It is crystal clear that with the rapid developments in technology, data processing has integrated in our everyday lives and the notion of data protection has become increasingly significant both for data subjects and brand owners. It was not so long ago that protection of brand value and brand trust was focused on conducting comprehensive IP protection for brand owners, while today data protection has entered as an essential second branch.
Apart from the risk of facing penalties under the legal requirements, brand owners face with another long-term effect of data protection breaches, which is the damage of the brand trust and loyalty of the consumers.
In order to determine the effect of a data breach to brand value, Infosys, a global leader in next-generation digital services and consulting, and Interbrand, a global brand consultancy firm conducted an extensive study called “Invisible Tech. Real Impact” with experts from across 15 countries. The report revealed that data security has become crucial and critical tool driving the consumers’ choice.
The study also revealed that by transformation of consumer relations into the digital world, the brand owners must implement a strong data protection and cybersecurity strategy to avoid any damage to brand reputation and brand value. Indeed, the study has demonstrated that the world’s 100 most valuable brands were to experience a data breach, the collective brand value that they might lose could be up to USD 223 Billion.
Yet, in another global study, “Cost of a Data Breach”, conducted by IBM in 2021, it has been stated that the average cost of a data breach to a company was $4.24 million, yet the reputational loss in the eyes of the consumers could be irreplaceable. A related example is Yemeksepeti, a Turkish online food delivery company, the data breach of which affected 21,5 million users in Turkey (Turkey’s population is 85 million) and consequently, received one of the record fines issued by the Turkish DPA.
Brand trust is one of the core assets of the successful operations which are built in long years. Therefore, in order to ensure customer trust, a well-established data protection
strategy is a must for the brand owners. Such strategy should definitely cover both technical and administrative measures.
Please see our article on technical and administrative measures recommended by the Turkish DPA: Personal Data Protection Authority Announcement: Recommended Technical and Administrative Measures For Data Controllers