Facebook's new privacy-first policy comes as no surprise. Given the social media giant's rough 2018, Zuckerberg and Co. had to do something to begin repairing the damage. Unfortunately, it may not be enough.

Nowhere in Facebook's six new privacy principles does the company address how it plans to handle ad targeting or data sharing with third parties--the issue that got the company in hot water in the first place. Facebook may claim to take privacy more seriously, but without addressing the most serious issue of all, why should users let down their guard?

Facebook's challenges deserve scrutiny, but they are really a symptom of larger consumer privacy concerns. Companies continue to collect as much data as they can, yet many consumers don't believe those businesses treat their information with the appropriate amount of care. For brands to change that perception, they must hold themselves to higher standards of transparency and accountability.

Marketers, Data, and a Shaky Truce

New legislative moves, including Europe's GDPR, tell brands one thing--that customers want more control over their data. Companies ignoring that mandate will suffer in the public eye, while those that go above and beyond will enjoy the approval of the masses.

After all, most consumers don't wish to leave the grid altogether. They enjoy the personalized perks that data-collecting brands can provide. However, if they begin to feel that their data is unsafe or misused, they want the power to do something about it. Further, they want to hear about any potential issues directly from the brand, not from the first media outlet to get wind of a breach.

Every company that collects customer information struggles to find the balance between good data stewardship and practical data use. Customers want the best of both worlds: personalized service and minimal data collection. Brands can't meet expectations of quality without collecting relevant information, but they can put consumer fears to rest and engender trust by following a few best practices.

1. Be crystal clear about what data your company wants.

Don't spy on people. Communicate clearly about exactly what type of data your company collects, how it collects it, and why it matters (i.e., how it impacts the customer experience). Set expiration dates dictating when to purge old data and communicate those deadlines, too, so audiences know that the company isn't sitting on years of unauthorized information.

DuckDuckGo's explanation of its privacy policy should be the standard. Even if most other companies won't follow the alternative search engine's "no collection" default, the format and clarity of the company's stance on privacy has earned it a place of trust in an industry where trust is rare.

Consumers don't just ignore textbook-length terms and conditions; they distrust the companies that hide behind them. Speak plainly about data protection and collection to set the stage for an honest relationship.

2. Only ask for data that helps provide value.

Why collect unnecessary data? Best-case scenario: The company won't use some of it. Worst-case scenario: The company suffers a breach of data it never even needed. Most customers (58 percent) will share personal data if they get something valuable in return, so only ask for information when it improves your service.

Use data to enhance offerings, not to gatekeep them. Megan Curley, vice president of consumer and market intelligence at RAPP San Francisco, says, "Give them a reason to say yes, but put the ultimate decision where it belongs: in their hands."

Curley notes how MoneyLion, a mobile finance platform, collects financial information from users and leverages that data to make value-adding suggestions. It notifies users about potential overdrafts and offers personalized savings tips based on actual activity. Users exchange their data for improved service, and both sides benefit from the transaction.

3. Keep every data-sharing promise.

After collecting any data, provide the promised benefit and tell the customer how the data made the service possible. Communicate regularly via email or other brand-owned channels to remind customers they can adjust their data-sharing preferences whenever they want.

Encourage customers to trust your brand by offering social proof. Collect case studies and social media testimonials from customers who appreciate the company's approach to privacy, and use that proof to boost consumers' perception of your brand. In the unfortunate event that something does go wrong, apologize immediately. Provide a clear account of the issue and detail the plan the company will follow to prevent a recurrence. Keep showing, as Apple is doing now, why your brand will protect its users first and foremost in all future decisions.

As data becomes increasingly important, don't forget the people behind it. Keep customers informed about where their data goes and why. Behind every data point is a person, and that person deserves respect and honesty at every turn.