Privacy is the number one concern from online consumers, with 86% of users taking active steps to improve their safety online, according to Brandon Gaille. And as more data privacy regulations and guidelines are put into action by governments, industries and privacy organizations around the world, it’s becoming increasingly important that marketers understand these rules and follow them - or face penalties and/or fines.
A study by Accenture showed that 80 percent of the 2,012 consumers surveyed from the U.S. and the U.K. between the ages of 20-40 believe privacy is a thing of the past. Even more — 87 percent — say that safeguards aren’t enough to protect personal information. However, about half of these individuals( 49 percent) say they wouldn’t object to companies tracking their buying behaviors if it resulted in more relevant offers, and 64 percent wouldn’t mind text messages while in a store to offer them coupons onsite. Overall, 61 percent believe getting relevant offers is more important than keeping their online activity private.
We know that demographic information is beneficial to customers because it provides them with a more targeted, personalized experience. 90% of execs surveyed by Adage say they’re dependent on consumer data for their marketing efforts. Brands don’t want to waste their time or their prospects’ time sending them messages that won’t convert.
Information storing also benefits customers. When customers store their addresses or credit card information with their favorite online retailers, for example, they’re able to make their purchases more quickly.
Still, consumers are cautious about privacy, and marketers must be increasingly so. As Google’s Eric Schmidt said at the 2015 World Economic Forum in Davos, Switzerland predicted, in the coming years:
There will be so many IP addresses … so many devices, sensors, things that you are wearing, things that you are interacting with, that you won’t even sense [the internet]. It will be part of your presence all the time. So, as an industry concerned with developing new processes and technologies to manage data in support of marketing effectiveness, how can we tread this ever-so-thin line between value and privacy?
To transform your marketing touch points around privacy into a positive customer experience, you should perform the following actions:
To be more thorough with your marketing privacy policies, take the following steps:
The steps above are great general guidelines, but how do you know if your privacy policies are achieving compliance with the onslaught of new regulations coming your way?
In the U.S., there is no single regulator for data protection, as regulations are typically created and enforced by industry or state. One of the most stringent regulations is PCI DSS (Payment Card Industry Data Security Standard), a set of standards created by card issuers such as Visa and MasterCard to ensure the security of credit card details online. In other words, if you run an eCommerce website of any kind, you must follow the rules laid out in PCI DSS. Not doing so will result in fines depending on what ‘level’ (how large) your organization is. Here’s a chart for reference:
The Federal Trade Commission provides additional privacy guidelines for marketers operating in the U.S.
Though the U.S. has made some strides in introducing privacy laws in the past few years, it's still lagging far behind Europe, which continues to put one privacy law after another into effect. And because most of today’s mid to large-sized companies sell their products and services to customers around the world, it’s important to know and understand these regulations and how they impact you if you're a marketer in the States.
The regulation that’s currently on the minds of organizations across the globe is the upcoming EU Data Protection Regulation, which goes into effect on May 25, 2018. Though it says “European” in the title, this law will apply to any company that sells to European citizens or residents-or anyone who creates data in the EU.
This “data creation” could include a purchase or submission of details during a sales or marketing interaction. As you can imagine, that’s influencing marketers across the globe to up their privacy and opt-in requirements to make sure they’re compliant. This law will become the go-to best practice for protecting consumer data. And marketers in the U.S. who don’t adhere to these rules could find themselves in hot water.
Marketers in the U.S. must ensure they are ready for this regulation, along with Europe’s ePrivacy Regulation, which is also set to go into effect next year.
Reed Freeman, a Partner at WilmerHale, discussed the subject of European privacy laws and their effect on the U.S at the Advertising Research Foundation's (ARF) 2017 Audience Measurement Conference in the session What the EU’s GDPR and ePrivacy Regulation mean for US marketers. He states:
“Bullet point number one: It has extraterritorial effect.”[The GDPR] applies to you if you're processing the information of somebody in Europe – [if] you touch it, you process it … If it’s a European resident’s data, the GDPR applies to you, wherever you sit.”
If this doesn’t motivate you, consider that organizations that breach compliance with the new regulation could receive fines of €10m, or 2% of global revenues for smaller offenses and €20m, or 4% of worldwide sales for larger ones. Such steep fines are unfamiliar to most U.S. companies--as are the rules around European data subjects’ personal data and profiling.
As the EU GDPR is a regulation and not a set of guidelines, it will be unlawful to ignore its rules. Here are the elements of the GDPR what will affect email marketing specifically.
Stay diligent. Privacy regulations are constantly changing, and your marketing policies must keep up! It’s not too late to examine your current policies and make changes. Doing so may save you trouble (and fines!) down the road.
Learn everything you need to know about becoming a digital marketing expert on topics such as privacy. Browse our full course catalogue now.