A Map or a Matrix? Identity Management Is More Complex By the Day

A newly published white paper on how advertisers and brands can recognize unique customers across marketing platforms underscores just how tough this important job is for data-driven marketers.

As technologists and policymakers weigh in themselves on the data universe – often without understanding the full ramifications of what they do (or worse, knowing so but proceeding anyway) – data flows on the Internet and on mobile platforms are being dammed, diverted, denuded, and divided.

In my opinion, these developments are not decidedly good for advertising – which relies on such data to deliver relevance in messaging, as well as attribution and measurement. There is a troubling anti-competition mood in the air. It needs to be reckoned with.

Consider these recent developments:

  • Last week, the European Court of Justice rendered a decision that overturned “Privacy Shield” – the safe harbor program that upward of 5,000 companies rely upon to move data securely between the European Union and the United States. Perhaps we can blame U.S. government surveillance practices made known by Edward Snowden, but the impact will undermine hugely practical, beneficial, and benign uses of data – including for such laudable aims as identity management, and associated advertising and marketing uses.
  • Apple announced it will mandate an “opt-in” for mobile identification data used for advertising and marketing beginning with iOS 14. Apple may report this is about privacy, but it is also a business decision to keep Apple user data from other large digital companies. How can effective cross-app advertising survive (and be measured) when opt-in rates are tiny? What about the long-tail and diversity of content that such advertising finances?
  • Google’s announcement that it plans to cease third-party cookies – as Safari and Mozilla have already done – in two years’ time (six months and ticking) is another erosion on data monetization used for advertising. At least Google is making a full-on attempt to work with industry stakeholders (Privacy Sandbox) to replace cookies with something else yet to be formulated. All the same, ad tech is getting nervous.
  • California’s Attorney General – in promulgating regulation in conjunction with the enforcement of the California Consumer Privacy Act (in itself an upset of a uniform national market for data flows, and an undermining of interstate commerce) – came forth with a new obligation that is absent from the law, but asked for by privacy advocates: Companies will be required to honor a browser’s global default signals for data collection used for advertising, potentially interfering with a consumer’s own choice in the matter. It’s the Do Not Track debate all over again, with a decision by fiat.

These external realities for identity are only part of the complexity. Mind you, I haven’t even explored here the volume, variety, and velocity of data that make data collection, integration, analysis, and application by advertisers both vital and difficult to do. As consumers engage with brands on a seemingly ever-widening number of media channels and data platforms, there’s nothing simple about it. No wonder Scott Brinker’s Mar Tech artwork is becoming more and more an exercise in pointillism.

Searching for a Post-Cookie Blueprint

So it is in this flurry (or fury) of policy developments that the Winterberry Group issued its most recent paper, “Identity Outlook 2020: The Evolution of Identity in a Privacy-First, Post-Cookie World.”

Its authors take a more positive view of recent trends – reflecting perhaps a resolve that the private sector will seize the moment:

“We believe that regulation and cookie deprecation are a positive for the future health and next stage of growth for the advertising and marketing industry as they are appropriate catalysts for change in an increasingly privacy-aware consumer environment,” write authors Bruce Biegel, Charles Ping, and Michael Harrison, all of whom are with the Winterberry Group.

The researchers report five emerging identity management processes, each with its own regulatory risk. Brands may pursue any one or combination of these methodologies:

  • “A proprietary ID based on authenticated first-party data where the brand or media owner has established a unique ID for use on their owned properties and for matching with partners either directly or through privacy safe environments (e.g.: Facebook, Google, Amazon).
  • “A common ID based on a first-party data match to a PII- [personally identifiable information] based reference data set in order to enable scale across media providers while maintaining high levels of accuracy.
  • “A common ID based on a first-party data match to a third-party, PII-based reference data set in order to enable scale across media providers while maintaining high levels of accuracy; leverages a deterministic approach, with probabilistic matching to increase reach.
  • “A second-party data environment based on clean environments with anonymous ID linking to allow privacy safe data partnerships to be created.
  • “A household ID based on IP address and geographic match.”

The authors offer a chart that highlights some of the regulatory risks with each approach.

“As a result of the diversity of requirements across the three ecosystems (personalization, programmatic and ATV [advanced television]) the conclusion that Winterberry Group draws from the market is that multiple identity solutions will be required and continue to evolve in parallel. To achieve the goals of consumer engagement and customer acquisition marketers will seek to apply a blend of approaches based on the availability of privacy-compliant identifiers and the suitability of the approach for specific channels and touchpoints.”

A blend of approaches? Looks like I’ll need a navigator as well as the map. As one of the six key takeaways, the report authors write:

“Talent gaps, not tech gaps: One of the issues holding the market back is the lack of focus in the brand/agency model that is dedicated to understanding the variety of privacy-compliant identity options. We expect that the increased market complexity in identity will require Chief Data Officers to expand their roles and place themselves at the center of efforts to reduce the media silos that separate paid, earned and owned use cases. The development of talent that overlaps marketing/advertising strategy, data/data science and data privacy will be more critical in the post-cookie, privacy-regulated market than ever before.”

There’s much more in the research to explore than one blog post – so do your data prowess a favor and download the full report here.

And let’s keep the competition concerns open and continuing. There’s more at stake here than simply a broken customer identity or the receipt of an irrelevant ad.

The Intersection of Personalization & Privacy: How to Communicate with Consumers

Consumers expect to get whatever they want, whenever they want it, delivered how they want it. You can credit (or blame) Amazon for setting expectations so high, but those same expectations extend to online publishing and marketing.

[Editor’s note: While this is geared toward the publishing audience in language, there are numerous valuable takeaways for marketers.]

Consumers expect to get whatever they want, whenever they want it, delivered how they want it. You can credit (or blame) Amazon for setting expectations so high, but those same expectations extend to online publishing.

Increasingly, publishers must personalize to thrive — a mission that can be at odds with new privacy mandates.

What Exactly Do Consumers Expect?

Virtually every publisher now promises customized content, but that promise can mean a few different things. On the one hand, it’s a promise to deliver a certain type of content that’s tailored to your reader’s individual interests. But it also means a promise to deliver content according to that person’s consumption preferences for device/channel (desktop, mobile, or tablet/website, social, or email).

Publishers deliver on these promises through a variety of features. Notifications that push to a consumer’s preferred device are one popular way to meet audiences on the most personal level. Likewise, social integration (both as commenting platforms and logins) is now seen as essential because it not only customizes the experience, but also makes it friction-less.

But, as publishers are well aware, building these features and executing personalization strategies takes significant resources that aren’t necessarily part of the core business.

Brands Are Doing the Same Thing with More Resources

While brands and publishers typically sit on opposite sides of the media ecosystem, their challenge is the same when it comes to personalization. Publishers and advertisers must both deliver the right message to the right person, at the right time. Tellingly, brands and publishers have tackled this challenge in different ways.

By and large, brands and bigger media companies have taken this kind of work in-house. But most small and medium-sized publishers have gone in the opposite direction, turning to agencies and vendors to navigate the complexities of data analytics, personalization, and monetization.

These are technical and costly undertakings. Small publishers may struggle because of limited expertise, but even big publishers may prefer to invest in content rather than building in-house technology. And just finding, vetting, and holding vendors accountable is a challenge for many publishers.

But regardless of how publishers solve for personalization, the brand context is important because well-resourced brands are setting the bar for consumer expectations here. As privacy compliance adds layers of complexity to personalization, brands and publishers will have to adapt to perform the same mission, albeit with varying levels of resources.

Personalization Is the Crucible of Privacy Chaos

To understand how personalization and privacy intersect, start with a fundamental question: How do I personalize something for you if I don’t know anything about you?

The question illustrates the tension between personalization and privacy. The more consumers share, the greater the level of personalization. Of course, the opposite is also true. If you don’t want to share anything personal, be prepared to accept the generic experience.

While that may sound like common sense, the reality is that publishers are stuck in a bind. You must reconcile the chaos that comes from a patchwork of state-mandated privacy laws — including California’s CCPA, plus laws in 10 other states — with consumer expectations that value privacy on the one hand and expect seamless, personalized experiences on the other. To be clear, there’s no “right answer,” in part because just as personalization preferences vary by individual, so, too, do our feelings about privacy.

Publishers, perhaps better than any other stakeholder, are uniquely positioned to lead this conversation. After all, consumers seek out publishers because they are trusted sources. But when it comes to explaining the tradeoffs between personalization and privacy, publishers usually fall back on their lawyers. That can be a mistake. Instead of relying fully on lawyers, publishers should communicate with their consumers in a clear, authentic voice. Here are some suggestions:

  • Speak in your brand’s voice. Typically, conversations that touch on the tradeoff between personalization and privacy get off to a bad start because privacy policies are written in a foreign language called legalese. Using your brand voice is more effective because it’s authentic. If your brand is edgy or sarcastic, talk about privacy with an edgy or sarcastic tone. Two examples: 1) Fitbit’s privacy policy is written in easy to navigate bullet points for users who may not have the time to take a deep-dive into the brand’s Terms of Service; 2) Apple’s privacy, which is quite in-depth, is written in the same easy-to-understand language Apple uses for its product copy.
  • Tell people what information you want and why you need it. A concept like “personally identifiable information” means a lot to lawyers, but it’s not something consumers think about in their daily lives. Instead, make specific asks for email, social media, or cookies and then explain why you need that information. Be clear that your product might not work as advertised unless the user shares some private information. The key is context. If you want movie screening times “near you,” for example, we need to know your location. Instead of just asking for a user’s location, say something like, “Tell us where you are so we can find a movie near you.”
  • Explain how the consumer benefits in concrete terms. If you’re using language like “so we can best serve you…” you’re being too vague. Instead, state the value proposition directly. Explain how you want to serve the consumer by telling them what they can expect — content tailored to their interests, timely notifications, etc. When you do that, you empower the consumer to make their own informed choices about the tradeoffs between privacy and personalization.
  • If you plan to share someone’s information with a third-party, be upfront about it. Reserving the right to share consumer data with third-party partners sounds like legalese, but it also sounds like you’re hiding something. There are valid reasons to share data with others. Tell consumers why you’re sharing their data, who you’re sharing it with, and how the opt-out works.

Navigating these delicate waters will be challenging, but putting the time and energy into incorporating your brand identity into privacy compliance will pay for itself in the long run. Your users will appreciate the effort and better personalization, and you will (hopefully) have stronger user connections and fewer people opting out.

More Rules and Regulations for Content Marketers

So, content marketers, let’s talk about the regulatory environment more broadly, because one thing is for certain: the web, as wild and woolly as online discourse may be, is no longer the Wild West. Online marketing is now being held to a much higher standard.

Privacy protection, accessibility, and copyright —  oh, my!

Last time around, we talked about data privacy regulations as they apply to non-transactional sites. As confusing a landscape as those regulations currently present, they’re not the only regulations with which you need to be aware and compliant.

So, let’s talk about the regulatory environment more broadly, because one thing is for certain: the web, as wild and woolly as online discourse may be, is no longer the Wild West. Online marketing is now being held to a much higher standard than it has been, so you’ll want to be sure you have a plan in place to build your site by the book and to remain compliant. Otherwise, you risk spending more time talking to lawyers than to prospects.

Accessibility

If you built your website without accessibility in mind, chances are you’re not going to be happy when your website developers tell you what it’s going to cost to make it compliant. In many cases, it can make more sense to start from scratch, given the investment involved.

On the plus side, the cost to design and build a new website with compliance in mind is only incrementally greater than building that same site without WCAG Level AA compliance as your goal.

There is some extra work to be done, but for the most part, compliance requires a change in mindset for designers and some slightly different coding tactics for the dev team. Once that’s in place, it’s really only a matter of making sure new content additions are made in a compliant manner. (Image alt tags must be included, for example.)

You’ll want to include an accessibility statement on your site that includes a way for visitors who are having trouble consuming your content to contact you and seek remediation.

Privacy and Data Protection

As we’ve discussed, you need a privacy policy and you need to abide by it. If you haven’t told people that you’re planning on selling their email addresses to the highest bidder, you probably can’t. (Regulations differ by jurisdiction and industry; check with a lawyer.)

Once you have a collection of data, you need to take steps to keep that data safe, both in storage and in any transmittal or other use. Again, your industry may have specific compliance standards that you have to meet, and you may need to document the protections you’ve put in place.

Copyright

If you don’t own it, don’t publish it. This should be obvious, but often marketers make mistakes that can be costly.

Images are the most common area where errors occur. Doing a web search and then publishing any old image you find is a recipe for disaster. Going through a respected stock image library and paying for the images you use is the safest approach.

If you’d prefer not to go that route, you can use the Google Advanced Image Search tool. It is an excellent way to search for images to use in your digital marketing if you filter to include only those that are “free to use, share, or modify, even commercially.”

Don’t even think about trying to use an image from a stock image library without licensing it. They can and will find you. They can and will demand payment, usually well beyond what the initial license would have cost. (Also worth noting is that technically, for most stock image libraries, any image you use should be licensed under your firm’s name rather than by your design agency. That approach is also just smart business, because you may not always be working with that design team.)

When copy is purloined, it’s even easier to track down. Even if you get away with it, the search engines may very well penalize you for publishing duplicate content. There are other ways to get on the search engines’ bad sides, so be careful if you’re republishing content from other sources, even if it’s content that you have the right to republish.

Finally, think twice before stealing code. It’s an open source world, but that doesn’t mean you’re free to take and use anything you find in your travels. At the very least, attribution may be required. Most code libraries, snippets, etc., may require license fees — regardless of how they’re used. Some require payment only if you want updates or support. This can be harder for marketers to police, so be sure to have a regularly scheduled review with your dev team.

Spend Time on This

These regulations — and whatever may be coming down the pike in the future — make investing in digital expertise ever more important. Your team needs the time and mandate to stay on top of what regulations apply to your business and best practices for remaining compliant.

1 Year Later: Gen Z College Students Weigh in Again on Personal Data Collection

Last February, I reported on some of the things my Gen Z students wrote in response to an assignment about who gains the most from the value exchange of convenience-for-personal-data. A year later, I gave the same assignment with the same supplemental readings to students, and the results were notably different.

Last February, I reported on some of the things my Gen Z students wrote in response to an assignment about who gains the most from the value exchange of convenience-for-personal-data between consumers and marketers.

A year later, I gave the same assignment with the same supplemental readings to a similar group of 40 students from Rutgers School of Business Camden, and the results were notably different.

Last year, I wrote, in “Gen Z College Students Weigh-in on Personal Data Collection — Privacy Advocates Should Worry”:

“Some Gen Zers don’t mind giving up their personal data in exchange for the convenience of targeted ads and discounts; others are uneasy, but all are resigned to the inevitability of it. However, the language they use to describe their acquiescence to data collection should be troubling to privacy advocates.”

This year’s students are far more concerned about the collection and sale of their personal data, but they are just as resigned to the inevitability of it. At the same time, some bask in the advantages it brings them and they’re sympathetic to the needs of marketers to provide a personalized data-driven experience to consumers.

The privacy concerns of the current group are more pronounced than the previous group.

“I used to believe that the consumer benefitted from the perks of technology. But more and more, I believe that marketers benefit more. Social media, search engines, TVs, refrigerators, Alexa or Google Home, Kinsa Thermostat are all ways that marketers can reach the consumer with things we use in our everyday lives. Some people don’t even realize they’re feeding right into it just by providing some information about yourself.”

Another wrote:

“Privacy has almost become a thing of the past. Places like our kitchens, bathrooms, and bedrooms have transformed from places behind closed doors to areas that are willingly shared with thousands of others on the receiving end of the data being collected for business purposes.”

Yet, like last year’s group, they are resigned to giving up personal data for access to information and services.

“Consumers are beginning to realize how often what they do, speak, and read are all being recorded. Personally, I’ve been more aware than ever of what is being tracked. I’m more aware of every ad I look at and every website I clicked on. This lifestyle is something that can’t be avoided.”

A common complaint involves the lengthy user agreements that consumers must accept to use web-based services and Internet-connected devices:

“This type of ultimatum often means that consumers regularly grant permission on their personal devices, rather than lose their access to a particular product.”

The proliferation of the Internet of Things may be behind much of the change in attitude since last year. (Caveat: I confess that I’ve warned about small sample sizes in the past [“Beware the Small Sample”]. I’m not drawing quantitative conclusions here, but rather reporting on a trend from qualitative research done with 40 students each year).

“Some people who purchase these tech-savvy devices often don’t understand the policies of the product. Understanding the policy and happily opting-in for your information to be used is one thing, but complying because you’re unsure is another. Did you know that brands can start tracking your information at the age of 13? How can a child understand the policy and process of how this works if a grown adult cannot?”

Another stated:

“The terms of agreement can exceed 10,000 words and not be accessible unless the consumer searches the web for it. Consumers don’t get the full story of how much the companies invade their personal lives. Even aspects like your political preference are being monitored and can aid in influencing your votes.”

One student is mounting a fierce resistance:

“I am one of those people that have a Post-it over the camera on my laptop. I shut off the location on my phone, even though I feel like it is being monitored without my consent a lot of the time. My smart TV is not connected to the Internet, and I rarely use streaming devices, such as Netflix or Hulu — if I do, it is usually on my computer. Devices like Google Home and Alexa completely freak me out and I do not believe I would ever purchase one for my home. Even some of the newer home security systems — like Xfinity Home or the video doorbell, Ring — introduce new ways for people to hack in and monitor your personal activity.”

Data leaks and potential misuse are another concern. One student worried about home assistant devices mishearing innocuous phrases as legitimate commands to record and send private conversations:

“Families could be going through a family matter and these devices are listening and recording what is being said. Next thing you know, it is being sent to your boss or colleagues who did not need to hear or know what is going in in the comfort of your home. Also, the refrigerators that know exactly what is inside can share this information with marketers who then share it with insurers who can possibly charge consumers more for unhealthy diets.”

But it’s not all gloom and worry. One student who recently booked a trip to Disney World was delighted by the collection and use of her personal data:

“Being able to get discounted magic bands and Disney exclusive accessories catered for my needs has been a huge bonus. This also benefits Disney, as they are getting my credentials and can alter their research based on my specific data. A part of the reason they are so successful is because of how personal they make the process feel. Even from the first search, they are there to help guide you and aid in your conversion to purchase. (They) get you to come back, because they have that initial information and the personal details of your preference.”

(BTW, how great is Disney? Offering discounts on those magic bands that they use to track your movement and purchases throughout the park. They not only get you to agree to it, they get you to pay for it and be grateful for the discount).

So the time may be right for privacy advocates to gain a foothold among the generation whose members have gone so willingly into the world of sharing personal data.

What Did You Do on Data Privacy Day 2020? Do Tell Us.

Each year, Jan. 28 is known as “Data Privacy Day” in the United States and globally — also Data Protection Day in other jurisdictions. As business organizations — and marketers — we see that it’s a day when consumers are reminded to exercise their “privacy rights.”

Each year, Jan. 28 is known as “Data Privacy Day” in the United States and globally — also Data Protection Day in other jurisdictions.

As business organizations — and marketers — we see that it’s a day when consumers are reminded to exercise their “privacy rights” and take advantage of tips and tricks for safeguarding their privacy and security. In our world of marketing, there are quite a few self-regulatory and co-regulatory tools (U.S. focus here) that enable choices and opt-outs:

  • To opt out of commercial email, direct mail, and telemarketing in certain states, consumers can avail themselves of DMAchoice. For telemarketing, they can also enroll on the Federal Trade Commission’s Do Not Call database.
  • For data collected online for interest-based ads, consumers can take advantage of Digital Advertising Alliance’s WebChoices and Network Advertising Initiative consumer control tools, which are accessible via the ubiquitous “AdChoices” icon. DAA also offers AppChoices, where data is collected across apps for interest-based ads. [Disclosure: DAA is a client.]
  • Now that California has a new consumer privacy law, consumers there can also take advantage of DAA’s new “Do-Not-Sell My Personal Information” Opt Out Tool for the Web. Its AppChoices mobile app also has a new CCPA opt-out component for “do not sell.” Publishers all over the Web are placing “Do Not Sell My Personal Information” notices in their footers, even if others outside California can see them, and offering links to their own in-house suppression lists, as well as DAA’s. Some publishers are using new the Privacy Rights icon to accompany these notices.

Certainly, businesses need to be using all of these tools — either as participants, or as subscribers — for the media channels where they collect, analyze, and use personal and anonymized data for targeted marketing. There’s no reason for not participating in these industry initiatives to honor consumer’s opt-out choices, unless we wish to invite more prescriptive laws and regulations.

We are constantly reminded that consumers demand high privacy and high security — and they do. We also are reminded that they prefer personalized experiences, relevant messaging, and wish to be recognized as customers as they go from device to device, and across the media landscape. Sometimes, these objectives may seem to be in conflict … but they really are not. Both objectives are good business sense.

As The Winterberry’s Group Bruce Biegel reported while presenting his Annual Outlook for media in 2020 (opens as a PDF), the U.S. data marketplace remains alive and well. For data providers, the onus is to show where consumer permissions are properly sourced, and transparency is fully authenticated and demonstrated to consumers in the data-gathering process. It’s a rush to quality. Plainly stated, adherence to industry data codes and principles (DAA, NAI, Interactive Advertising Bureau, Association of National Advertisers, among others) are table stakes. Going above and beyond laws and ethics codes are business decisions that may provide a competitive edge.

So what did I do on Data Privacy Day 2020? You’re reading it!  Share with me any efforts you may have taken on that day in the “public” comments below.

Marketers’ New Year’s Resolution: ‘I Will Give Customers More T-R-A’

The turning of the calendar may mean a new fiscal year for many marketing organizations, but there is one constant that remains paramount for customer-centric enterprises:  TLC (tender loving care) and how we demonstrate such sentiments to our prospects, customers, and donors — whomever applies.

The turning of the calendar may mean a new fiscal year for many marketing organizations, but there is one constant that remains paramount for customer-centric enterprises: TLC (tender loving care) and how we demonstrate such sentiments to our prospects, customers, and donors — whomever applies.

According to its most recent survey of more than 13,400 C-suite leaders, IBM is recommending data users to pursue another approach in their efforts to build consumer trust: T-R-A, as in transparency, reciprocity, and accountability. See the IBM report, “Build Your Trust Advantage: Leadership in the Age of Data and AI Everywhere” (Opens as a PDF)

The report states:

“To satisfy the modern requirement for trust, leading organizations are adopting three basic principles as their guide: transparency, reciprocity, and accountability. Each provides assurance to customers, but is more than good marketing. These principles are the scaffolding that supports the modern enterprise, remade to propagate trust.”

In a time when trust is increasingly harder to earn — and where consumers question the data-for-value exchange — one may think to shun the data quest. But that is not the correct course of action, nor a viable option, at all. Instead, the answer is to triple up efforts — to seek out and ensure higher quality data sources, to ensure chain-of-trust on permissions and consumer controls, and to hold ourselves and data partners accountable for results.

According to IBM, enterprise leaders — “torchbearers” — have fused their data and business strategies as one. “The torchbearers defy data fears, enhancing the trust of customers.”  Eighty-two percent say they use data to strengthen customer trust, compared with 43% of “aspirational” enterprise data users.

So what does T-R-A entail?

Transparency

“Customers demand transparency of data associated with the products and services, and, in the case of personal data, assurances that it’s used in a fair manner and kept safe,” the report states.

Three Keys to Consumer Love: Transparency, Reciprocity and Accountability. | Credit: Pexels.com

And it’s not just about data used in marketing — it’s also about data regarding how products are developed and manufactured, for example, and user reviews and recommendations. Any data that informs the customer journey, and enables the brand promise, really.

Reciprocity

“C-suite executives understand that to get access to data, they have to give something meaningful in return,” the report states. “The challenge? Organizations often don’t know what their customers would consider a fair exchange.”

That’s a fair assessment — as most consumers say they are skeptical about data-sharing benefits; particularly where privacy is concerned. So it is incumbent upon us to discover — probably using data — what truly motivates consumers’ sense of trust and value. I don’t think we do as good a job as we could as brands, and perhaps as an industry, in explaining data’s value to the consumer. Thus, we must do better.

Accountability

“Accountability is synonymous with brand integrity,” the report opined. “To succeed in retaining trust while growing business or expanding into new marketers, marketers need to establish governance and policies to combat cyber risk and protect consumer trust and brand.”

To me, accountability extends beyond data security — and the lawsuits and brand erosion that may follow data breaches. Data governance is closer to the accountability mark: making sure our data supply chains are “clean,” and that they adhere to industry ethics and best practices.

Here’s Wishing You T-R-A in 2020

So I’m hoping my New Year and yours has a lot more T-R-A in the offing. If the consumers equates sharing of data with a loss of privacy, then no one wins — especially the consumer.

 

 

 

For Measurement-Oriented Marketers: The Best of ‘Here’s What Counts,’ 2019

Over the past year, “Here’s What Counts” opined on several topics. But the ones that gained the most traction involved Gen Z’s views on privacy, social media data collection, and 1:1 marketing.

Over the past year, “Here’s What Counts” opined on several topics. But the ones that gained the most traction involved Gen Z’s views on privacy, social media data collection, and 1:1 marketing.

The most popular post, “Have We Ruined 1:1 Marketing? How the Corner Grocer Became a Creepy Intruder,” was reposted on LinkedIn by Don Peppers, co-author of the book, “1:1 Marketing.”  The idea grew out of an assignment I gave my students at Rutgers School of Business in Camden, N.J. The students had to compare the 1996 version of database marketing, as described by Arthur Hughes in the introduction to his watershed book, “The Complete Database Marketer,” with the current state of online direct/database marketing. Hughes likened a marketing database to the Corner Grocer, who kept mental notes on his customers’ names, personal preferences, and family connections. Specifically, the students had to tell me how marketing technology innovations have enhanced database marketing since 1996.

The Takeaway:

While they concede that the targeted ads they experience are usually relevant, several of them noted that they don’t feel they have been marketed to as individuals; but rather, as a member of a group that was assigned to receive a specific digital advertisement by an algorithm. They felt that the idealized world of database marketing that Hughes described in 1996 was actually more personal than the advanced algorithmic targeting that delivers ads to their social media feeds.

It’s not surprising that Gen Zers expect a more personalized marketing experience. As I wrote in “Gen Z College Students Weigh-in on Personal Data Collection — Privacy Advocates Should Worry.”

Some Gen Zers don’t mind giving up their personal data in exchange for the convenience of targeted ads and discounts; others are uneasy, but all are resigned to the inevitability of it.

Student comments included:

Resignation

“I do not feel it is ethical for companies to distribute our activities to others. Despite my feelings on the situation, it will continue — so I must accept the reality of the situation.”

 Rationalization

“… I feel as though consumers gain the most from this value exchange. Marketers can do pretty much whatever they want with the information that they collect, but they do not really ‘gain’ from this exchange, until people actually purchase their products …  Even if this exchange allows marketers to play with people’s vulnerabilities, it is ultimately consumers’ choice on whether or not they want to buy something.”

 And, in response to a New York Times article about Smart TVs spying on people, one student expressed:

Disgust

“Marketers are gaining money and information through various means and have the ability to do so without risk, because consumers are not going to read [a] 6,000-word privacy policy just to be able to work a television.”

Lest we think that the younger generation is alone in eschewing concerns about privacy, take a look at “Getting Facebook Sober: What Marketers Should Know About Consumers’ Attitudes and Social Data.”

While people claim to be concerned about privacy, they’re not willing to pay for it.  A Survey Monkey poll done for the news site Axios earlier this month shows that three-fourths of people are willing to pay less than $1 per month in exchange for a company not tracking their data while using their product — 54% of them are not willing to pay anything.

As we charge into 2020, we need to carefully consider how the data we give up so willingly is used to manipulate not only our purchasing behavior, but our beliefs and values. In the post, “A Question for Marketers: Is it Social or Is it Media?” I recount Sasha Baron Cohen’s speech at the Anti-Defamation League (ADL) calling Facebook “the greatest propaganda machine in history.”

I sent The Guardian’s publication of Cohen’s speech to my children, two of whom have given up their Facebook accounts. My daughter replied, “Did you learn about this on Facebook? If so, irony is dead.”

Actually, I did. RIP, irony.

Earn Consumer Trust Through ‘Surprise and Delight’ in a Post-Privacy Age

Recent consumer research from Pew Research Center shows we have some work to do persuading consumers to let us use data about them for marketing. Right now, the risks seem to outweigh the benefits, in consumers’ view. At least for now.

Recent consumer research from Pew Research Center shows we have some work to do persuading consumers to let us use data about them for marketing. Right now, the risks seem to outweigh the benefits, in consumers’ view. At least for now.

Marketing may be an annoyance to some — but too often, it’s conflated by consumers (and privacy advocates, and some policymakers) to our detriment into real privacy abuses, like identity theft, or hypothetical or imagined outcomes, such as higher insurance or interest rates — to which clearly marketing data has no connection.

There needs to be a bright line affixed between productive economic use of data (such as for marketing) — and unacceptable uses (such as discrimination, fraud, and other ills).

As consumers feel they have lost all data control — perhaps one might describe the current state as “post-privacy” — it is doubtful the answer to consumer trust lies in more legal notices pushed to them online. Consumers also have told Pew the emerging cascade of notices are not well understood or helpful.

Consumer Trust
Image Source: Pew Research Center, 2019

When Pew explores more deeply the root of what consumers find acceptable and unacceptable, opportunities for marketers may indeed arise. For example, the study summary states:

“One aim of the data collection done by companies is for the purpose of profiling customers and potentially targeting the sale of goods and services to them, based on their traits and habits. This survey finds that 77% of Americans say they have heard or read at least a bit about how companies and other organizations use personal data to offer targeted advertisements or special deals, or to assess how risky people might be as customers. About 64% of all adults say they have seen ads or solicitations based on their personal data. And 61% of those who have seen ads based on their personal data say the ads accurately reflect their interests and characteristics at least somewhat well. (That amounts to 39% of all adults.)”

This is why regulating privacy — from self-regulation to public policy — is so challenging. A broad brush is not the right tool. We want to preserve the innovation, we want to improve consumer experiences, while giving consumers meaningful protection from data use practices that are harmful and antithetical to their interests.

An Industry Luminary Lends Her Perspective

Image: Martha Rogers, Ph.D. (LinkedIn)

Martha Rogers, Ph.D., who co-authored the seminal book “The One to One Future”with Don Peppers in 1993, helped to usher in the customer relationship management (CRM) movement. Today, CRM  often manifests itself in brands seeking to map customer journeys and to devise better customer experiences, and a lot of business investment in data and technology.

Reflecting on privacy last month in New York, Rogers said, “The truth of the matter is, we always judge ourselves by our intentions. Yet we judge others by their actual actions. The problem is that everyone is doing the same thing with us [as marketers].”

How much of that business spending resonates with consumers? “When 400 chief executive officers were asked if their companies provided superior customer experiences, 80 — that’s eight-zero — percent said ‘yes.’ Yet only 8% of customers said that companies were providing superior customer experience. Customers also judge us by our actions, not by our intentions.”

Rogers told two “surprise and delight” stories that illustrate how powerful smart data collection, analysis, and application can be.

“We need customer data to get the job done. A regular Ritz-Carlton customer I know once asked hotel staff for a hyper-allergenic pillow for his room. Now when he goes to a Ritz-Carlton, he always has a hyper-allergenic pillow in his room. He told me he just loved how the Ritz-Carlton had changed over all its pillows to hyper-allergenic ones.”  Rogers said she didn’t have the heart to tell him it was just his room — and the hotel simply had recorded, honored, and anticipated his preference.

Another story came from insurer USAA. Upon returning from tours of duty in Iraq and Afghanistan, USAA sent a refund on auto insurance premiums in the form of a live check and a letter. The letter thanked the soldiers for their service, and reasoned that a car must not have been used much or at all, while a soldier was overseas — hence, the refund. “Do you know 2500 of these checks were returned by customers, uncashed?” Rogers reported, noting that many of these military families have limited means. “Wow, stay strong … keep your money — some of the policy holders said to the company. How do you compete in that category if you’re another insurance company?”

These two cases both show smart data collectoin — applied — builds customer trust and loyalty, no matter what their feelings may be about privacy, in general.

“There are three reasons why we care about privacy,” Rogers said. “One is because there are criminals out there. We don’t want to give data to the robbers or the hackers. Second is because some of us do have secrets — and I’m not naming any names. And we don’t want people knowing every blessed thing about us. And the third reason that we just want our privacy is because [our lives] can be embarrassing.”

Consumer Trust Is Like a Pencil Eraser

“Privacy in an interconnected world is a pipe dream, an oxymoron,” she continued. “Still, we have to access and use customer data to give those great customer experiences. So what happens now? We have to do things [with data] that are good for customers, and not for ourselves [as marketing organizations]. Regulations and laws are really just a floor.”

“If you want to be truly trust-able, it’s about doing things right. One lie can ruin a thousand truths,” she said. “Trust is sort of like the eraser on a pencil. It gets smaller and smaller with each mistake we make. So we have to be careful. Do things right. Do the right thing. Be proactive.”

“No matter how fantastic technology is, it can’t top that trust,” she said.

How many Ritz-Carltons and USAAs — surprise and delight — does it take to undo a Cambridge Analytica or an Equifax? I’m actually optimistic on this. Because better customer experiences, brand relevance, and resonance through data insights will continue to win. We just have to prove it, to the customer, millions of times, one by one, every day — in the very important data-driven marketing work we do.

 

Developing Technology Standards to Support Privacy Regulations of the Future

Advertising has played a vital role in the Internet’s mass adoption. But, as the industry evolved, consumer privacy took a back seat. Today’s technologies provide an opportunity to rebuild the digital advertising infrastructure to benefit publishers, brands, and consumers — and build in privacy, from the ground up.

Advertising has played a vital role in the internet’s mass adoption, but as the industry evolved, consumer privacy took a back seat.

Consumer privacy became a national conversation after Cambridge Analytica, a political consulting firm used by the Trump campaign, was able to obtain raw data harvested from up to 87 million Facebook profiles and use it to segment and target users in ways that critics argue amounts to voter manipulation.

Since then, congressional committees and governmental agencies have expanded investigations into Facebook, Google, and other ad tech industry players. GDPR came to the US in the form of CCPA, the California Consumer Privacy Act, a law designed to give consumers similar power over the data they generate online.

Our industry is now struggling to prove to both consumers and regulators that we can be trusted with their data, but there’s hope. Cutting-edge technologies provide an opportunity to rebuild the digital advertising infrastructure to benefit publishers, brands, and consumers — and build in privacy, from the ground up.

The First Step: Joining Forces

Cryptography and blockchain have already emerged as solutions for adding verification and validation layers that ensure accountability and efficiency in the media supply chain. But the only way to drive adoption of these forward-thinking solutions and solve for consumer privacy is by bringing together key stakeholders in the industry, educating them on the benefits and developing the technical standards that will create the change the industry needs.

“I knew blockchain paired with cryptography could deliver significant change to the advertising industry,” says Adam Helfgott, CEO of MadHive and founding member of AdLedger. “I also knew it would take a concerted effort to drive adoption across such a broad landscape of stakeholders.”

Uniting brands, agencies, publishers, and technology vendors provides an open forum for collaboration, allowing the industry to express their concerns and tackle the issues head on. Advertising industry leaders like Meredith, Hershey, IPG, Publicis, and GroupM are forming working groups that release findings for broader industry education, while companies like Omnicom, MadHive, and Beachfront are already engaging in proof-of-concept projects to tackle issues like fraud, brand safety, and transparency.

So, it begs the question: Why not leverage these technologies for privacy as well?

The Privacy Solution = Privacy-by-Design

Cryptography is already being used to keep consumer data safe, at-scale, in an industry adjacent to advertising: e-commerce. Every time you buy something on your favorite website and the little green lock pops up in your browser as you type in your credit card information, cryptography is being used to protect that sensitive information.

But cryptography’s potential runs much deeper than this single application. It can provide mathematical proof for things like data provenance, while simultaneously ensuring regulatory compliance. This gives publishers the ability to secure their first-party data and thereby control access to their most precious resource – their audience. For advertisers, this immutable chain of custody and identity validation of supply-chain participants creates a brand-safe environment in which customers are reached with the right message at the right time.

The best part? Cryptography and blockchain can be baked into the underlying digital advertising infrastructure, which will automate this entire process and create a system with privacy-by-design. But the only way to integrate these technologies and drive mainstream adoption is through the unification, education, and collaboration of key industry stakeholders.

Long-term fixes take time, but the value prop for publishers and advertisers is evident. And maybe the GDPR and CCPA regulations are the push the industry needs to join forces and work toward a long-term solution.

Why Everyone Benefits When Marketing and Privacy Are Aligned

Privacy is one of the most pressing issues facing organizations today. And it’s not just affecting the companies that are making headlines over it, like Facebook, Google, Capital One, and Experian.

Privacy is one of the most pressing issues facing organizations today. And it’s not just affecting the companies that are making headlines over it, like Facebook, Google, Capital One, and Experian. The recent passage of privacy laws in the United States and abroad, and the resulting potential fines for mistakes, have been a wake-up call for many. Marketing teams always needed to consider privacy but; now, it’s imperative, and there are significantly higher stakes (ahem…billions of dollars).

Noga Rosenthal, Chief Privacy Officer and General Counsel at NCC Media, believes that far too often, marketing and privacy may be unknowingly working against each other or in silos. However, it is essential for these two departments to be closely aligned.

She points out:

“Every company is a data company, whether or not they realize it. You have CRM data and employee data. You’re collecting data off your website. Nearly everybody will be impacted by legislation like CCPA [California Consumer Privacy Act] and needs to be paying attention.”

What’s at Stake

The stakes are high, and the risks are greater when there’s a disconnect between the marketing and communications teams and the privacy and legal teams. There are two common vulnerabilities:

1. Corporate marketing and advertising aren’t taking into account privacy when promoting products and services.

  • Corporate advertising is creepy to customers.
  • Your company is using new and trendy technology vendors that haven’t been properly vetted by privacy teams.
  • You’re using terminology in your marketing, like “tracking” and “anonymous,” that will draw scrutiny from lawmakers.

2. Marketing and communications teams aren’t involved in security and privacy breach preparedness and response.

  • Marketing and communications haven’t contributed to the company’s incident response plan.
  • Marketing is looped in too late during a breach and is not given the resources needed to respond to stakeholders and meet disclosure requirements.

Companies that falter can be subject to hefty fines. They could alienate their customers. And they’ll likely find themselves in the middle of a PR nightmare.

The Benefits of Collaboration

“Marketing should have a seat at the table in all things data governance. It’s mission-critical,” says Peg Kuman, Chief Privacy Officer of V12.

Bringing privacy and marketing together benefits everyone. If you’ve ever tried to read a privacy policy, you know that privacy and legal speak needs to be more accessible and consumer-friendly. Disclosures and policies written by privacy teams would surely benefit from a marketing and communications lens.

If marketers are more in tune with privacy, your company can protect its brand reputation and avoid the painful privacy missteps in advertising that we’ve seen with Netflix, Spotify, Tinder, and countless others. For companies that face an incident, collaboration can ensure a proper response, such as how Twitter recently owned up to its privacy mistakes, used consumer-friendly language and succinctly apologized.

Also, with an overall heightened interest in privacy, companies can provide value to clients and their customers by proactively sharing relevant and easy-to-understand privacy updates. A client outreach strategy can only be effective by coupling the expertise and knowledge of the privacy team with the creativity, strategy, and reach of the marketing team.

According to Rosenthal:

“At times, it feels like marketing and privacy are at odds with each other. But as privacy becomes more important to consumers, and companies like Apple use it as a way to bring in customers and differentiate from competitors, there’s more of a need to lean on each other.”

Where to Begin

There are several ways to open the lines of communication and foster a stronger partnership between privacy and marketing teams.

Establish a Cross-Functional Team

Don’t wait for something bad to happen to get closely aligned. Proactively create a team consisting of privacy, legal, marketing, and communications focused on cross-functional initiatives. Meet regularly to discuss legislation, strategize, and surface ideas.

Use these meetings as a forum for education and awareness. Like Kuman and Rosenthal, most privacy leaders are involved in industry organizations and coalitions. Through their participation, they get vital information that can help their marketing teams.

Commit to Privacy Principles

Privacy principles should align with the company’s mission, vision, and purpose. A great place to start is thinking about what trust and transparency mean for your industry and organization.

Once you’ve determined what privacy means for your organization, make sure it’s clear in everything you and your employees say and do. Better yet, put some marketing power behind those principles, so they become synonymous with your brand.

Prioritize Policies, Protocol, and Incident Response

Your privacy and marketing teams will need to jointly decide where to focus efforts across your various stakeholders including employees, clients, consumers, prospects, partners/vendors, the media, lawmakers, and investors.

There should be a clear protocol for how marketing and privacy work together, and all parties should understand the role that they play in protecting corporate reputation and respecting consumers.

If your organization doesn’t have a breach response strategy, privacy and marketing should champion the development of one, in conjunction with other parts of the organization, such as technology, information security, and client services. Simulation exercises are valuable ways to identify vulnerabilities and prepare without the intense pressure of an actual crisis.

Raise Awareness Through Education

Privacy is likely not top-of-mind for the majority of your marketing staff, but awareness is critical. Education increases awareness. Curriculum specific to marketing helps the full marketing organization understand their role in supporting the company’s privacy principles. Training can also address when it’s necessary to engage your privacy resources.

Kuman prefers the term “socialization” over training.

She adds:

“Companies should socialize the notion that privacy is how we protect our customer, employee, and business assets.”

Privacy Is Everyone’s Job

Regardless of where privacy laws are headed next in the United States and abroad, we all play a role in privacy protection and we’ll be more successful if we’re working closely together.