we tame the soaring volume and granularity of personal data to build on them while maintaining trust?
  • …deliver today: Audit systems for vulnerability to leaks and hacks – and conformity to global privacy legislation.

Connect with us


Request for proposal