Competition: Another Big DC Week for Tech (Where Do We Go From Here?)

When the leaders of Amazon, Apple, Facebook, and Google come to Washington, you know there’s going to be a lot of posturing – and it’s usually not (just) from the witnesses.

The focus this past week was the House Judiciary Subcommittee on Antitrust Law rather than privacy, security, and foreign influence – topics of previous high-profile hearings. Yet the out-sized attention on these leading executives and companies – all of them U.S.-based – is actually a testament, in my humble opinion, to the power of data, information, and innovation at work advancing the American and global economy. Has this exercise and accumulation of power been benign, beneficial… or harmful?

I’ve not been shy to tout the conveniences and benefits that we’ve accrued and enjoyed as a result of responsible data use. Yet I do not dismiss an investigation of harm, unintended or otherwise. Simply, I ask that in our zeal to rein in questionable practices, let’s flash a sign to policymakers: “Handle with Care.”

The world has embraced the Information Economy. It just so happens, not by accident, that the United States has both many global leaders (four of them visiting DC) and – it must be said – a long tail of innovative companies that want to grow, prosper, and potentially join the ranks of the next big, successful data-driven entities.

As Americans, we should do all we can to recognize our own advantage, and to encourage such business ingenuity – for a better world.  Transparency, control, and civil liberties must be protected… that’s all.

There’s a part of me – with my direct marketing heritage – that’s utterly in awe of what these companies have achieved, each of them forging their own paths to business success, and doing so in a way that has cultivated and curated data – marketing and otherwise – to create in each a global powerhouse. Digital has always been “direct marketing on steroids” (please let me know who coined this phrase), and many of these companies achieved their success through a fervor for measurability and accountability.

But the question of the day – antitrust – is a very serious charge. 

Practically every business revolution in the age of capitalism – oil, banking, computing, communications, digital, among others – have had to grapple with the question, how much power is too much? What constitutes “too big” in the Information Economy? Though no one has gone there yet, could there ever be a concept in the digital world as Wall Street’s “too big to fail” – in reference to our banking giants?

I myself don’t have these answers, but I do think it’s worth looking (again) to our digital and direct marketing heritage for some guidance. Certainly any new federal laws and regulation, such as for privacy, ought to be pragmatic in their approach – rather than overly prescriptive. We have a blueprint for a federal privacy law in Privacy for America, for example, which seeks to discern reasonable from unreasonable data uses.

Some consideration, please.

  • What if we held out that data collected for marketing use should be used for marketing purposes only? What non-marketing uses – product development and design possibly – might also be acceptable?
  • Should personally identifiable data collected for marketing use ever or always be anonymized for non-marketing use? Certainly, let’s make sure we can recognize consumers as they jump from device to device and across digital and offline platforms, if for no other reason than marketing or fraud prevention purposes. These aims grow the economy, serve consumers, and finance vital social aims such as news reporting.
  • Under what circumstances should private-sector data be handed over to government sources? What legal protections should govern such handovers – subpoenas and otherwise? It’s a borderless world. What access should foreign governments have to such data, about U.S. citizens or from other jurisdictions? It’s a fine line – or even a fuzzy blur – between anti-terrorism and unwanted surveillance of ordinary people.
  • And of course, there’s anti-competition. Data enablement and data sharing should grow the economy, foster competition, and serve consumers. Laws – whether anti-competition or privacy – should seek the same, and not undermine innovation. For example, the current demonization of third-party data feeds a frenzy that concentrates first-party data collection and power in “walled gardens” – where knowledge about customers’ marketing preferences often becomes incomplete and clouded. Could policymakers use their pen unwittingly to diminish the long tail of ad tech to detrimental effects? Even (some) Europeans have questioned what they’ve done.

As far as bias is concerned, add my voice to those who wish to do our utmost to minimize and eliminate protected-class discrimination in our algorithms and artificial intelligence – gender, race, religion, sexual preference – as we practice the art and science of commerce.

All the same, I have deep sympathy for this same task regarding political free speech: when and how we would ever attempt to define and remove political bias is dangerous territory. What is a lie? What is hate speech? What is a conservative or liberal bias?

There are no easy answers here. But I look forward to this public investigation, all the same. We need to understand fully where the Information Economy may overstep, overreach, restrict free speech, or undermine competition – even if these grievances are found to be remote.

A Map or a Matrix? Identity Management Is More Complex By the Day

A newly published white paper on how advertisers and brands can recognize unique customers across marketing platforms underscores just how tough this important job is for data-driven marketers.

As technologists and policymakers weigh in themselves on the data universe – often without understanding the full ramifications of what they do (or worse, knowing so but proceeding anyway) – data flows on the Internet and on mobile platforms are being dammed, diverted, denuded, and divided.

In my opinion, these developments are not decidedly good for advertising – which relies on such data to deliver relevance in messaging, as well as attribution and measurement. There is a troubling anti-competition mood in the air. It needs to be reckoned with.

Consider these recent developments:

  • Last week, the European Court of Justice rendered a decision that overturned “Privacy Shield” – the safe harbor program that upward of 5,000 companies rely upon to move data securely between the European Union and the United States. Perhaps we can blame U.S. government surveillance practices made known by Edward Snowden, but the impact will undermine hugely practical, beneficial, and benign uses of data – including for such laudable aims as identity management, and associated advertising and marketing uses.
  • Apple announced it will mandate an “opt-in” for mobile identification data used for advertising and marketing beginning with iOS 14. Apple may report this is about privacy, but it is also a business decision to keep Apple user data from other large digital companies. How can effective cross-app advertising survive (and be measured) when opt-in rates are tiny? What about the long-tail and diversity of content that such advertising finances?
  • Google’s announcement that it plans to cease third-party cookies – as Safari and Mozilla have already done – in two years’ time (six months and ticking) is another erosion on data monetization used for advertising. At least Google is making a full-on attempt to work with industry stakeholders (Privacy Sandbox) to replace cookies with something else yet to be formulated. All the same, ad tech is getting nervous.
  • California’s Attorney General – in promulgating regulation in conjunction with the enforcement of the California Consumer Privacy Act (in itself an upset of a uniform national market for data flows, and an undermining of interstate commerce) – came forth with a new obligation that is absent from the law, but asked for by privacy advocates: Companies will be required to honor a browser’s global default signals for data collection used for advertising, potentially interfering with a consumer’s own choice in the matter. It’s the Do Not Track debate all over again, with a decision by fiat.

These external realities for identity are only part of the complexity. Mind you, I haven’t even explored here the volume, variety, and velocity of data that make data collection, integration, analysis, and application by advertisers both vital and difficult to do. As consumers engage with brands on a seemingly ever-widening number of media channels and data platforms, there’s nothing simple about it. No wonder Scott Brinker’s Mar Tech artwork is becoming more and more an exercise in pointillism.

Searching for a Post-Cookie Blueprint

So it is in this flurry (or fury) of policy developments that the Winterberry Group issued its most recent paper, “Identity Outlook 2020: The Evolution of Identity in a Privacy-First, Post-Cookie World.”

Its authors take a more positive view of recent trends – reflecting perhaps a resolve that the private sector will seize the moment:

“We believe that regulation and cookie deprecation are a positive for the future health and next stage of growth for the advertising and marketing industry as they are appropriate catalysts for change in an increasingly privacy-aware consumer environment,” write authors Bruce Biegel, Charles Ping, and Michael Harrison, all of whom are with the Winterberry Group.

The researchers report five emerging identity management processes, each with its own regulatory risk. Brands may pursue any one or combination of these methodologies:

  • “A proprietary ID based on authenticated first-party data where the brand or media owner has established a unique ID for use on their owned properties and for matching with partners either directly or through privacy safe environments (e.g.: Facebook, Google, Amazon).
  • “A common ID based on a first-party data match to a PII- [personally identifiable information] based reference data set in order to enable scale across media providers while maintaining high levels of accuracy.
  • “A common ID based on a first-party data match to a third-party, PII-based reference data set in order to enable scale across media providers while maintaining high levels of accuracy; leverages a deterministic approach, with probabilistic matching to increase reach.
  • “A second-party data environment based on clean environments with anonymous ID linking to allow privacy safe data partnerships to be created.
  • “A household ID based on IP address and geographic match.”

The authors offer a chart that highlights some of the regulatory risks with each approach.

“As a result of the diversity of requirements across the three ecosystems (personalization, programmatic and ATV [advanced television]) the conclusion that Winterberry Group draws from the market is that multiple identity solutions will be required and continue to evolve in parallel. To achieve the goals of consumer engagement and customer acquisition marketers will seek to apply a blend of approaches based on the availability of privacy-compliant identifiers and the suitability of the approach for specific channels and touchpoints.”

A blend of approaches? Looks like I’ll need a navigator as well as the map. As one of the six key takeaways, the report authors write:

“Talent gaps, not tech gaps: One of the issues holding the market back is the lack of focus in the brand/agency model that is dedicated to understanding the variety of privacy-compliant identity options. We expect that the increased market complexity in identity will require Chief Data Officers to expand their roles and place themselves at the center of efforts to reduce the media silos that separate paid, earned and owned use cases. The development of talent that overlaps marketing/advertising strategy, data/data science and data privacy will be more critical in the post-cookie, privacy-regulated market than ever before.”

There’s much more in the research to explore than one blog post – so do your data prowess a favor and download the full report here.

And let’s keep the competition concerns open and continuing. There’s more at stake here than simply a broken customer identity or the receipt of an irrelevant ad.

The U.S. Postal Service Needs Financial Protection

Even in crisis, exacerbated by COVID-19, there’s not likely to be new postal reform bill any time soon. So here we are now: the U.S. Postal Service needs financial protection.

COVID-19 may have frozen ad budgets, including direct mail, but the financial woes of the U.S. Postal Service have pre-dated the current crisis. Calls for postal reform to facilitate all types of fiscal fixes have gone unanswered, despite bipartisan support to get the job done. Huge Congressional mandates from 2006 to pre-fund healthcare costs for future retirees – which do not exist to any such extent in the private sector – are just one example of how politicking gets in the way of running USPS more efficiently.

On paper, the U.S. Postal Service should be holding its own. And it had been through the end of last year.

A Formidable Job of Management Couldn’t Predict a Crash

Mix and match, but it’s been managed. In 2010, First-Class Mail volume was 77.6 billion pieces. In 2019, it was 54.7 billion – a nearly 30% decline. Marketing Mail also declined, but less precipitously – from 81.8 billion pieces to 75.7 billion. Meanwhile, as direct-to-consumer (DTC) shopping has taken hold, parcel volume has doubled from 3.1 billion to 6.2 billion package deliveries, making the USPS truly the Greatest Carpool on Earth. (Happy Earth Day.)

And though there is mail volume decline, the “mail moment” remains vital, and delivery points have increased from 150.9 million in 2010 to 160 million in 2019. Against this expanse, the USPS has shed 93,000 jobs in 10 years, maintaining 497,000 positions in 2019.

Throughout all this, USPS operating revenue has increased to more than $71 billion, from $67 billion in 2010. Rate hikes have been predictable and better managed. So why the carnage?

Yes, it’s COVID-19. Mail volumes reportedly have dropped by 30% since the crisis began. Add to this the hands-tied effects of the Congressional mandates – and it’s no wonder the USPS Postmaster General is seeking a “we need cash” bailout. This time, will Congress – and The White House – answer the call? According to The Washington Post, as of Friday, April 24, President Trump stated he would not approve of emergency aid for the Postal Service if it didn’t raise prices for package delivery immediately.

We Can Debate the Amount – But Let’s Recognize These Heroes at Work

The U.S. Postal Service is a quasi-governmental operation that answers by U.S. Constitution to the American people – but is called upon to run as a business. And it indeed tries. Yet it can’t just set rates on its own, as everyone gets a voice in rate-making and operations, even competitors.

Even in crisis, exacerbated by COVID-19, there’s not likely to be new postal reform bill any time soon. So here we are now: the U.S. Postal Service needs financial protection.

It’s hard to blame the USPS, but that doesn’t stop President Trump from calling out sweetheart deals that don’t exist. Add to the cacophony those who wish to privatize – answer to shareholders instead of the public – and sparks fly. Postal labor interests, for one, are powerful – and so are marketing mail and parcel customers. No one wants to upend the letter carrier.

But a virus might just do that.

So as I put on my mask and gloves, and go to the mailbox as part of my daily heightened ritual, I retrieve my personally addressed parcels, flats and letters. I spray them with Lysol. I open and read each piece, and I recycle each piece when I’m done (Happy Earth Day again). And I wish Godspeed, and a few billion tax dollars, to all these postal heroes who are keeping American commerce every day in movement. We need you. America needs you. Thank you.

COVID-19’s Effect on the USPS and Direct Mail Marketing

We’ve heard a lot on the news about essential businesses during COVID-19, but one we all count on that is not mentioned much is the USPS. The Postal Service, like many of us, have been greatly impacted by this crisis, and so has direct mail marketing in general.

What strange times we are living in right now as individuals and businesses. In 29 years of working with direct mail, I have never seen anything like this. We’ve heard a lot on the news about essential businesses during COVID-19, but one we all count on that is not mentioned much is the USPS. The Postal Service, like many of us, have been greatly impacted by this crisis, and so has direct mail marketing in general.

First there has been a dramatic drop in marketing mail with numerous events canceled and businesses shuttered, causing a need to send fewer mail pieces. Second, the USPS must maintain facilities and personnel based on CDC guidelines, which can be very difficult in a processing facility. For more details on that, you can read the statement that was issued to address this. And third, the USPS was already having financial troubles before the crisis without congressional action.

To address the drop in marketing mail, Mailers Hub along with several other industry associations have sent a letter to Postmaster General Megan Brennan and Robert Taub, chairman of the Postal Regulatory Commission (PRC) to express concern about marketing mail volumes.

They offered suggestions like a per-piece discount, deferring collections, extending or adding promotions and incentives, and deferring planned price changes for international mail.

As the letter stated, “Now is the time for action from the Postal Service and the PRC to keep businesses using the mail.” While the USPS may understand this, the challenge will be to find a “stimulus” for mailers that is within the limitations of the CPI cap and the rate setting process that the PRC is charged with enforcing. What the USPS may want to do to help mailers and what the law allows them to do may be very different.

So, one would think that when Congress is working on legislation to help businesses and individuals through this crisis that there would be some help for the post office as well. Check out what Leo Raymond, Managing Director of Mailers Hub wrote in the last newsletter issue:

“By voice votes in the Senate on March 26 and the House on March 27, Congress last week passed HR 748, the Middle-Class Health Benefits Tax Repeal Act of 2019, a $2.2 trillion program to help the nation’s economy and citizens deal with, and recover from the consequences of the ongoing virus-related crisis. Conspicuously missing was any aid for the Postal Service.

Instead, the bill only allowed it to borrow another $10 billion from the Treasury, going even deeper in debt. The final version of the bill was a dark disappointment for many in the mailing industry as well as the postal unions and their allies, who’d hoped Congress would use the occasion to lift some of the Postal Service’s burden of debt – not make it worse.”

From Target Marketing’s sister brand, Printing Impressions, Lisbeth A. Lyons VP, Government and External Affairs of the Printing Industries of America (PIA) shared additional thoughts about the $10 billion line of credit, and what PIA is looking to do in regard to the situation:

“This is a short-term victory as it throws a lifeline to USPS, which is reporting an 18-percent drop in entered mail this week as compared to the same week last year. However, simply extending more credit is not the best solution to what could be an impact to USPS greater than that of lost volume and revenue post-9/11 or post-2008 financial crisis. PIA is redoubling efforts to achieve more structural changes and financial stabilization such as full repeal of the onerous pre-funding of retiree health benefits requirement in the next phase of Congressional response to COVID-19.”

This crisis is going to go on for a while and those of us that send direct mail could use some relief in order to get marketing mail numbers back up. We have seen movement in the B2C mail stream as many people are now stuck at home; well-designed and executed direct mail is something they look forward to getting.

Sending Direct Mail During COVID-19

If you are a B2C marketer, you should take advantage of this situation and provide good quality direct mail offers that your customers can use. On the other hand, the B2B market is a whole other story. With many companies closed and employees working from home, your direct mail may not get to the right person. For now, you should plan to hold your mail pieces until your customers return to the office, and consider other channels that may be more appropriate for reaching your B2B customers.

As we continue to navigate the coronavirus pandemic and get closer to reopening the country fully, you can expect marketers to be planning and executing as many relevant marketing campaigns as possible to help get our economy moving again. What has been happening in your area? Do you have any bright spots to share? Let us know in the comments!

Data Love Story in the USA With a Few Spats, Too

You might call this time of year, Jan. 15 to March 15, marketing data’s “high season,” based on all of the goings-on. There’s a lot of data love out there — and, like all relationships that are precious, they demand a huge amount of attention, respect, and honor — and celebration.

I’ve been enjoying Alliant’s “Data and the Marketer: A Timeless Love Story” postings this month, leading up to Valentine’s Day.

You might call this time of year, Jan. 15 to March 15, marketing data’s “high season,” based on all of the goings-on:

The Alliant infographic download got me thinking of some other “key” dates that might also be recognized on the Data Love calendar, reflecting other aspects of the love story. Not all love affairs are perfect — are there any? Sometimes there’s a quarrel and spats happen, without any abandonment of a full-on love affair.

  • 1960 — The Direct Marketing Association (then, DMAA) develops its first self-regulatory ethics code for data and lists, in an early industry initiative to separate the good from bad players. It becomes the basis for practically every data protection (and consumer rights) framework since.
  • 1971 — The Mail Preference Service is launched (today DMAChoice) the first marketing industry opt-out control program for consumers — the essential framework for every consumer choice tool in marketing (in-house and industry-wide) since.
  • 1973 — The U.S. Department of Health, Education, and Welfare introduces and adopts eight Fair Information Principles. In 1980, the Organization of Economic Co-operation and Development adopts these principles for trans-border data flows. In 1995, The European Union, among other governments, enact variation and interpretation of these formally into law, eventually adopting the EU General Data Protection Regulation in 2018.
  • 1991 — Jennifer Barret is named Acxiom’s privacy leader — among the first enterprises to name what essentially would become a “chief privacy officer.” In 2000, Trevor Hughes launches the International Association of Privacy Professionals. A nascent cottage industry evolves into a huge professional education and development organization that today includes tens of thousands of members.
  • 1992 — A nonprofit and privacy advocacy organization, the Privacy Rights Clearinghouse, is formed, and soon thereafter begins tracking data security breaches, both public and private sector. Its breach list since 2005 is posted here. Data privacy and data security, as evidenced in Fair Information Practice Principles, go hand-in-hand.
  • 1994 — The first online display ad appears on the Internet, by AT&T. (And the first commercial email perhaps the same year.) So marked the humble beginnings of Internet marketing — “direct marketing on steroids.” I thought Jeff Bezos used this term in Amazon (formed 1994) early days during a DMA conference – but alas, I’m having a hard time sourcing that one. Perhaps this quote was related to Google (formed 1998) and the real-time relevance of search!
  • 1995-96 — Subscriber Ram Avrahami asserts a property right to his name in a lawsuit against S. News and World Report. Because he thwarted the spelling of his name on the magazine’s list – in a bid to discover who else the magazine rents its subscriber list to – the court ultimately rejects his challenge. The case, however, introduces a novel concept and set of questions:Is the value of any list or database tied to the presence of any one individual name on that list, a penny a name in this case?  Or, is its value because of the sweat of the brow of the list/database creator (a business, nonprofit group, or other entity) that built a common attribute to which a list may derive commercial value?The “walled gardens” of today’s Digital Giants largely were built on such data collection. These two questions recognize that a “data-for-value” exchange must be perceived as mutually beneficial, or else consumer trust is eroded. “Who owns the data?” (a 20th Century assertion) might be better substituted today as “Who has a shared interest in the value and protection of data?” (a 21st Century proposition).
  • 2006 — Facebook is formed, among the first companies that created a “social network.” (I’m sure the adult content sector preceded it, as it often points us the way.) In one industry after another, digital disruption reorders supply chains, consumer-brand relationships, shopping practices, and name-your-own-business here. The Great Recession, and venture capital, serves to speed the quest for data-defined efficiency and transformation.
  • 2017 — Equifax, one of the United States three leading credit and information bureaus on Americans, experiences a breach of epic proportions. While the nation was fascinated with subsequent public hearings about Facebook, its data deals, and its (ahem, beneficial) targeted advertising practices, a potentially much more egregious purveyor of harm – sponsored government hacking of the highest order – largely gets a ho-hum from the general public, at least until this past week.
  • 2020 — California fragments online privacy protection in the United States – only underscoring the need for the federal government to act sooner than later. Support Privacy for America.

So, yes, there’s a lot of Data Love out there — and, like all relationships that are precious, they demand a huge amount of attention, respect, and honor — and celebration. See you soon in Orlando!

 

 

More Rules and Regulations for Content Marketers

So, content marketers, let’s talk about the regulatory environment more broadly, because one thing is for certain: the web, as wild and woolly as online discourse may be, is no longer the Wild West. Online marketing is now being held to a much higher standard.

Privacy protection, accessibility, and copyright —  oh, my!

Last time around, we talked about data privacy regulations as they apply to non-transactional sites. As confusing a landscape as those regulations currently present, they’re not the only regulations with which you need to be aware and compliant.

So, let’s talk about the regulatory environment more broadly, because one thing is for certain: the web, as wild and woolly as online discourse may be, is no longer the Wild West. Online marketing is now being held to a much higher standard than it has been, so you’ll want to be sure you have a plan in place to build your site by the book and to remain compliant. Otherwise, you risk spending more time talking to lawyers than to prospects.

Accessibility

If you built your website without accessibility in mind, chances are you’re not going to be happy when your website developers tell you what it’s going to cost to make it compliant. In many cases, it can make more sense to start from scratch, given the investment involved.

On the plus side, the cost to design and build a new website with compliance in mind is only incrementally greater than building that same site without WCAG Level AA compliance as your goal.

There is some extra work to be done, but for the most part, compliance requires a change in mindset for designers and some slightly different coding tactics for the dev team. Once that’s in place, it’s really only a matter of making sure new content additions are made in a compliant manner. (Image alt tags must be included, for example.)

You’ll want to include an accessibility statement on your site that includes a way for visitors who are having trouble consuming your content to contact you and seek remediation.

Privacy and Data Protection

As we’ve discussed, you need a privacy policy and you need to abide by it. If you haven’t told people that you’re planning on selling their email addresses to the highest bidder, you probably can’t. (Regulations differ by jurisdiction and industry; check with a lawyer.)

Once you have a collection of data, you need to take steps to keep that data safe, both in storage and in any transmittal or other use. Again, your industry may have specific compliance standards that you have to meet, and you may need to document the protections you’ve put in place.

Copyright

If you don’t own it, don’t publish it. This should be obvious, but often marketers make mistakes that can be costly.

Images are the most common area where errors occur. Doing a web search and then publishing any old image you find is a recipe for disaster. Going through a respected stock image library and paying for the images you use is the safest approach.

If you’d prefer not to go that route, you can use the Google Advanced Image Search tool. It is an excellent way to search for images to use in your digital marketing if you filter to include only those that are “free to use, share, or modify, even commercially.”

Don’t even think about trying to use an image from a stock image library without licensing it. They can and will find you. They can and will demand payment, usually well beyond what the initial license would have cost. (Also worth noting is that technically, for most stock image libraries, any image you use should be licensed under your firm’s name rather than by your design agency. That approach is also just smart business, because you may not always be working with that design team.)

When copy is purloined, it’s even easier to track down. Even if you get away with it, the search engines may very well penalize you for publishing duplicate content. There are other ways to get on the search engines’ bad sides, so be careful if you’re republishing content from other sources, even if it’s content that you have the right to republish.

Finally, think twice before stealing code. It’s an open source world, but that doesn’t mean you’re free to take and use anything you find in your travels. At the very least, attribution may be required. Most code libraries, snippets, etc., may require license fees — regardless of how they’re used. Some require payment only if you want updates or support. This can be harder for marketers to police, so be sure to have a regularly scheduled review with your dev team.

Spend Time on This

These regulations — and whatever may be coming down the pike in the future — make investing in digital expertise ever more important. Your team needs the time and mandate to stay on top of what regulations apply to your business and best practices for remaining compliant.

What Did You Do on Data Privacy Day 2020? Do Tell Us.

Each year, Jan. 28 is known as “Data Privacy Day” in the United States and globally — also Data Protection Day in other jurisdictions. As business organizations — and marketers — we see that it’s a day when consumers are reminded to exercise their “privacy rights.”

Each year, Jan. 28 is known as “Data Privacy Day” in the United States and globally — also Data Protection Day in other jurisdictions.

As business organizations — and marketers — we see that it’s a day when consumers are reminded to exercise their “privacy rights” and take advantage of tips and tricks for safeguarding their privacy and security. In our world of marketing, there are quite a few self-regulatory and co-regulatory tools (U.S. focus here) that enable choices and opt-outs:

  • To opt out of commercial email, direct mail, and telemarketing in certain states, consumers can avail themselves of DMAchoice. For telemarketing, they can also enroll on the Federal Trade Commission’s Do Not Call database.
  • For data collected online for interest-based ads, consumers can take advantage of Digital Advertising Alliance’s WebChoices and Network Advertising Initiative consumer control tools, which are accessible via the ubiquitous “AdChoices” icon. DAA also offers AppChoices, where data is collected across apps for interest-based ads. [Disclosure: DAA is a client.]
  • Now that California has a new consumer privacy law, consumers there can also take advantage of DAA’s new “Do-Not-Sell My Personal Information” Opt Out Tool for the Web. Its AppChoices mobile app also has a new CCPA opt-out component for “do not sell.” Publishers all over the Web are placing “Do Not Sell My Personal Information” notices in their footers, even if others outside California can see them, and offering links to their own in-house suppression lists, as well as DAA’s. Some publishers are using new the Privacy Rights icon to accompany these notices.

Certainly, businesses need to be using all of these tools — either as participants, or as subscribers — for the media channels where they collect, analyze, and use personal and anonymized data for targeted marketing. There’s no reason for not participating in these industry initiatives to honor consumer’s opt-out choices, unless we wish to invite more prescriptive laws and regulations.

We are constantly reminded that consumers demand high privacy and high security — and they do. We also are reminded that they prefer personalized experiences, relevant messaging, and wish to be recognized as customers as they go from device to device, and across the media landscape. Sometimes, these objectives may seem to be in conflict … but they really are not. Both objectives are good business sense.

As The Winterberry’s Group Bruce Biegel reported while presenting his Annual Outlook for media in 2020 (opens as a PDF), the U.S. data marketplace remains alive and well. For data providers, the onus is to show where consumer permissions are properly sourced, and transparency is fully authenticated and demonstrated to consumers in the data-gathering process. It’s a rush to quality. Plainly stated, adherence to industry data codes and principles (DAA, NAI, Interactive Advertising Bureau, Association of National Advertisers, among others) are table stakes. Going above and beyond laws and ethics codes are business decisions that may provide a competitive edge.

So what did I do on Data Privacy Day 2020? You’re reading it!  Share with me any efforts you may have taken on that day in the “public” comments below.

How New Data Protection Laws Affect Your Non-Transactional Website

Good news! Regulatory agencies are taking privacy policies and data protection more seriously than ever. Bad news! Regulatory agencies are taking privacy policies and data protection more seriously than ever.

Good news! Regulatory agencies are taking privacy policies and data protection more seriously than ever.

Bad news! Regulatory agencies are taking privacy policies and data protection more seriously than ever.

The increased regulatory activity is certainly good news for all of us as consumers. As marketers, that silver lining can be overshadowed by the cloud of fear, uncertainty, and doubt — to say nothing of the potentially enormous fines — attached to these new regulations. Let’s take a look at what your responsibilities are (or are likely to become) as privacy regulations become more widely adopted.

Before we begin: I’m not a lawyer. You should absolutely consult one, as there are so many ways the various regulations may or may not apply to your firm. Many of the regulations are regional in nature — GDPR applies to the EU, CCPA to California residents, the SHIELD Act to New York State — but the “placelessness” of the Internet means those regulations may still apply to you, if you do business with residents of those jurisdictions (even though you’re located elsewhere).

Beyond Credit Cards and Social Security Numbers

With the latest round of rules, regulators are taking a broader view of what constitutes personally identifiable information or “PII.” This is why regulations are now applicable for a non-transactional website.

We are clearly beyond the era when the only data that needed to be safeguarded was banking information and social security numbers. Now, even a site visitor’s IP address may be considered PII. In short, you are now responsible for data and privacy protection on your website, regardless of that website’s purpose.

Though a burden for site owners, it’s not hard to understand why this change is a good thing. With so much data living online now, the danger isn’t necessarily in exposing any particular data point, but in being able to piece so many of them together.

Fortunately, the underlying principles are nearly as simple as the regulations themselves are confusing.

SSL Certificates

Perhaps the most basic element of data protection is an SSL certificate. Though it isn’t directly related to the new regulatory environment it’s a basic foundational component of solid data handling. You probably already have an SSL certificate in place; if not, that should be your first order of business. They’re inexpensive — there are even free versions available — and they have the added benefit of improving search engine performance.

Get Consent

Second on your list of good data-handling practices is getting visitor consent before gathering information. Yes, opt-in policies are a pain. Yes, double opt-in policies are even more of a pain — and can drive down engagement rates. Both are necessary to adhere to some of the new regulations.

This includes not only information you gather actively — like email addresses for gated content — but also more passive information, like the use of cookies on your website.

Give Options

Perhaps the biggest shift we’re seeing is toward giving site visitors more options over how their PII is being used. For example, the ability to turn cookies off when visiting a site.

You should also provide a way for consumers to see what information you have gathered and associated with their name, account, or email address.

Including the Option to Be Forgotten

Even after giving consent, consumers should have the right to change their minds. As marketers, that means giving them the ability to delete the information we’ve gathered.

Planning Ad Responsibilities For Data Breaches

Accidents happen, new vulnerabilities emerge, and you can’t control every aspect of your data handling as completely as you’d like. Being prepared for the possibility of a data breach is as important as doing everything you can to prevent them in the first place.

What happens when user information is exposed will depend on the data involved, your location, and what your privacy and data retention policies have promised, as well as which regulations you are subject to.

Be prepared with a plan of action for addressing all foreseeable data breaches. In most cases, you’ll need to alert those who have been or may have been affected. There may also be timeframes in which you must send alerts and possibly remediation in the form of credit or other monitoring.

A Small Investment Pays Off

As a final note, I’ll circle back to the “I’m not a lawyer” meme. A lawyer with expertise in this area is going to be an important part of your team. So, too, will a technology lead who is open to changing how he or she has thought about data privacy in the past. For those who haven’t dealt with transactional requirements in the past, this can be brand new territory which may require new tools and even new vendors.

All of this comes at a price, of course, but given the stakes — not just the fines, but the reputational losses, hits to employee morale, and lost productivity — it’s a small investment for doing right by your prospects and customers.

Marketers Caroling to CCPA: ‘Winter Wonderland’

Marketers caroling may not be what immediately comes to mind to get you in the holiday spirit, but here’s a little ditty about how useful data is to marketers. Sing it along to the melody of “Winter Wonderland.”

To all my many friends who are marketers in the field — the California Privacy Protection Act, new data privacy laws in Maine and Nevada, and who’s next? — this, too, we will endure. All the same, we shall all find new paths to prosper in the New Year, and the consumer will be better for it.

And yes, we should all be looking — shouting from the rooftops — for a single standard law from Congress sooner than later. Americans deserve better!

Is this working for you? I accept, I accept, I accept, I accept, I accept, I accept. Opt-out. Opt-Out. Opt-Out. Opt-Out, infinitum. In your face on every site you visit, and on every app you use?  I want to control data flows about me — not with a browser, not with a default that fails the financing of relevant content — but this is too much. Better for all to have acceptable uses discerned from unacceptable ones — defined by benefits and harms, respectively — legislate THAT, and let innovations flow.

So please join me in my sing-along:

“There’s a tale, are you listening?
Data flails, for the christening.
A new law in sight.
About to take flight,
Drownin’ in a regulated land.

Gone away is the long tail …
Within the walls, a new prevail.
Competition, insights,
Strategies in plight,
Drownin’ in a regulated land.

On the home page we can place an opt-out
Make it clear that data’s not for sale

Another referendum will get plopped out
‘I accept’ and the Internet will fail.

Innovation, on a vacay…
As a patchwork, takes a mainstay
Know better than us
Who can we trust?
Drownin’ in a regulated land

In the filings we can set it all right
Consumer trust is all that we care
They’ll say, ‘are you kidding, you get no rights
Except for private actions in the air.’

And so we toil, we perspire
As the relevance gets retired
They say privacy!
We know it’s not free,
Drownin’ in a regulated land.

[And the big ending…]

Did you say $55 billion?

[Oh, yes] Drownin’ in a regulated land.

Happy Holidays, everyone!

Earn Consumer Trust Through ‘Surprise and Delight’ in a Post-Privacy Age

Recent consumer research from Pew Research Center shows we have some work to do persuading consumers to let us use data about them for marketing. Right now, the risks seem to outweigh the benefits, in consumers’ view. At least for now.

Recent consumer research from Pew Research Center shows we have some work to do persuading consumers to let us use data about them for marketing. Right now, the risks seem to outweigh the benefits, in consumers’ view. At least for now.

Marketing may be an annoyance to some — but too often, it’s conflated by consumers (and privacy advocates, and some policymakers) to our detriment into real privacy abuses, like identity theft, or hypothetical or imagined outcomes, such as higher insurance or interest rates — to which clearly marketing data has no connection.

There needs to be a bright line affixed between productive economic use of data (such as for marketing) — and unacceptable uses (such as discrimination, fraud, and other ills).

As consumers feel they have lost all data control — perhaps one might describe the current state as “post-privacy” — it is doubtful the answer to consumer trust lies in more legal notices pushed to them online. Consumers also have told Pew the emerging cascade of notices are not well understood or helpful.

Consumer Trust
Image Source: Pew Research Center, 2019

When Pew explores more deeply the root of what consumers find acceptable and unacceptable, opportunities for marketers may indeed arise. For example, the study summary states:

“One aim of the data collection done by companies is for the purpose of profiling customers and potentially targeting the sale of goods and services to them, based on their traits and habits. This survey finds that 77% of Americans say they have heard or read at least a bit about how companies and other organizations use personal data to offer targeted advertisements or special deals, or to assess how risky people might be as customers. About 64% of all adults say they have seen ads or solicitations based on their personal data. And 61% of those who have seen ads based on their personal data say the ads accurately reflect their interests and characteristics at least somewhat well. (That amounts to 39% of all adults.)”

This is why regulating privacy — from self-regulation to public policy — is so challenging. A broad brush is not the right tool. We want to preserve the innovation, we want to improve consumer experiences, while giving consumers meaningful protection from data use practices that are harmful and antithetical to their interests.

An Industry Luminary Lends Her Perspective

Image: Martha Rogers, Ph.D. (LinkedIn)

Martha Rogers, Ph.D., who co-authored the seminal book “The One to One Future”with Don Peppers in 1993, helped to usher in the customer relationship management (CRM) movement. Today, CRM  often manifests itself in brands seeking to map customer journeys and to devise better customer experiences, and a lot of business investment in data and technology.

Reflecting on privacy last month in New York, Rogers said, “The truth of the matter is, we always judge ourselves by our intentions. Yet we judge others by their actual actions. The problem is that everyone is doing the same thing with us [as marketers].”

How much of that business spending resonates with consumers? “When 400 chief executive officers were asked if their companies provided superior customer experiences, 80 — that’s eight-zero — percent said ‘yes.’ Yet only 8% of customers said that companies were providing superior customer experience. Customers also judge us by our actions, not by our intentions.”

Rogers told two “surprise and delight” stories that illustrate how powerful smart data collection, analysis, and application can be.

“We need customer data to get the job done. A regular Ritz-Carlton customer I know once asked hotel staff for a hyper-allergenic pillow for his room. Now when he goes to a Ritz-Carlton, he always has a hyper-allergenic pillow in his room. He told me he just loved how the Ritz-Carlton had changed over all its pillows to hyper-allergenic ones.”  Rogers said she didn’t have the heart to tell him it was just his room — and the hotel simply had recorded, honored, and anticipated his preference.

Another story came from insurer USAA. Upon returning from tours of duty in Iraq and Afghanistan, USAA sent a refund on auto insurance premiums in the form of a live check and a letter. The letter thanked the soldiers for their service, and reasoned that a car must not have been used much or at all, while a soldier was overseas — hence, the refund. “Do you know 2500 of these checks were returned by customers, uncashed?” Rogers reported, noting that many of these military families have limited means. “Wow, stay strong … keep your money — some of the policy holders said to the company. How do you compete in that category if you’re another insurance company?”

These two cases both show smart data collectoin — applied — builds customer trust and loyalty, no matter what their feelings may be about privacy, in general.

“There are three reasons why we care about privacy,” Rogers said. “One is because there are criminals out there. We don’t want to give data to the robbers or the hackers. Second is because some of us do have secrets — and I’m not naming any names. And we don’t want people knowing every blessed thing about us. And the third reason that we just want our privacy is because [our lives] can be embarrassing.”

Consumer Trust Is Like a Pencil Eraser

“Privacy in an interconnected world is a pipe dream, an oxymoron,” she continued. “Still, we have to access and use customer data to give those great customer experiences. So what happens now? We have to do things [with data] that are good for customers, and not for ourselves [as marketing organizations]. Regulations and laws are really just a floor.”

“If you want to be truly trust-able, it’s about doing things right. One lie can ruin a thousand truths,” she said. “Trust is sort of like the eraser on a pencil. It gets smaller and smaller with each mistake we make. So we have to be careful. Do things right. Do the right thing. Be proactive.”

“No matter how fantastic technology is, it can’t top that trust,” she said.

How many Ritz-Carltons and USAAs — surprise and delight — does it take to undo a Cambridge Analytica or an Equifax? I’m actually optimistic on this. Because better customer experiences, brand relevance, and resonance through data insights will continue to win. We just have to prove it, to the customer, millions of times, one by one, every day — in the very important data-driven marketing work we do.