Consumers want to be able to trust brands to use their data how they say they will. But according to research from Edelman, only 34 percent actually trust most of the brands they buy from.

Consumer trust is influenced by a number of  factors, but thanks to a slew of recent high-profile privacy violations, even the most seemingly small—and sometimes innocent—offenses can trigger consumer distrust:

“I subscribed to a brand’s email and suddenly started receiving daily emails that have nothing to do with me.” “I’ve received 5 credit card replacements this year due to 'suspected fraud'—does that mean my bank is really good at protecting my data or that it's really vulnerable?”  “I started using a new app and suddenly my physical location was visible to strangers.”

CMOs are now tasked with introducing privacy-centric practices to protect consumer data, while simultaneously using this data to personalize experiences. Here are three ways privacy will need to evolve organization-wide as demand for personalized everything grows:

1. Move consumer data to a private hosting environment. Again.  Over the last fifteen years we’ve seen a mass exodus from on-premise environments to the cloud. Enterprises that are still using their own servers and hosting environments are even often considered ‘behind the times.’ But for the many companies sitting on millions of consumers’ sensitive data (e.g., banks, major brands and social networks), cloud hosting exposes this data to the open Internet and the cyber threats that come with it. 

While hosting environments might not be the domain of marketers, vulnerabilities there can certainly affect their efforts and consumer trust. As a result, some of the most innovative names in the game have started moving back to private hosting—at least for storing their consumer data. It’s time that other brands harboring mass amounts of consumer data follow in their footsteps to protect their consumers.

2. Adopt a GDPR and CCPA mindset before it’s imposed on you. Regulations like GDPR and the California Consumer Privacy Act (CCPA) are forcing good manners on brands that need them - as well as many that don’t. These guidelines aren’t at odds with personalization, however; they’re simply here to demonstrate an overt sign of respect to the consumer.

Rather than being caught off guard by growing adoption of these types of regulations, marketers should make it a policy to integrate the philosophy behind them into their everyday personalization and privacy practices. That way, if and when regulations hit them, they won’t be among the 45 percent of companies that cited a “lack of time” as the reason they were underprepared for CCPA regulations.

3. Eliminate the idea of an "unspoken agreement" between brand and consumer. Brands have traditionally operated on the assumption that consumers understand the trade-off they’re making when they share their data in return for personalized experiences. There’s a fine line between personalization and taking advantage of customer knowledge, however - and this fine line is currently left to companies’ discretion.

 When a company uses data to show a consumer a product or offer they might like—or even sell more products to them—this is arguably a beneficial use of their data. When a company uses insights into consumers’ income or spending potential to introduce weighted overpricing, this is arguably not a beneficial use of consumer data.

To put a bow on it, some companies hide behind their lengthy privacy policies. But there’s got to be something in between a basic assumption that consumers are okay with their practices and a 20-page document written in legalese. Filling in that grey area will signal that a brand is investing in—and respectful of—its consumers’ privacy.

A majority of companies take their consumers’ privacy extremely seriously; it’s the outliers that make personalization customer experiences and privacy seem at odds.