Gone are the days of carefree customer data collection. As more and more people become aware of the importance of online privacy, governments are enacting data privacy regulations with equal intensity. These changes may significantly impact your marketing strategy if you’re a digital marketer.
US-focused marketers: Get ready.
COVID-19 has changed the way everyone works, forcing us to pick up new skillsets that may have been outside our typical job scope. Likewise, rapidly emerging US data privacy laws are changing how we work with personal data. If you work in marketing, you need to get ahead of the curve to give yourself—and any company you work for —a competitive advantage.
How can marketers use privacy regulations to their advantage?
From a business perspective
There’s no avoiding privacy compliance. However, weave it into your marketing strategy rather than pin it as another tedious checklist item that you need to cross off ASAP. A 2021 Cisco survey found that consumers care deeply about personal data protection. It also highlighted that consumers are more likely to trust companies that are transparent with personal data collection and usage. A second survey from 2022 showed that for the second year in a row, 90 percent of respondents wouldn’t purchase products or services from businesses with poor data protection policies. External privacy certifications are also critical factors in buying decisions.
This means that you need to promote your organization’s privacy policies as a core benefit to customers who shop from or do business with your brand.
Sonos vs. Google Nest
In 2019, Google publicized that it would update its Nest Guard product to work with Google Assistant. The problem was that Google never told customers that the product even had an internal microphone. There was no mention of it in its hardware specs or marketing materials.
Cue major PR fiasco.
A Google spokesperson haphazardly brushed the issue aside and admitted the error: the “microphone was never intended to be a secret and should have been listed in the tech specs.” Google’s alleged plan was to offer new features in the future, such as the ability to detect the sound of the glass shattering during a break-in. Despite the purported error, consumers were outraged with Google for breaking their trust.
Which company would you prefer to buy speakers with voice assistants from?
From a personal perspective
Understanding privacy regulations and developing marketing strategies that follow Privacy By Design best practices also increases your personal marketability. It’s not easy to develop the skills to ensure that an organization’s mechanism to gather and use personal data for marketing purposes adhere to privacy laws. The EU GDPR and other privacy laws restrict organizations on the personal data they can collect. So, wholesale data collection, use, and sharing won’t be possible anymore. On top of that, it's crucial to develop critical thinking skills to assess customer characteristics or behaviors that will allow you to glean nuanced customer insights. These skillsets will create more value and demand for you.
How do privacy laws specifically affect marketing?
Data privacy laws aim to empower individuals by giving them control over the personal information that companies might collect about them. Personal information is a nuanced concept. Generally speaking, it spans email addresses to biometric data such as photographs or fingerprints.
These privacy regulations have a significant impact on standard digital marketing practices. In February 2022, the French data protection watchdog, CNIL, ruled that a French website needed to remove Google Analytics from its setup because it violated the GDPR. Austrian regulators made a similar ruling the month before. Google Analytics has been a staple in digital marketing for over a decade. With regulators strictly enforcing privacy regulations, you can expect monumental shifts in the way organizations execute their marketing strategies.
While we wait and see what will happen to Google Analytics in the EU, let’s look at privacy compliance for marketing teams. EU’s GDPR, California’s CCPA, and other privacy regulations have several principles that marketers must know.
Information about your privacy policies and practices relating to personal data collection and management shall be readily available to individuals. You need to inform website visitors, typically through a privacy notice on your site, about how you’re collecting, using, sharing, and storing their personal data.
You need to inform website visitors that you’re collecting their data. You also need to explicitly get their prior consent to do so. This primary consent requirement covers newsletter signups, Google Analytics tracking, and targeted advertising. It is also vital that individuals are allowed to withdraw their prior consent. For example, you can provide an unsubscribe option to newsletters that you send.
- Data minimization
You should only collect and keep personal data strictly that’s necessary to succeed in your marketing goals. If you’re selling sneakers, you don’t need to collect customers’ religious affiliation or political information. (Unless that’s your USP. A bit odd, but it could happen.)
- Purpose limitation
Privacy regulations state that if you’re collecting data for one business purpose, it shouldn’t be used for another purpose that is inconsistent with the first purpose. For example, suppose you’re working for an e-commerce site that collects emails as part of the order fulfillment process. In that case, you can’t grab those duplicate emails for a remarketing campaign. Why? Because shoppers only consented to provide their email so they could complete their purchase with your site. You need to include a checkbox that asks them to opt-in to your marketing emails to avoid violating privacy laws. Similarly, other departments in your organization shouldn’t be able to use personal data collected primarily for marketing purposes, such as training an AI algorithm for a new product feature.
- Integrity and confidentiality
You must ensure that you have appropriate security measures to protect the personal data you store. Collect personal data from your clients or prospective customers to help achieve your marketing goals. You must protect data from unauthorized or unlawful processing and accidental loss, destruction, or damage.
You must apply these five fundamental principles to minimize your risk of fines and penalties, as well as subsequent PR scandals that can damage your brand and reputation.
Marketing best practices for data privacy compliance
As a marketer, it’s not up to you alone to ensure privacy compliance. You will need the help of your colleagues in other departments to put an effective privacy management program in place, which will require senior leadership buy-in.
- Assign a point person to handle privacy compliance within your marketing team.
- Review your marketing goals and establish what personal data is absolutely critical for you to collect.
- Review the personal data you’re collecting and remove the collection of unnecessary information.
- Review the privacy policies of third-party apps or software and stop usage if any are non-compliant with privacy laws.
- Privacy notices must be given before the collection of personal data.
- Add cookie consent forms that require opt-in, not opt-out, and allow individuals to easily opt-out or unsubscribe from marketing campaigns at any time.
- Add clear and specific statements in every cookie consent form describing:
- How will you use the data you’re collecting? Email marketing? Targeted LinkedIn ads?
- Will any of your affiliates or marketing partners reach out to them?
- What data access rights will individuals have over the data you collected?
- Educate and train your marketing team about privacy compliance and their obligations
- If relevant, talk to the product team about designing features with privacy in mind as part of your overall business strategy.
- Always stay up to date on privacy regulations because the laws constantly evolve.
Digital marketing is changing in a big way as new data privacy regulations take effect. All organizations need to evolve along with it. That’s an extensive compliance checklist, we know. But there’s no need to do it alone. We’re happy to help you achieve privacy compliance to continue executing your effective marketing strategies.