28 January is Data Privacy Day – an international initiative to raise awareness and promote the protection of data privacy and data protection. The date commemorates the 1981 signature by the Council of Europe on the Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data. In current times, this date closes off a week of awareness building campaigns that aim to promote an appreciation of privacy and protection of data amongst consumers and employees, while promoting policies, regulation, compliance and other governance considerations amongst corporates.

Data Regulations with national reach like South Africa’s POPIA and Brazil’s LGPD, state-wide reach like California’s CCPA and multinational reach like Europe’s GDPR are already mainstream, to the extent where broad scale adoption by organisations has progressed and companies have growing skills and competency in adhering to policies and programs.

Data Privacy and Protection was always considered a CEO and CFO discussion – with financial penalties making headlines for data breaches. As an example, Amazon’s €746m penalty topped the charts in 2021 due to consent management discrepancies related to cookie collection on web browsers, and the fine was nearly three times larger than that of WhatsApp the same year, who faced a €225m penalty for a lack of clarity around their data processing practices in their privacy policy.

But is the accountability and business relevance of data privacy and protection changing offices within the C-Suite? While financial risk is always a business concern, could the shift occurring in our now post-pandemic era of business be to the Chief Customer Office?

The shift to loyalty

Pandemic-era consumer behaviour dropped substantially around the world in 2020 and saw partial improvement during 2021. What has changed though, is the prioritisation of certain categories of spend and the shift away from brand alignment in favour of pricing, convenience and other factors. A McKinsey study delves into one convenience factor, where 60-70% of US consumers in 2021 were shopping in a more omni-channel manner, with social media as a new channel. Brand alignment or loyalty was also impacted by poor stock-on-hand, with over 60% of consumers facing this situation and only 13% being willing to wait for stock to arrive.

Consumer preference has evolved. Relationships with new brands continue to be spawned out of need, interest, spite or frustration. Convenience, frictionless buying and accurate delivery are expected. What brands cannot afford to do now is give consumers a reason to look somewhere else, and the discussion around data privacy, consent, personalised communication and data protection is now a key priority for the most senior executive accountable for customer engagement, customer experience, and customer success.

The attention of a single customer is a hot commodity in the current era of business. The typical new eCommerce customer experience starts at a social media platform, follows a click-through buying process from a sponsored ad or post, requires the customer to select (and deselect) cookie tracking options, and hopefully not get distracted before completing an order, with convenient payment methods that favour the customer. Inject any notification or pop-up from another brand along the way and your customer journey needs to ensure that you remind that customer of their abandoned basket and offer them a limited time discount to come back to the store to complete their order.

This is the current expectation… but improve this through accurate understanding and prediction of their buying preferences and behaviour and you stand a good chance of closing that order and getting repeat purchases. Mess this up and you’ve lost the opportunity. Add a privacy concern, data breach or any friction in the consent management process and you’ve likely lost that customer for life.


Financial risk associated with data regulation infringement is obviously still a priority. No business expects to face multimillion Euro penalties in any given financial year, and this would be a hard knock to both the bank balance and the brand’s reputation. Perhaps, to the CFO, this becomes more of a contingency and the likelihood of facing a penalty becomes more commonplace.

The shift in terms of strategy and competitive advantage with regard to data privacy and protection is arguably sitting with the Chief Customer Officer going forward. Customer journeys, customer insights and customer campaigns should always include an element of sense-checking compliance with regulations, even if the tick-box exercise returns the same results each time. Customers have less appetite to force alignment with particular brands. Even in the banking sector, where customers traditionally have held accounts for decades, trust becomes a top consideration for 2022.