Judging from the relentless bombardment of “buy our stuff” emails most of us receive, it would seem data privacy laws have largely been side-stepped by the majority of marketers.
This begs certain questions. Should marketers continue to view data privacy as merely an inconvenient sales prevention obstacle to be circumvented in the name of business prosperity? – or should all commercial enterprises simply do the right thing, by implementing appropriate measures to protect the rights of consumers. It is, after all, the law in just about every country on the planet.
And yet, the flouting of data privacy laws is widespread. Cases of heavy fines imposed for privacy violations and data breaches have become so commonplace that many news agencies have sections on their websites dedicated to ‘privacy’ and ‘cyber-crime’.
So, here’s another question…
Should marketers care more about privacy laws?
Back in 2010, Facebook CEO Mark Zuckerberg caused a stir among privacy advocates when he proclaimed that privacy was no longer a “social norm”.
Some would argue that such a statement contradicts the fact that global privacy laws and heightened consumer concern about companies’ irresponsible use of their data has heralded a new age of online marketing, where privacy comes first.
Around the world, lawmakers are enforcing stronger protection rights, with significant implications for marketers across all business sectors. Back in 2018, the European Union implemented the General Data Protection Regulation (GDPR) and in July this year the California Consumer Privacy Act (CCPA) comes into full force. These laws limit the ways in which businesses can collect, store, use and share customer data, giving consumers greater control over their personal information.
Surprisingly, even in communist China, a country whose population has been trading privacy for convenience for so many years, the signs of changing attitudes are emerging. China’s Personal Information Security Specification suggests an “unbundling” of data protection consents, which will impact the use consumers’ personal data for marketing purposes. For marketers, this means greater scrutiny, especially on data being used for personalised marketing, such as location and device data, transaction data and behavioural data.
These laws will have a profound effect on companies whose profits rely on the collection, usage, buying and selling of consumer data. In other words, big social media giants, third party data brokers and online behavioural advertisers.
This could explain why, in March last year, Zuckerberg announced Facebook’s vision for a ‘privacy-focused platform’.
Perhaps now, the disrupters are themselves being disrupted by a paradigm shift in the form of consent-driven marketing, meaning that marketers must now obtain consumers’ informed or explicit consent before they can legitimately leverage consumers’ personal data.
Sorry guys, but a simple tick-in-a-box will no longer suffice. Marketers across all sectors must clearly demonstrate their compliance with data privacy laws.
Opaque or Transparent?
More than ever before, marketers can collect so much information on consumers, they are able to build intricate profiles of their online activity and personal preferences. This wealth of data can be used to provide a positive, personalized and relevant experience.
However, marketers now have a legal obligation to treat consumers’ data with respect and fairness, by being transparent about how they use personal data in their marketing activities.
Protecting consumers’ data involves much more than having a privacy notice on the company’s website, or even defending the company’s network from a cyber-attack.
Take the following 7 steps to strengthen your privacy policies:
Provide customers with assurance that their privacy is valued.
List the methods and tools used to keep their data safe.
Display any security accreditations prominently on your website.
Create a separate page for your privacy notice – This builds trust and confidence.
Inform customers when their personal information is disclosed.
Describe clearly how you intend to use their data once it is collected.
Enable customers to decline to give their consent or opt-out of receiving emails and other promotions.
Marketing Takeaways from Data Privacy Legislation
Consumers are increasingly aware that their data represents value to marketers.
Hundreds of surveys have been published showing increasing consumer unease about sharing their personal data.
Consumers are going to greater lengths to limit the amount od personal data they share. Increasingly they are opting out of geolocation services, deleting cookies and installing ad-blocking apps
Personalisation, once the Holy Grail of marketing, is as dead as the dodo. The ability to target the right consumer, in the right location, with the right message, at the right time, has become harder than ever. This is because consumer consent must be sought across all touchpoints. This makes first-party data more valuable than ever.
As third-party, cross-website cookie tracking is phased out, the ability for marketers to identify online consumers will become more difficult. This will have a big impact on the future of marketing, as well as consumer privacy.
Marketers’ insatiable appetite for identifying consumers is unlikely to subside. Therefore, customer identity will soon become a fierce battleground for businesses and brands. And regulators will be watching that battleground very closely!
Emerging technologies promising to make life easier – while collecting increasing amounts of consumers’ data – could become a slippery slope for marketers. If data collection via smart speakers, health apps, video conferencing apps, smart TV’s, connected household appliances, health apps and even connected cars is not done in a way that allows consumers to give their informed and explicit consent, marketers engaging in emerging tech could be in for a rough ride. They will need to be 100% certain that they are compliant with data privacy laws – or suffer the consequences of hefty fines, consumer backlash and reputational damage.
New privacy legislation has altered the data landscape. However, businesses have opportunities to demonstrating their commitment to putting privacy first, to consumers who have grown wary about how their data is being exploited.
Being transparent and earning consumers’ trust regarding their personal data is not only the right thing to do, it’s also very good for business.
Right now, ‘Permission Marketing’ is nothing new to a small minority of marketers. But, as sure as eggs is eggs, this new consent-driven approach will rapidly become the new norm, as consumers’ increasingly choose brands that demonstrate a commitment to safeguarding their personal data, brands that clearly describe to consumers how their data is being used, and for what purposes, and brands that make it easy for consumers to opt-out if and when they wish.
Keeping privacy laws up to date with emerging technologies will always be tall order. And those companies that need to maintain compliance with those laws need to stay vigilant.
Data privacy can be a highly complex and often confusing territory. After learning as much as possible about their own set of privacy obligations, many firms still need the assistance of an experienced data privacy professional.
Therefore, outsourced privacy offices are poised to become a necessity in order for companies to keep up… Not just with their competition, but with the rapidly changing pace of the global privacy landscape.
With the proliferation of Data Privacy laws, outsourced privacy offices are poised to become a necessity in order for companies to keep up… Not just with their competition, but with the rapidly changing pace of the global privacy landscape.
Privacy Office+ is a premium Outsourced Privacy Office Management solution designed for mid-market and large corporations with complex data privacy requirements.
NOTE: This article is provided for information purposes only and does not constitute legal or professional advice. The Data Privacy Group recommends that businesses engage the services of an experience data privacy/data protection practitioner as well as legal counsel, when seeking to comply with data protection and privacy laws.