New CBD surveillance systems may be threatening Australians’ personal privacy, but a new analysis of online privacy practices suggests you probably don’t even know about the most intrusive ways profit-minded companies are tracking your every move online.

Fully 74 per cent of the more than 1,000 consumers surveyed in Deloitte’s latest Australian Privacy Index survey said they believe the companies they interact with online are collecting information about their browsing activities – with 83 per cent of Australia’s top 100 online brands seemingly doing so, based on an analysis of their privacy policies.

Yet apart from burying scant detail within those often-voluminous policies, only 2 per cent of brands are actively disclosing the way they track your activities online – leaving most consumers unaware of how their data is being used by companies and shared with their business partners.

That data is being collected in ever greater amounts by increasingly intrusive trackers as online brands lean on data to reshape post-COVID retail environment around personalised services.

With ANZ businesses expecting 60 per cent of their revenues to come from digital channels within two years, according to a new Salesforce survey of over 4,100 commerce professionals, 90 per cent of online sellers now rely on customer data to build their business plans.

Firms like Woolworths and Kmart have credited data collection activities with growing success as retailers work to adapt Amazon’s data-driven commerce model to reshape their own activities.

Yet consumers are far less happy about personalised services than companies make out, Deloitte found, with just 43 per cent of respondents happy to share their personal information – even when aware of how their data will be used – and 51 per cent “uncomfortable” with their online activity being tracked.

Despite the retail industry’s personalisation mantra, young Australians (age 18 to 34) were the only demographic that sees value in online personalisation – with other age groups seeing it as “going too far” without adequate transparency.

During the last two years “consumers have shared more personal data than ever before,” said Deloitte National Privacy and Data Protection lead partner Daniella Kafouris as the new figures were released, “in exchange for various freedoms and access to products and services.”

“A disconnect remains between consumer expectations and how brands collect and use personal data,” Kafouris added, noting that personalisation is “not for everyone”.

The older the demographic, she said, “we found that increasingly more consumers perceive personalised experiences as crossing what we call a ‘creepy line’ that hinders the customer experience and, by extension, a brand’s ability to build trust and engage with them.”

The results are a blow for companies that are investing heavily in data-driven business models in which harvesting data about consumers and their behaviour has become standard practice.

Such companies, Kafouris said, “need to take their customers on a transparency journey throughout the customer experience, rather than relying on legal documents like their privacy policy, to build trust before things get ‘creepy’.”

Toeing the creepy line

The findings come amidst a flurry of announcements that suggest privacy is being rapidly eroded in everyday situations.

Recent reports from Adelaide, for example, noted that the South Australia Police are proceeding with plans to use a new network of CBD surveillance cameras for mass facial recognition that will allow them to identify individuals of interest and track their movements across the monitored areas – despite Adelaide City Council’s objections and requests for safeguard measures.

Coming on the heels of revelations that Bunnings, Kmart and The Good Guys stores have been using facial recognition technology to track their customers, it’s clear that the post-pandemic world is being rapidly filled with technologies designed to track you in the real world as easily as they do online.

In the wake of the recent controversial US Supreme Court abortion ruling, concerned Americans are even reported to be deleting health apps they fear could be used to attract authorities’ unwanted attention – and have already been used to secure criminal convictions.

And while widespread collection of consumer facial information was enough to attract massive penalties and business restrictions for facial-recognition firm Clearview AI, businesses are walking a privacy tightrope as they embrace technologies most notoriously affiliated with China’s surveillance state.

Even the humble loyalty program has become weaponised, the Deloitte figures found, with 54 per cent of the studied brands offering “no tangible incentive” to consumers that are forced to create accounts to access their services.

Tellingly, only 30 per cent of consumers are happy with companies’ current personalisation practices.

“It is evident that consumers are seeing the value brands can get from use of their information and want to receive a fair value exchange sharing their personal information,” the report notes.

“[But] brands should consider whether their current offerings to consumers adequately represent the value of the information they are requesting, and ensure they provide proper transparency to consumers before sign-up on the use of their information.”