Transparency about data use increases the credibility of companies

With an increase in cyber-attacks in the last year, the treatment and protection of consumer data must be a constant concern of companies, including to gain the trust of customers who consider this factor when choosing products and services.

The topic was discussed at the second table of the seminar Security and Privacy in the Digital Age, held last Tuesday (19) by Folha, sponsored by unico, a company that provides solutions for digital identity protection.

Public interest in cybersecurity has grown in recent years, driven mainly by frequent news of hacker attacks, by the more intense use of technology during the pandemic and by the validity of the LGPD (General Data Protection Law), according to lawyer Bárbara Simão, coordinator of InternetLab, an independent center for interdisciplinary research in technology and law.

Based on the survey “Who Defends Your Data?”, carried out annually by InternetLab with internet operators in Brazil, Simão assesses that the behavior adopted by organizations in terms of privacy and data protection has changed over the years. The survey analyzes each organization’s policies for assigning scores.

“Today, companies are engaged in scoring for considering privacy and data protection as a competition criterion, which is also evaluated by consumers when making a purchase or contracting a service”, says the lawyer.

Concerns about cybersecurity, however, must be a point of individual attention on a daily basis — and not prioritized only by companies.

With personal data in hand and knowing characteristics such as preferences, routine and habits of a person, cybercriminals can make more personalized and convincing traps to apply scams also to family and friends, says João Lucas Melo Brasio, executive director of Elytron Security, a consultancy digital security.

“Personality information can even be used for mass psychological attacks from a political point of view. Around the world, we’ve already seen initial cases — and this will get worse over the next few decades — of a politician positioning himself as the majority of the public. population wants, fulfilling desires and raising fears as a weapon to get elected and gain power.”

A set of information about someone, such as gender, race, address and consumption habits, can guarantee the construction of a profile with the potential to influence future situations, says Simão, from InternetLab.

Therefore, cybersecurity is essential not only for sensitive data, but also for all elements handled by public and private services.

Even outdated information can impact everyday life —such as old debts that have already been paid off—, making access to credit difficult, exemplifies Fabrício da Mota Alves, professor of data protection and digital law at FGV-Rio and IDP (Brazilian Institute of Education). , Development and Research).
“Data protection is about having our data used in a fair, correct, adequate and proportionate way, so that it does not harm us, does not affect our civil rights and liberties”, says Alves, who is also Serur’s coordinating partner for digital law. Lawyers.

When leaked, old data can still be used to carry out scams and enable hacking attacks by being combined with social engineering (a technique used by cybercriminals to make people pass on confidential information), explains Yasodara Cordova, principal privacy researcher at unico.

Facial biometrics is one of the solutions that the company proposes to improve security protocols.
An important factor for consumers to trust a company is transparency about what information is collected, handled and shared by the organization, says Cordova.

“Knowledge about data goes hand in hand with privacy, because you can’t control what you don’t know. It’s like a messy closet, where you can’t know how many clothes you have: when your data is messed up, you don’t know who you’re sharing with and you don’t have a sense of trust.”

Credibility also depends on the plan of action after a cyber attack, for example. Denying a leak that has taken place, not providing information, and disclaiming blame are positions that damage the image of the corporation before customers and the market.

“People know what incidents are going to happen. When companies respond openly, with solutions, stating what happened and the level of risks involved, the relationship is better to guarantee consumer confidence”, says Simão, from InternetLab.