The smart approach to personal data regulations - the data game is like the dating game

Ahead of May 2018 a headline in Campaign, a marketing sector magazine, proclaimed: “GDPR will render 75% of UK marketing data obsolete1”. The accompanying article stated that only 25 per cent of the data held in marketing databases across the country met GDPR consent requirements, making the balance unusable. From our experience since May 2018, the reality is actually far worse when it comes to email contact-ability within some large organisations, some have lost the use of over 90% of their database. And with the Information Commissioners Office (ICO) now setting their sights on the AdTech sector, real-time bidding and tracking technologies, the ability to deliver customers a personalised experience across device and channel is set to become even more challenging.

GDPR – the European Union’s General Data Protection Regulation, and the UK’s implementation of it, the UK DPA 2018 – regulates how personal data can be collected, stored and used by companies and other organisations. To date, we haven’t seen many organisations embrace the regulation, with the objective to elevate their trusted brand status, to enhance customer engagement through greater transparency or to empower consumers to self-determine how they are communicated with, and what about. Compliance should be more than a box ticking exercise.

Gartner has recently made significant strategic assumptions that by 2022 half of our planet’s population will have its personal information covered under local privacy regulations in line with the GDPR, and 30% of consumer-facing organisations will offer a self-service transparency portal for preference and consent management.

With brands needing to concern themselves with a fast-paced global privacy and data protection landscape, our view is that they need to focus on two things:

• Firstly, put the consumer front, left and centre of all decisions with regard to the collection and use of their personal data, and
• Secondly, implement to GDPR standards across all territories and ‘tweak’ locally as the regulations are firmed up.

We have found that by putting the consumer first and at the centre of the decision-making process, implementation of the updated, and new, regulations across the globe will become a lot simpler.

So, in today’s environment have marketing departments, hampered by regulation, ground to a halt?

Research by marketing automation leader Marketo2 found that 72 percent of organisations that had almost exclusively focused on how to use the new regulations to build or improve customer engagement had exceeded departmental targets. In other words, using the regulations to rethink and reorganise helped them get better at marketing.

Marketing is about building relationships, and all good relationships are built on trust. The problem is that trust is in short supply – the same Marketo research found that 72% of consumers were concerned about data privacy and were unwilling to share their data. This leads to the ‘privacy paradox’. Similar research conducted by Epsilon3 has found that 80% of consumers are more likely to do business with a company that offers personalised experiences. This is multi-channel and across devices, which requires the need to share data.

This is where the new regulations can be used to help organisations, and brands, to deliver greater, more personalised experiences. By becoming trusted data stewards – by delivering greater transparency, tightening personal data security and better management of consent and preferences for marketing activity, the updated regulations are a great opportunity for organisations to rethink and recast their activities in order to build trust.

The GDPR certainly puts power into the hands of consumers – in most instances they decide how their personal data can be used. As a result, marketing departments have had to rethink relationships. What the smart ones realised is that the data game is like the dating game. Rush into it and the object of your affection is likely to take flight. On the first date you don’t ask how much they earn or whether they believe in marriage. Just getting their phone number can be a good result. Marketers need to take it slow, show the targets respect, tact and discretion to reap rewards.

According to Boston Consulting Group4, companies that excel at creating trust could increase the amount of consumer data they can access by between five to ten times, with the resulting “torrent of newly available data meaningfully shifting market share and accelerat[ing] innovation”.

In practice, this means asking for only what is needed to conclude the first encounter – leave them wanting more. Get it right and there’ll be a second date, maybe more. Over time your customers will provide more information as trust grows. But this takes some preparation to play the long game.

To get the tone right at each stage, organisations first need to assess just how much value can be achieved from each extra piece of personal data they ask for. A healthy pregnancy campaign run by a pharmacy will be made significantly more efficient if it knows the sex and age of its contacts. But delving deeper to ask marital status adds proportionally less value – it’s not critical information.

Equally, it’s important that consumers know how they are likely to benefit from divulging more personal data. So, for example, explain that if they share their date of birth, they will receive a special 50% discount for their birthday. Organisations that explain clearly why they want information and how it will enhance the service they provide show a level of transparency that consumers react well to.

Finally, trust comes from consistency – always being treated in the same respectful way.

By having a consent and preference management platform integrated within a brand’s marketing stack, marketing departments can make sure that all the personal data they collect is stored, synchronised across systems and acted on according to the relevant consents and preferences collected across every touch point.

The relevant information provided to the consumer and every interaction is recorded to demonstrate transparency and accountability. At MyLife Digital we have introduced the following features to our consent and preference management platform, Consentric:

• value cards to allow brands to communicate the exchange they will receive from sharing their data or consent to use the data, or what they will lose if they withdraw it.

• progressive consent, so consumers are only presented with the ‘next best consent action’ based on their current status and not bombarded with the same old requests they have already ignored, refused or even in some cases accepted.

We see this as a potential solution to the challenges faced today by the AdTech world and the requirement for a granular cookie consent mechanism.

Campaign’s headline might have been right about the state of the UK’s marketing databases but its implication that digital marketing was doomed was flawed. Implement the regulation with the consumer at the centre of the decision making process and the relationship will be enhanced and ultimately more valuable, not undermined. It’s just a matter of showing some respect.

Whilst consent management has been around for a few decades, modern consent and preference management is an increasingly important tool in managing privacy UX. The demands of today's consumer balanced against a backdrop of maturing privacy laws across the globe have given rise to a rapid growth in this market.

Read Gartner’s Market guide for Consent and Preference Management where we believe they recommend that vendors:

• "Develop user-centric consent and preference capabilities"
• "Treat consent and preference management as more than a compliance target"

Putting the user front and centre of all your organisation's activity.