Is there a privacy crisis? Yes. Consumers are coming to grips with the reality that brands, regardless of whether they have a relationship, have uncomfortable amounts of data on them. Data these days has as much value as oxygen, but both consumers and marketers have had a complicated relationship with the privacy and protection of it.

Consumers are in conflict. They want personalization in their content, interactions, products and services – from awareness to post-purchase in B2B and B2C journeys. At the same time however, they have legitimate anxiety over what, how and where their personal information is being stored, used and by whom. Can you blame them? This week’s newsfeed included data breaches for Saks Fifth Avenue, Panera, and MyFitnessPal app along with the latest in the Apple vs. Facebook drama.

Marketers need data to deliver an ideal customer experience, quality leads to sales, feedback to the organization, etc. We need that data to make decisions to support our business’s growth objectives. We create personas and journey maps from data. We measure performance and impact from data. We advertise on digital sites and social networks. We share data with our partners. We are reliant on data.

Now, people are struggling to comprehend the nature and scope of what has been collected on them. They were willing to trade some personal information for improved experiences and products as part of an unspoken contract with companies of their choosing. But, to a point. Often marketers tend to capture excessive detail and history about a person when they unknowingly offer it. It would be wise to remember that just because we can, doesn’t always mean we should.

Don’t panic. Digital privacy doesn’t have to be an oxymoron; it is attainable. In fact, there is a blueprint available for brands to improve or change their data collection and security practices. Europe – and companies that do business there – are currently preparing for GDPR (General Data Protection Regulation) to roll out next month. Europe has been coming together to standardize regulations and protections for their people’s data. North American based companies that want to be proactive about their data collection practices and privacy policies can adopt the same principles that make up GDPR.

  1. Don’t assume you can contact folks. Companies will be fined if they email (even mistakenly) to people that that have opted out. No more lead scraping and selling will be allowed either.
  2. Data shouldn’t last forever. This is the notion that people have the right to be forgotten (especially after they opt out). Surprisingly purging data has proven troublesome for a lot of companies.
  3. Cybersecurity planning is a requirement as is customer notification upon a breach.
  4. Marketers will need to stop collecting unnecessary facts about people. In fact, they have to justify what they do collect. Data needs to have a purpose.

Some of the implications for marketers include:

  • Direct impact on email marketing and folks responsible for lead gen
  • Requires a level of quality CRM and automation technologies to work bug free
  • Increased use of subscription/opt-in pop-ups on digital properties
  • Increased gating, but less required questions/fields
  • Shift towards social sales and online community engagement
  • Clean and relevant data sets

They are not all bad; some of them are favorable, in fact. Who doesn’t want increased interaction on social and community platforms and more qualified leads? And, considering that buyers will want transparency and reassurance on how their data is used and protected, it makes sense to get started now. Here’s how:

  • First, conduct a full data audit. What do you track and how, how many years’ worth, etc.? Is this data accessible to others in the organization? Outside of the organization? This can be eye-opening as many marketers don’t even know what data is available.
  • Audit your customer database and purge old leads, opt-outs, etc. Contact and engage with people that have clearly expressed consent to do so.
  • Map the customer journey and inventory all of the opt-in points, processes and associated customer language.
  • Assess your partnerships and agreements with other companies and entities. Protect against unethical “surprises” like Cambridge Analytica or Grindr more recently.
  • Take a hard look at your privacy policy – is it clear and concise like the FTC recommends? Or is it full of legal jargon? Does it fulfill on its promise of protecting privacy? Is it adequate in scope of what it addresses? Is it too long or too short? Rewrite it with these guideposts in mind and notify your users/customers of the change.

The FTC will eventually weigh-in and require noticeable changes to language and visuals. Then, regulations for U.S. data protection similar to the EU will likely follow. It makes sense to have a data strategy in place that addresses security, access and use sooner rather than later. Your customers are relying on you to keep their information safe and do right by it. Stay tuned to the news and blogs and pay attention to our European counterparts. The conversation on and examination of privacy has only just begun. Data collection will have far reaching implications to our future technology and marketing practices for years to come.

Jennifer Voisard

Jennifer Voisard

Senior Consultant

Jenny is a digital content strategist, who leads customer-centric engagements that focus on understanding B2B buying behaviors and developing custom roadmaps.

Her expertise is creating buyer personas and mapping digital content journeys to assess the multi-channel user experience. She helps clients operationalize plans across workstreams and identifies processes to create efficiencies in marketing operations. Jenny also has extensive time under her belt developing and managing customer advocacy programs and community building.

She has helped a diverse group of organizations including Cisco, VMware, Verizon, Microsoft, Dell, BMO Harris, Capital One and many others become more customer-centric.