Trust and the User Experience: How User Perceptions of Data Privacy and Security Affect Your Business

Trust is part of the user experience

Rachel Botsman, in her 2017 book Who Can You Trust? defines trust as “a confident relationship with the unknown.” In the digital realm, trust is a key aspect of the customer digital experience. After all, we rely on technology for a variety of important interactions and transactions from finding a mate to managing our finances.

Recently, trust—or the violation of trust—has been a big topic. From data breaches to the misleading use of customer data, consumers are starting to take notice. When does that awareness start to impact your business? When your customers’ behaviors change as a result of their lack of trust.



What does trust mean in the digital space?

First, let’s define trust as it relates to digital products. If we expand on Rachel Botsman’s definition, trust in the digital space means we are confident that things will go as promised. Even technologies such as blockchain, which don’t require you to trust another person in order to conduct a transaction, still require trust in the process. You believe the transaction will go according to plan or you would not use the service.

In the digital space, think of trust as having three interlocking parts:

  1. How your customers perceive and manage their personal data.

  2. What trust means for your organization and how that translates into how you manage and safeguard customer data. This may also include regulatory requirements.

  3. How the digital product (the liaison between the company and the individual) establishes and maintains trust with customers.

How your customers perceive and manage their personal data.

If trust in the digital space means we are confident things will go as promised, what does lack of trust look like? In early 2018, major news outlets reported that data from 50 million Facebook accounts was harvested and used by Cambridge Analytica for political purposes. Yes, users may have known what they did on Facebook was used to inform what ads they saw. But many likely did not know that their non-Facebook browsing behavior was also being collected. And prior to 2018, it’s likely even fewer thought about the broader implications of their data being harvested from an organization like Cambridge Analytica. Since 2018, through our research at Voice+Code, we’ve noticed people are more skeptical of what organizations—and not just Facebeook—are doing with their data. In some cases, they are altering their behaviors. For example, not buying certain products or avoiding or limiting their use of social media platforms.

We’ve also found through our research that some people raise their hands in exasperation and say, “well, it’s all out there anyway. Why bother worrying about it?” It’s true that not all people are as concerned about privacy and security as others. For some, the convenience of the service your business offers is perceived as a fair trade for the information they provide. That is, until they are offered an alternative.

Different products and context will trigger different concerns. The download of a banking app will trigger different thoughts than the download of a weather app. The same person who installs cloud-enabled cameras in their warehouse may have second thoughts about installing the same devices in their home. These concerns will change over time. The takeaway? As a business, it’s important to understand how your customers view data privacy and security as it applies to the information they’ll be providing in order to use your specific product. It’s when you assume or take advantage of your users’ trust that you may lose it forever.

What trust means for your organization and how that translates into how you manage and safeguard customer data.

While many organizations say they are committed to their customers’ privacy and security, that commitment doesn’t always pan out in terms of the digital customer experience. A common scenario is when there is a lack of alignment between business goals and user goals. The business wants the user to do something that the user doesn’t really want to do. When this is the case, businesses may resort to tactics like dense terms and conditions or pre-checked opt-in boxes. While these schemes may trick users in the short term, the imbalance is such that the long-term viability of the relationship is at stake.

Another common scenario is the collection of unnecessary information. If you need only a few pieces of information to process a users’ request, why are you asking for additional information? Just because you can gather data, doesn’t mean you should.

That said, it’s really difficult to make security- and privacy-focused UX decisions when they aren’t valued by your leadership team. Often, it takes feedback from user research to convince stakeholders that, in addition to wanting convenience, users also value privacy and security.

How the digital product (the liaison between the company and the individual) establishes and maintains trust with customers.

Let’s say you’ve addressed security and privacy concerns at the organizational level. Your stakeholders are committed to users’ privacy and security. The last piece is to ensure you’ve effectively communicated that through the user experience with the digital product. It’s not like your CEO is going door-to-door to explain your commitment to privacy and security to each and every one of your customers. Instead, your digital product needs to convey that sentiment.

Think about how we determine if someone is trustworthy when we first meet them. We gather a myriad of nonverbal cues before that person says a word, most of which we process subconsciously. We expect the person to follow certain social norms. The same is true in the digital space. We gather a variety of cues (does the page look consistent with other pages on the site or with other products I use and trust?) that we aren’t necessarily conscious of. We have expectations of what should happen. Users don’t like sudden popups asking for personal information any more than they like a stranger at the bar asking for their phone number.

Throughout their relationship with your digital product, users need reassurance that things will go as promised. For example, this may mean guiding a user through a setup process, providing thoughtful instructions and feedback. Thinking about real-world interactions (for example, a good doctor guiding you through complicated treatment options) is often helpful in emphasizing what your user may need at that specific moment.

So how do you establish and maintain trust? First, understand how your users think about their personal information. These perceptions and behaviors are unique to your users and your product and may change over time. How your organization approaches privacy and security should align with what your users want. If they don’t, the long-term viability of your business could be affected. In all relationships, trust is a long game. Finally, despite your best intentions, your digital product might be communicating to your users that you are not trustworthy. By thinking about how people establish trust in the physical world, we can begin to design products that effectively convey your organization’s commitment to your users’ privacy and security.