Only 13% of U.S. consumers rank online retailers as most trustworthy with their data, and 84% may not shop with a retailer that had experienced a data breach, recent studies find.

The majority of U.S. consumers aren’t confident that online retailers are able to effectively safeguard their data.

Only 13% of consumers ranked online retailers as being the most trustworthy in terms of securing their personal information, according to consulting firm PricewaterhouseCoopers, which surveyed 2,000 adults in the U.S. in August and September in conjunction with BAV Group, a consultancy that is part of advertising agency Young & Rubicam.

“Consumers are very aware of coverage around recent high profile breaches and the possible impact to them, especially in terms of exposure of credit card information and personally identifiable information,” says Mickey Roach, a partner at PricewaterhouseCoopers. “Also, the average consumer isn’t an expert of cyber security and the related controls and technical protections that can be deployed. From the consumer’s perspective, that gives the sense of inevitability that any or all retailers could have a major breach.”

Shoppers were able to select up to five industries from a list that included online retail, banking, healthcare providers and nonprofits, among others. Hospitals and banks ranked highest on consumers’ list, with 42% of respondents naming them as the as the most trustworthy when it comes to keeping personal information secure; 26% chose insurance companies as their top choice; 23% said utilities and government; and 21% said information technology. At the bottom of the list were startups (5%) and marketing and advertising firms (3%).

“Companies must put cybersecurity and privacy at the forefront of business strategy to win customers’ hearts—and earn their trust,” PricewaterhouseCoopers writes. Protecting consumers’ information is paramount, in part, because 85% of all U.S. shoppers surveyed say they won’t do business with a company if they have any doubts as to whether their data will be kept safe and 71% would stop doing business with a company for giving away their sensitive data without permission.


“[Companies] must implement, meet and clearly communicate robust data governance and privacy protection policies,” the study finds. “The stakes are high. If companies don’t adequately protect consumer data, they risk suffering consequences from regulators and backlash from consumers who say they will take their business elsewhere.”

Furthermore, PwC’s data shows that shoppers are wary of several tools and technologies that retailers are implementing or pursuing as they try to enhance shopping online and via mobile devices.

A study by identity protection services provider Generali Global Assistance finds that 75% of shoppers plan to shop online this holiday season and 57% of shoppers “believe a data breach of an online merchant will pose the greatest identity theft threat this holiday season.” The company surveyed 1,016 adults in the U.S. last month.


Generali Global Assistance also reports that 84% of those surveyed say they may not shop with a retailer that had experienced a data breach.

Shoppers’s doubts about the security of their personal information online are evident: 40% say they don’t think businesses are doing enough to protect their personal data and 38% say they’re not sure if businesses should be doing more to ensure their personal data is secure online.

PricewaterhouseCoopers recommends online retailers and other businesses do the following to ease consumer’s concerns:

  • Make cybersecurity and privacy priorities by backing them up with security tactics.
  • Build trust and give consumers more control over how their information is used.
  • Exceed minimum legal requirements.
  • Understand how consumers feel, especially if they are in an industry considered less trustworthy.
  • Demonstrate transparency and responsibility when using new technology.