With disconcerting frequency, news stories reveal new controversies as data breaches at brands and institutions are exposing consumers’ data. While a very real cause for concern, brands may weather the impact of these breaches. A survey by customer identity and access management solutions provider Janrain found that U.S. consumers still generally trust brands but welcome consent-based relationships following the high-profile data privacy lapses.

Janrain surveyed more than 1,000 U.S. consumers and nearly half of them are willing to give brands a pass for data breaches as long as they are immediately informed about the attack and told how the company is responding. They survey found that 42 percent report at least being open to forgiving the brand, while seven percent refuse to forgive brands for allowing bad actors access to their personal data and 14 percent have lost all faith in an organization’s ability to protect their data.

While 71 percent report downloading software that protects their data privacy or otherwise helps control their web experience, Janrain’s survey brings good news to brands that are evaluating their consent-based marketing processes and capabilities in response to regulatory requirements or to strengthen customer relations. If given the option, most people (55 percent) would let companies they trust use some of their personal data for specific purposes that benefit them in clear ways. Only 36 percent wouldn’t let any company use their personal data. Furthermore, 66 percent like the idea of being able to alert companies when they’re interested in something as long as they can “switch it off” when they’re no longer interested. Only 16 percent aren’t interested in this even if it came with preferences control.

When asked whether they’d walk away from a business that requires personal information up front, like a phone number or email address, in order to conduct business, 15 percent of those surveyed said “yes” while 24 percent said “probably.” Fifty-four percent said it depends on whether the business is trusted or the only option.

The survey found that 66 percent of respondents called for GDPR-like rules in the United States that force brands to provide consumers with greater privacy, security and control of their personal data. Janrain asked a similar question in May2018 to which 69 percent responded favorably to more regulation in the U.S. This time, Janrain’s findings show consumers not only want more regulation, they believe it will actually help in the wake of high-profile breaches and controversies affecting well-known organizations like Yahoo!, Equifax and Facebook. It also found that nine percent believe such laws would be ineffective while six percent believe more regulation would be too hard on businesses and the economy.

“Our survey is incredibly good news for brands that take the personal data privacy and security of their customers seriously,” says Janrain CEO Jim Kaskade. “Despite high-profile missteps and outright failures in the way brands have approached data privacy and security, consumers are very open to a consent-driven relationship with brands, which will go a long way toward solidifying trust for stronger, longer-term relationships.”