Around the world, data policies and laws are changing. The clock is ticking down on Google’s cookies, privacy regulations are ramping up - especially in the US - and just this month, the UK government launched a new data collection and digital information bill.
It’s a brave new world, and one that can be difficult to navigate for even the most seasoned of brands. After all, there are so many rules. Where the UK has previously been following GDPR, an EU-wide set of regulations around data handling, privacy and security, this bill could mean local firms navigating two sets of rules, depending on the market they’re in. And, of course, the US is already facing similar challenges with fragmentation, with local brands and agencies addressing different bills and rulings across various smaller locales.
To discuss this, as well as new approaches to data collection, the rise of first party data, and the eventualities brands should be preparing for, LBB’s Josh Neufeldt sat down with Wunderman Thompson North America’s chief data officer, Tony Weber, TrackDDB’s senior vice president (SVP), head of analytics, Huzaifa Noman, Publicis Media’s SVP, verified technology Shelley Pinsonneault, Cheil UK’s head of strategy and experience, Michael Chadwick, Fluency’s chief data and technology officer, Amar Vyas and Performance Art’s CEO, Andrea Cook.
With third-party cookies on their way out, stricter privacy regulations coming into effect worldwide, heightened consumer awareness and tougher enforcement of privacy laws, brands and agencies are entering a new data privacy paradigm. But the debate today isn’t just about compliance or strengthening first-party data capabilities. It’s also about the bigger picture of data ethics.
Here are five important points leading brands will need to consider:
Are you taking an enterprise-wide approach to data governance?
- Numerous systems, processes, employees, and touchpoints in your enterprise store, process and manage consumers’ personal data. It’s essential to align the whole organisation behind coherent and comprehensive data standards, policies, and governance. Data ethics and regulation cannot be regarded as a technology or compliance concern - it needs support and implementation from the top layers of the leadership team.
Are you going beyond compliance and security towards ethics as a strategic edge?
- In the wake of new privacy regulations and high-profile data breaches, many companies are focusing heavily on security and compliance. But that’s no longer enough. Nine out of ten UK and US consumers in a Wunderman Thompson survey said organisations have a responsibility to use their personal data in a fair and ethical way. Companies may comply with the law, yet still fail to meet consumers’ expectations.
Is your business transparent about how it uses personal data?
- Our survey also found that 85% of respondents suspect companies are dishonest about how they use personal data. You can reduce consumers’ concerns and build trust in your brand by showing what you are doing with personal data, as well as when and why you are doing it.
Do you offer the customer real value for their data?
- Consumers know the worth of their personal data and don’t want to give it away for free. High-quality loyalty schemes, valuable incentives and richer personalisation are some ways to ensure customers feel they will get value for interacting with you.
Does the customer have control over their data?
- Giving customers control over how their data is collected and used helps to build trust and credibility. As such, leading brands are giving customers easier and more granular control over the data they provide and the permissions they give to use it.
To conclude, data ethics is not just a compliance or management issue - it is an important aspect of a consumer’s experience with your brand, and shapes the perceptions of it. Adopting an ethical, customer-centric approach to data based on consent, openness, and mutual benefit will help your business to forge a strong bond with your customers and build a better brand reputation.
Huzaifa Noman
SVP, head of analytics at TrackDDB
As data privacy regulations become more stringent around the world, brands and agencies must adapt to a new paradigm of collecting, storing and using customer data. Here are some key themes and considerations to keep in mind:
- Regulations are changing ‘everywhere’. The European Union's General Data Protection Regulation (GDPR) was a major turning point for data privacy, and now other countries are following suit. The California Consumer Privacy Act (CCPA) went into effect in 2020, and several other US states have passed or are considering similar laws. Brands must stay up to date on the latest privacy regulations in the regions where they operate, to ensure compliance.
- The rise of first-party data. As third-party cookies become less viable and cookie deprecation becomes real, brands are turning to first-party data to gain insights about their customers. This includes data collected through customer interactions with the brand's website, mobile app, or physical locations. Brands that can effectively collect, store, and analyse this data will have a competitive advantage.
- The importance of transparency. Customers are increasingly aware of data privacy concerns and expect brands to be transparent about how their data is being collected and used. Brands should make their privacy policies clear and easily accessible, and communicate any updates or changes to their customers.
- The role of consent. Collecting and using customer data requires explicit consent, and brands must be careful to obtain it in a way that is clear and unambiguous. This includes providing customers with the ability to opt out of data collection and use, as well as providing options for controlling the type and frequency of communications they receive.
- The need for data governance. As brands collect more data, they must establish clear processes for storing, securing, and managing that data. This includes establishing data governance policies and procedures, as well as ensuring that employees are properly trained on data privacy best practices.
- The impact of cultural attitudes towards data privacy. Brands must consider the cultural attitudes towards data privacy in the regions where they operate. Some cultures may be more comfortable with sharing personal data than others, and brands must be sensitive to these differences when developing their data collection and use strategies.
All in all, navigating the shifting norms of data privacy requires a comprehensive approach that considers all the above. Brands that can successfully navigate these challenges will be well-positioned to succeed in a world where data privacy is critical to success.
Whether people recognise or even openly admit their willingness to share their data (read: Hawthorne Effect), I fundamentally believe users/consumers expect to have customised experiences that leverage all that brands know about them. They want relevance of communication and speed of transaction. We see it in their behaviour, and we see it in the results. The skill for marketers is to be un-creepy and 100% privacy-compliant in the way we use that data.
To me, shifting privacy compliance is merely a harbinger of two larger eventualities that brands should be preparing for: the types and volume of useful data will become increasingly impossible to store, and pursuit of value will evolve customers/users to the point of self-sovereignty. (People will eventually manage their own data).
To the point on useful data, it’s worth noting that already, historic first and third party data is only one part of the equation – most useful for broad strategy setting and on mass campaigns. As consumers, we’re creating new forms of data practically every minute of the day. As a result, perhaps the most useful data to achieve one’s marketing objectives is tied to the exact moment a customer opens an app (real-time owned channel behaviour), or the geographic proximity to a competitor’s retail location (geolocation). Or perhaps it can be found in how quickly we turn a corner in our BMW (in-car driving dynamics).
Even the best databases are not built to readily ingest multiple new forms of data in real time. I believe we need to begin to construct composable databases - where we access what we need, when we need it. The new skill will be mastering the contracts, API pulls, identity linkage and the AI needed to construct a real-time customer view and next best action, without the expense and liability of acquiring, storing, cleansing, and extracting all this data from a warehouse of one kind or another.
Regarding self-sovereignty, privacy restrictions are mounting because consumers are sick of being taken advantage of. And while it’s still clunky, users are already practising an early form of self-sovereign identity (SSI) by controlling our digital identity; we can grant data access or take it away (if we withdraw consent). Consumers are smart – there is money to be made and irritation to be eliminated by controlling access to one’s own data, determining who sees what – where, when and how. In contrast to centralised identity, this will shift ownership from brands and media platforms to the customer themselves. The question is, will there be an intermediary, or will brands own the value-exchange platforms themselves?
So, what to do now? Nerd out! Build your first-party data ownership. Every brand will need a base. Every brand will be playing with permissions/consent as we evolve. But be ready for big changes. Get in, experiment, expand your data curiosity and capacity. Encourage digital transformation that transcends our organisations, from sales to HR to creative teams.
Shelley Pinsonneault
SVP, verified technology at Publicis Media
By the end of 2023, 75% of the global population will be subject to privacy regulation. There is no point in procrastinating - the time to build towards a better advertising ecosystem is now.
Here are five ways brands can be ready for the new privacy paradigm:
- Understand your data assets (owned and partnerships).
- Build out the appropriate infrastructure to support privacy requirements (including data consent, collection, choice, removal, and correction) that are necessary to help shape experiences across paid and owned media.
- Evaluate technology partnerships to align on use cases and interoperability across DSP, clean room, data and identity, etc. (validate your consent infrastructure and disclosure support your use cases).
- Understand the privacy safe APIs available via your technology partners that can help deliver and measure against your digital marketing goals.
- Test and utilise future-proof media tactics like contextual, algorithm-based solutions and first-party ID targeting.
Amar Vyas
Chief data and technology officer at Fluency
As the digital data ambition evolves amidst stricter privacy regulations and Google's cookie phase-out, brands and agencies must navigate a new data privacy landscape. Surprisingly, online safety concerns revolve around email fraud/scams and unwanted adverts, with data privacy concerns only really arising when prompted. Nevertheless, businesses must prioritise this to mitigate against non-compliance fines and lost trust. Previously, marketers exploited cookie data for conversions, neglecting customer experience. Now, brands can prioritise customer experience and responsible data management for redemption.
To navigate this new landscape, brands can adopt several strategies:
- Embrace customer data platforms to collect, manage, and analyse first-party data in compliance with privacy regulations.
- Utilise customer journey orchestration to create personalised, context-driven experiences that strengthen customer relationships.
- Employ discourse analysis to better understand customer needs and preferences, enabling more effective and targeted marketing efforts.
- Prioritise building a robust first-party data infrastructure, ensuring compliance with local regulations while maximising data usage.
- Concentrate on enhancing customer experience within owned channels and ecosystems, delivering a data-driven, personalised experience that also generates strong ROI.
By implementing these strategies, brands can successfully adapt to the new privacy paradigm while optimising their data usage and improving customer experiences through the measurement of touchpoints.
Michael Chadwick
Head of strategy and experience at Cheil UK
The power dynamic in data is shifting towards customers, which could be a good thing for brands and consumers alike.
Catalysed by regulatory changes, the changing relationship between brands, consumers and their data has become more active, riding a maturity curve towards a place where consumers possess the power. Whilst this sounds problematic, it’s likely to be beneficial from an effectiveness perspective.
To start, our data maturity journey has passed through two distinct eras. Firstly, the ‘what’s possible?’ pioneering phase, where businesses sought to rapidly harness data. Next, came the era of ‘what’s optimal?’ – the emergence of a responsible approach. We are now reaching the natural next phase: the customer-led data era, a full 180 degree spin in the power dynamic. The conversation has moved from ‘what are brands allowed to do with my data?’ to a place where consumers ask, ‘what do I want to do with it?’.
Alongside regulatory changes, there are further shifts which businesses must consider. For instance, your customer experience must match your data ambitions. Consumers now expect greater incentives to part with information. Where previously, the value exchange was relatively simple and seemed like reasonable value - a world of free information and free content, powered and paid for by sharing a little about ourselves – this is no longer the case. Simultaneously, consumers demand more from brands’ digital experiences. As such, the centre of any conversation should not just be how to use data, but also how we deliver customer experiences that justify it.
To make things harder, this is a moving target; digital experiences are evolving every day, so what worked today, may not work tomorrow. Look at how web3 and decentralised, blockchain-based data or loyalty schemes have changed the conversation. These will create a paradigm in which a customer owns and controls their data as a tangible digital asset, opening up a world where loyalty cards are owned by the customer, and not the business. In turn, this can be monetised by renting them out or selling them. Imagine an airline loyalty card you could auction off if you were no longer planning to travel as much.
We can also expect to see relationship schemes in which the customer decides what brands they connect their data to – effectively meaning one can build a ‘loyalty club’ based on brand preferences and not an organisation’s business partnerships. This is not science fiction either. In 2022, Starbucks launched its blockchain-based loyalty platform, ‘
Odyssey’, and initial results suggest it’s a success. This is big! The emergence of even one major brand building out a meaningful web3 loyalty platform changes the conversation for all, because now consumers will say, ‘If Starbucks can do this, why can’t you?’.
So, what do we do? Ultimately, this move towards customer-centred sensibility should be seen as positive for marketers, especially from an effectiveness perspective. After all, a shift towards data being used to make customer experiences more personalised and relevant can only be a positive thing. Some brands have already made good strides in this direction, but the key difference now is that ensuring your customer experiences match your data ambitions is not optional. The power has shifted, and brands that fail to get on board may find customers moving elsewhere, and their data capabilities rapidly diminishing.