Data privacy: the clock is ticking for U.S. marketers
How can marketers walk the fine line between utilizing consumer data for targeting and personalization purposes and respecting customer privacy?
How can marketers walk the fine line between utilizing consumer data for targeting and personalization purposes and respecting customer privacy?
Annual forecasts for the year ahead are nearly as ubiquitous as New Year’s resolutions – but I won’t burden you with my “Top 10” list. My focus here is one critical trend that will seize the attention of digital marketers in 2016 – the issue of data privacy and how marketers can navigate a delicate balance between protecting and leveraging consumer data.
Every time we book a flight, buy a book, shop for shoes, or otherwise interact with brands online, we leave behind personal information in digital form. Where happens to that data? How is it used? And what are the individual’s rights in its use?
That’s been the focus of increasingly stringent rules in Europe. And lest you think American companies are not at risk, consider the fact that any global company doing business and collecting data on European Union (EU) citizens and residents comes under the mantle of these rules. Penalties for mismanaging data can be harsh.
Can data-driven marketing with its reliance on user-level data generated across a complex digital ecosystem survive privacy regulations? My answer is “yes,” but marketing organizations doing business globally must commit immediately to better managing this customer data and ensuring compliance with privacy standards across geographies.
What’s changed?
It wasn’t that long ago that privacy was something of a “dark horse” among marketing priorities in the U.S., given loosely interwoven governance consisting of federal and state laws as well as guidelines from government agencies and industry associations. To date, however, the focus on privacy in the U.S. has been governed to a certain extent by an implicit agreement between consumers and brands: “deliver value and relevance, and I will share personal information with you − within reasonable bounds.”
The situation in Europe could not be more different. Their privacy laws confer a user’s right to anonymity, and website visitors can explicitly opt-out of any data collection that might be used to identify them.
However, the big news last year was the European Court of Justice’s action in striking down the Safe Harbor Act. Under that act, U.S.-based companies had been allowed to collect and store European visitor data in U.S.-based servers if privacy protection was in force. Now the more than 4,000 companies that had relied on the Safe Harbor Act are at risk and need now to put other legal agreements in place.
Meanwhile, a new European data privacy regulation finalized in December authorizes fines of up to a whopping four percent of a company’s global gross revenue, if it doesn’t inform users about information gathered on them and what it plans to do with it. The European Parliament will vote on this agreement early this year. Once approved, it will become effective across the EU – subject to a two-year period of transition.
Multinationals need to begin now to make sure that data flowing from the EU into U.S.-based servers meets these privacy standards. And many more consumers will need to be informed about what data will be used and how it will be used through a “consent experience.”
Data governance and privacy
Data governance setting rules on the use, access, and the security of data has historically been the province of IT. But marketers are ultimately the end-users of this data, which is being collected via a growing array of mar-tech solutions. Thus, the foundation for data security and privacy needs be implemented directly in the mar-tech stack with an enterprise marketing data platform.
The marketing team needs to start by making sure basic capabilities are in place:
- Data management and control: Develop a platform that delivers full control of how consumer data is collected, integrated, and activated through the mar-tech stack, including tools ranging from analytics to content management.
- Tag management: Ensure tags on all Web and mobile priorities adhere to internal privacy policies and varying external regulations, whether they’re in a tag management system or directly on the website.
- Data leakage: Reduce the risk of data leakage by limiting exposure of sensitive data collected by tags in the browser.
- Consumer opt-out: Provide streamlined and consumer-friendly opt-out experiences for consumers visiting digital properties under various government jurisdictions.
- Privacy audits: Expect to comply with varying privacy rules worldwide and run audits to monitor privacy risks on a regular basis.
- Enterprise workflow management: Use workflow governance to ensure that data is shared only with the right internal teams, geographies, and agencies.
To sum up
It’s clear that consumer privacy can no longer take the back seat in marketing. Even more, companies that act swiftly will garner more consumer trust and brand loyalty over others that delay.
What are your data governance and privacy enforcement plans for 2016?
Article images via Flickr.
