In the age of multiple data privacy laws, stricter self-regulation will ensure marketers’ growth and development
As legislation on data privacy become tighter across the World, CMOs have to be regulations compliant, to ensure they do not suffer the consequences of non-compliances. According to the American Federal Trade Commission’s 2017 Consumer Sentinel Network Data Book, 14% of consumer complaints were about identity theft. This was the second biggest category after debt collection (23%).
The laws that global companies need to consider vary from country to country. Recently there have been very strict enforcement of GDPR, even fines on big brands. The US has California Consumer Privacy Act of 2018, and companies need to consider EU’s ePrivacy, Switzerland and America’s Privacy Shield, Vermont’s Data Brokers law, Georgia’s Digital Privacy, and India’s Data Privacy Framework.
The factors that companies can keep in mind to ensure that they are adhering to laws are:
- Adopt the toughest self-regularity privacy law
Trying to keep up with different privacy laws based on geographical locations can be costly and also difficult to sustain. While every country enforcing differing laws is also a challenge for marketers to meet, a blanket global privacy law may not be the answer. Under the circumstances, companies should adopt a data-privacy program that adheres to most of the international privacy laws. What will work is a self-regulatory framework that takes up maximum compliances, since there are massive overlaps across various laws, in any case. This does not mean that a blanket global privacy practice will solve the issue; the approach has to be about understanding major regulations and their provisions.
- Choose to own Data over Renting from Third-Parties
The safest strategy to ensure data privacy is to rethink their data collection and storage strategies. The ‘less is more’ mentality can help simplify the data stream. Third-party data can be outdated and inaccurate; also the collection system might not have adhered to laws. Investing in a self-data collection will not just ensure the follow of privacy laws, but also be unique information. Also, this collection can be made to yield more information from the data, after permissions have been taken since in many cases the full potential of insights is not utilized. As long as it adheres to privacy permissions laws, these data sets can even be made into a sizeable and unique product offering.
- Know Your Data Inventory
It is important to have an inventory of current and previous data, to be able to comply with the new regulations. The California Consumer Privacy Act and GDPR compliant organizations have to obtain consent from individuals to use their data and disclose the purpose. While enterprises have a data management system or a CRM system, the data is often saved in multiple locations; sometimes the number may go up to 50. If data is stored in different countries and includes customers’ Personally Identifiable Information (PII), it can clash with the local privacy laws.
The bottom line with all these privacy requirements is that data needs to be based on trust between customers and enterprises that collect their information. Today Customers that are willing to share data, want to know about its usage, the security that it will be getting and the promise that it will not be misused. When they have this assurance, whether it is using technology or just very good strategies, the trust built between the collator and the data giver can lead to much better marketing strategies and effective market outreach.
So, fundamentally, all the laws are saying the same thing. Good data-collection practices and better targeting will lead to effective marketing.