 Your new post is loading...
- The end of third-party cookies brings an opportunity for brands to build relationships of trust with their customers. Ultimately, cultivating trust comes down to how brands handle customer data, however they come by it.
- Part of adopting a new approach to engaging with data is considering when and how first-party personal information is collected. The “how” is an important foundational detail, as it may set the tone for the marketer’s relationship with the customer, determining whether or not a customer chooses to opt-in to share their information at all.
- Even after consent is obtained, customers and prospects have the right to change their minds. It’s an ongoing conversation between a customer and a brand, and so the ability to grant or revoke consent at multiple points in time is critical.
- Smart data use provides relevancy, and the brands that are positioned to thrive in a world without third-party cookies will likely be those that recognize a simple truth: You earn the right to be personal by first being relevant.
Ultimately, it’s up to the brand to use it to deliver better content and experiences and grow its customer relationships.
On 7 September 2020, the European Data Protection Board (“EDPB”) adopted draft guidelines on the targeting of social media users (the “Guidelines”). The Guidelines aim to clarify the roles and responsibilities of social media providers and “targeters” with regard to the processing of personal data for the purposes of targeting social media users.
Targeting services allow natural or legal persons (i.e., targeters) to communicate specific messages to the users of social media in order to advance commercial, political or other interests. The Guidelines state that the mechanisms social media providers can use to target users, as well as the underlying processing activities, may pose significant risks to users, including loss of control over their personal data, discrimination and exclusion as a result of targeting on the basis of special categories of personal data, and manipulation through misinformation. The Guidelines also raise specific concerns in relation to children.
What’s more is that 70% of Android apps that are currently being used have asked for dangerous permissions at least once.
It may sound like an expensive, time consuming process for brands, but it’s one that can be leveraged back to the customer as a differentiator. “Privacy is becoming the sixth P,” said Gerry Murray, Research Director, Marketing and Sales Technology for IDC.
In Murray’s opinion, there’s a powerful advantage for brands that involve customers in a process that serves them better instead of just grabbing as much data as they can from their customers’ phones. “It’s becoming increasingly apparent to customers, which brands are on which side of the spectrum,” he said. “Unless you’re a monopoly or in some kind of rare, single-source position in the marketplace, customers are going to prefer brands that steward their data.”
More than eight in 10 Australians consider organisations asking for personal information that doesn’t seem relevant to an interaction to be a misuse of their data, a new report has found. Seven in 10 respondents nominated privacy as a major concern for them, while 87 per cent wanted more control and choice over the collection and use of their personal information.
Specifically, 81 per cent of Australians said they considered an organisation asking them for personal information that doesn’t seem relevant to the purpose of the transaction and recording the types of websites they visit without their knowledge to be a misuse of their data.
Most Australians also believe they should have the right to ask a business to delete their personal information (84 per cent) and nearly eight in 10 want the right to seek compensation in the courts for a breach of privacy (78 per cent).
By 2023, 65% of the world’s population will have its personal data covered under modern privacy regulations, up from 10% in 2020, according to Gartner, Inc. “Security and risk management (SRM) leaders need to help their organization adapt their personal data handling practices without exposing the business to loss through fines or reputational damages.”
SRM leaders should adopt key capabilities that support increasing volume, variety and velocity of personal data by putting in place a three-stage technology-enabled privacy program: establish, maintain and evolve.
The establish stage includes foundational capabilities of a privacy management program. The maintain stage allows organizations to scale their privacy management programs. The evolve stage includes specialist tools that focus on reducing privacy risk with little or no impact on the data utility.
When a bank takes your information for a transaction, it goes through multiple stages of processing. While the transaction is being made, it is encrypted and is usually safe. But, when the data is stored, it is on a server somewhere. And this server is the weakest link on the chain. If a hacker gets in, it doesn’t matter how secure the transaction is, they can get your information.
When a transaction happens on the blockchain after you’ve set up a bitcoin wallet, the ledger has to be encrypted and verified by miners who then get paid out in some cryptocurrency. Because of this system, the transaction can’t be deleted or modified in any way or everybody on the blockchain will see it and that modification would need to be verified.
In other words, it can’t happen. It literally cannot be hacked. So your data is protected at all times when the transaction is made.
Doing away with third party cookies has been touted as “privacy enhancing” for consumers. However, years of research have shown that doing away with cookies, both 1P and 3P, does not necessarily increase privacy. This is because ad tech companies have found “work arounds” to continue to uniquely identify users, even without using any cookies.
Browser Parameters - This is called “fingerprinting.” Just like fingerprints are unique to each individual, digital fingerprints can be made from combinations of browser variables. For example, by gathering variables like the browser name and version, screen resolution, list of fonts and plugins, and IP address and location, companies can identify unique users with 99% accuracy.
Demographic Attributes - Adtech companies also claim that users’ privacy is already protected because no PII is collected or used. However, privacy researchers spotlight the lie of ‘anonymous’ data. “Researchers from two universities in Europe have published a method they say is able to correctly re-identify 99.98% of individuals in anonymized data sets with just 15 demographic attributes.”
Browsing Histories - In addition to being able to uniquely identify or re-identify users with browser variables or demographic attributes, new research from Mozilla shows that browsing histories can also be used to uniquely identify individual users.
How Common Is Fingerprinting? "We find that browser fingerprinting is now present on more than 10% of the top-100K websites and over a quarter of the top-10K websites," the research team said.
Our research found that:
_ 88% of Americans feel they ultimately own
any personal data they give to a company.
_ 97% believe it’s their right to have access to
their personal data.
_ 88% are frustrated by the fact that they
don’t have control over their personal data
and they wish the process of retrieving it
from companies were easier.
_ 65% are simply curious to know what information companies have on file about them.
_ 65% of those surveyed want access to
their personal data so that they can choose
what companies can and can’t collect, and
43% want this information deleted altogether. Two-in-five (40%) would even
update their information.
_ 56% want immediate access to their personal data (and 80% want it back in a
timeframe of 24 hours or less). However,
only a quarter (26%) think they would actually get their data instantly if they were to
ask for it.
New information from Vice's Motherboard reveals that 12 California lawmakers have finally begun taking steps in understanding how the California DMV sells driver's data, as well as staging the building blocks to extend consumer protections to prevent what may be an egregious misuse of personal information.
The lawmakers are now requesting that the DMV reveal what kind of companies it has sold or provided data to, specifically inquiring if it has ever knowingly provided information to debt collectors, private investigators, data brokers, or law enforcement agencies. The California DMV had previously revealed to Vice that the companies requesting data "may include insurance companies, vehicle manufacturers, and prospective employers."
Further information requests involve the use of social security numbers, photos, licensee data of undocumented immigrants, and how the department handles requests for opt-outs.
It's estimated that the California DMV earns roughly $50 million each year from selling the personal information of Californians, but it isn't alone in doing so. Other states like Rhode Island have also partaken in this revenue generator, raking in hundreds of thousands of dollars using the same practices. Both states are a drop in the bucket compared to Florida, which brought in $77 million in 2017.
You might be asking yourself, just how easy is it to obtain someone else’s personal information, documents, account details?
We certainly were.
To see just how prevalent such items of personal data are being listed, and at what price, we sent our researchers on a data-gathering mission into the dark web.
Only 22% of Americans report “often” or “always” reading online privacy policies, and that’s solely for websites which require browsers to affirmatively agree to a privacy policy (i.e., flashing a pop-up with some form of “check the box” affirmation). This does not engender much confidence that Americans are actively seeking out and consenting to the privacy policies embedded within the myriad of websites they visit on a daily basis. And who can blame them – a 2008 study estimated it would take 244 hours each year to read every privacy policy in full for all the websites an average web browser visited annually.
So note the structural framework of U.S. Sen. Sherrod Brown’s (D-Ohio) Data Accountability and Transparency Act of 2020 (DATA 2020): rather than maintaining the permissive data privacy legal framework which allows data processors to manage consumer personal data largely as they see fit, so long as they disclose their intentions in a lengthy privacy policy (which, as we’ve established, the vast majority of their consumers will never actually read), Sen. Brown instead suggests a restrictive legal framework that will dictate, by statute, when and how data processors may use consumer’s personal data, and to what extent.
"The decision to kill off third-party cookies is widely regarded as a necessary evil, but who gets to determine their replacement? The uncertainty has prompted some companies to develop turnkey solutions that are privacy compliant. Google—whose decision to eliminate third-party cookies from Chrome by 2022 created the vacuum—also has a solution, as does ad retargeting kingpin Criteo. Whichever technology emerges, it will address critical advertiser capabilities including ad targeting, frequency capping, user privacy and attribution. And it will enable an enormous advertising market; last year, third-party cookies helped fuel nearly 30 percent, or $38 billion, of all U.S. digital ad spend."
Maine’s new data privacy law is an essential step to protect customers that should be emulated throughout the country
Customer data fuels the advertising and marketing strategies for most companies, but that doesn’t mean that customers should lose their ability to control their own data
Customers should be able to easily opt-in and opt-out of having their data collected, and also have a clear view of what opting-in means
The end goal of all customer data collection should be to provide an enhanced customer experience that makes customers want to share their data
Of the 186 professionals surveyed in July 2020, 37% said that their company did not have a dedicated privacy team, and 44% said their company's privacy team had one to five employees. Only 6% of respondents claimed 10 or more members on their company's privacy team.
In terms of the California Consumer Privacy Act (CCPA) requirements, a state statute intended to enhance privacy rights and consumer protection specifically for California residents, 26% of applicable respondents were meeting or in the process of meeting all requirements, 14% were not meeting requirements, and 28% were unsure of their company's compliance.
A wide range of tools are available to help companies carry out their data privacy initiatives. The majority of respondents are implementing or considering implementation of data backup/recovery solutions (62%). More than half of respondents use or are considering to use endpoint protection (54%), data loss prevention (52%), and encryption software (52%). Close to half of the respondents (48%) use or may use Identity and Access Management (IAM) or (43%) Mobile Device Management (MDM). Other tools being used or considered consist of compliance software (30%), Customer Data Management (CDM) platforms (19%), and consent management applications (16%).
Consumers believe data privacy is a human right. Corporations need to raise their game. Consumers are becoming increasingly concerned with, and distrustful of, how companies safeguard their personal data against misuse and theft. Companies must take steps now to keep pace with expectations—or risk losing access to the data that increasingly drives strategy, insights and success.
To learn more about how consumers are thinking about data privacy and what they expect from corporations, KPMG surveyed 1,000 Americans. The survey reveals that consumers overwhelmingly agree that data privacy is important, and that they want corporations to take significant steps to better protect, manage and ethically use their data in 2020.
Data privacy software is a software that allows the companies or users to save important data and protect against the security threats in compliance with the standards. It manages all the data privacy programs which includes the reverting back to consumers regarding the issues, it also helps the other business operators to manage their data to work together on data access, deletion, or transfer of data.
The research points to a privacy gap between the consumer data protection individuals want and what industry and regulators provide. While the majority of consumers want their data protected, they’re still waiting on — or expecting – the federal government or industries to provide this protection.
For instance, 60% of consumers believe government regulation should help address the privacy risks facing consumers today, of which 34% say government regulation is needed to protect personal privacy and 26% believe a hybrid option (regulation and self-regulation) should be pursued.
Now, the savvy consumer monitors whether their Facebook profile is public or private, checks their credit card statement monthly, freezes their credit score, and uses a different password for their Amazon.com account than their bank account – all a sign that the common user is becoming more intelligent as a result of an increased awareness that their data is out there, their data is being stored, and their favorite merchant may not be paying close attention to whose hands that information is being passed off. This new-found awareness that data subjects have rights whether they pay for a service or not has put the global economy into a privacy recession. For the first time, companies are now scrambling to capture consent at every crossroad and keep pace through privacy policy updates in an effort to anticipate the next law restricting the use of consumer data. The extent of this market shift will continue to grow until the stakes for an organization, and their impact on consumers, are fully realized.
While 89% of consumers say data privacy is important, more than half (55%) are unaware of any data privacy regulation, according to a new study by Integral Ad Science (IAS), the global leader in digital ad verification. In the past two decades, the ability to collect consumer data online has revolutionized the field of digital advertising, but new privacy regulations in the US and worldwide have begun to restrict certain targeting strategies. To find out more, IAS surveyed 1,093 US consumers on their perceptions of targeted digital advertising practices and data collection.
A majority of consumers say they are taking responsibility for securing their data; 53% of consumers hold themselves most accountable for keeping their personal information secure, with only 36% holding websites and apps most responsible, and just 10% holding the government most accountable. More than half of consumers have taken action to help limit data collection when they are online, such as clearing their browser history or using a private or "incognito" window. Just 39% responded that they have used an ad-blocker while browsing online.
Managing complex and nuanced consumer rights requests presents a unique challenge for enterprises in today's regulated world of GDPR and CCPA. Here's why.
As privacy laws around the globe proliferate and evolve, company leaders must be careful not to approach privacy compliance as an item to check off a list. Instead of employing a reactive strategy built around ad hoc responses to new laws and amendments, organizations should deploy a more proactive approach. To do so, they'll need to develop scalable processes that ingrain privacy into how the company manages its data. A scalable approach to privacy can help conserve resources, including budget, and create a lasting competitive edge.
With privacy technology, the word "automated" as a descriptor is used a lot. Yet few business leaders understand what that word currently means and what it needs to mean if they wish to scale their compliance programs. Today's existing automation technologies can help automate rote activities or connect disparate systems via APIs to reduce the reliance on manual tasks. While this form of automation can help with a "check-the-box" approach to privacy compliance, it will not allow organizations to understand how and why data is moving across a company. Only through intelligent automation will organizations learn how to turn data into a strategic asset, helping make privacy decisions quickly to harness the power of data not just to drive compliance but also greater business success.
What capabilities should you search for?
A good Policy Management software solution will, first of all, provide multiple and up-to-date supporting document templates to allow your staff to create what’s required for a data privacy program.
Employee understanding of policies and procedures is essential, but information overload can be a major roadblock to employee adoption of compliant behaviors. One way to ensure your employees get the information they need to remain compliant is to target the right segments of your workforce with only the information that’s appropriate to each of them, in the right language.
Your ability to assess and optimize your compliance program should be streamlined, too; the right solution should allow you to track attestations within your program, and make any changes required to improve compliance.
Furthermore, having the ability to automate reporting to enable early risk assessments and responses will reduce the number and cost of regulatory non-compliance incidents.
Ease of use is practically paramount, so both administrators and employees alike are able to work with the solution with minimal (or even no) training. This is important because most employees have difficulty with data privacy and cybersecurity issues; 75% of respondents in one survey struggled to understand any best practices in these areas, marking them at the “novice” or “risk” level.
If the bill were a law during Facebook’s privacy scandals, Mark Zuckerberg would face jail time, Sen. Ron Wyden says.
|
|
Bravo! But go beyond 1st party data and embrace zero party data.
See how extended zero-party data is your greatest marketing resource...and you can tap into it right now!: http://un.marteq.io/WP1/ #martech #marketing