The latest Cisco 2024 Data Privacy Benchmark Study, annually reviewing significant privacy issues, has revealed increasing privacy concerns around Generative AI (GenAI), trust issues in businesses concerning AI, and the significant returns from privacy investment.
The study surveyed over 2,600 security and privacy professionals in 12 countries, with some striking outcomes specific to Australia.
According to the survey, more than 1 in 4 organisations (approximately 27%) have prohibited the use of GenAI applications due to privacy risks. A significant 77% worry the information entered could be shared publicly or with competitors.
Underlying concerns revolve around the potential harm GenAI could cause to organisations' legal and intellectual property rights (69%). Misinformation also raises concerns, with 68% of organisations fearing that GenAI could provide incorrect information to the user.
While technology continues to advance, the same cannot be said about consumer confidence in AI. Companies acknowledge that they have yet to completely reassure customers about data privacy, with 90% of them recognising that they still need to do more to reassure customers that their data is used for intended and legitimate purposes in AI. There has been little progress since last year on building customer confidence concerning AI.
Despite the challenges, privacy investment remains an attractive proposition for most organisations. Privacy-related benefits were found to be 1.8 times the spending for the average organisation.
Over 75% indicated that privacy investment helps them build customer loyalty and trust, while 72% highlighted the role of such investments in mitigating losses from data breaches.
"Organisations view GenAI as a technology with novel challenges to consider," said Dev Stahlkopf, Cisco Chief Legal Officer. "More than 90% of respondents believe AI requires new techniques to manage data and risk. Thoughtful governance comes into play here, and preserving customer trust is dependent upon it."
However, building this trust requires a shift in priorities. While organisations focus on complying with privacy laws and avoiding data breaches, customers want clear information on exactly how their data is used.
The report also highlighted the importance of external privacy certifications. As many as 98% of organisations stated that external privacy certifications play an important role in their buying decisions.
"They are looking for hard evidence the organisation can be trusted," explained Harvey Jang, Cisco Vice President and Chief Privacy Officer. "Privacy has become inextricably tied to customer trust and loyalty."
Furthermore, approximately 80% of respondents said privacy laws have had a positive impact, boosting customer confidence and trust. While most businesses (91%) believe that their data would be inherently safer if stored within their country or region, 86% also said that a global provider, operating at scale, can better protect their data compared to a local provider.
These findings showcase the growing importance of strong governance measures in ensuring data privacy and security amidst increasing digital threats. As AI continues to permeate different sectors, the call for stricter policies to protect privacy becomes more urgent.