According to the International Association of Privacy Professionals (IAPP), Privacy is defined as “the right to be left alone, or freedom from interference or intrusion. Information privacy is the right to have some control over how personal information is collected and used.”
Imagine having all your customers and potential customers say ‘they wish to be left alone’. As a marketer responsible for executing a customer growth strategy, that would be a nightmare. We are operating in a very interesting time in business where the rapid advancement in technology has led to large scale adoptions of aggressive digitization strategies. Artificial intelligence and predictive technologies are becoming commonplace in every industry, with this we are able to predict trends, changes in consumer behaviours and the effects emerging technologies will have on our Business Development strategies. And at the centre of this customer growth strategy is data - customer data, the new oil. Being able to communicate one on one with your customers in a personalized manner, sharing with them only the things that are of interest to them, always being able to answer their questions even before they ask, providing real value long before the first sales conversation begins are all the things that, every sales and marketing executive dream of doing. Imagine meeting with your CEO to explain your customer growth strategy and showing how you have created value and connected with each customer as though they were a childhood friend. Can you say promotion? Huge end of year bonus? Both customers and executives expect a value-adding growth strategy to include only relevant and timely information communicated in the precise way your customers would most prefer to receive it. However, to make this a reality, customers are required to offer a company access to a lot of personal information, and this is where the Privacy Paradox is introduced.
What is the Privacy Paradox
The ‘Privacy Paradox’ is a term coined all the way back in 2001 by Barry Brown in a study done on the experience of internet users. In this study of early online shopping, Barry found that there was a paradox that existed between customers’ concerns about their privacy and their desire to still use supermarket loyalty cards that had the ability to track their behaviour. The Privacy Paradox simply says this ‘Customers do not trust organizations with their data; however, they still expect to benefit from a personalized shopping experience’. The biggest challenge your customers face is that while they know their information is valuable, they don’t quite know how much it is valued. They receive value from doing business with your organization but there is no tangible or audible experience associated with parting with their personal data and as such, customers don’t feel the impact of the transaction in the same way they do when there is a transfer of funds associated with a product or service. Organizations have been collecting and storing customer data and using it to predict behaviour for decades, sometimes for the benefit of the consumer but other times to their detriment. In order to protect the human right to privacy, many governments and regulatory bodies around the world have been creating and implementing privacy laws and regulations around how organizations should collect, process, store, transmit and destroy personal data, returning the power of privacy to the hands of the consumer.
Become a Certified Privacy Professional today! Learn More
Privacy Regulations and Their Impact
By this point, we all would have heard of the General Data Protection Regulation (GDRP) coming out of the EU. Similar regulations have been enforced in different jurisdictions while many others are pending. Regulations such as the CPRA, CPA, PIPEDA, PDPA among others. All of which are extraterritorial regulations which simply means that they are valid across all jurisdictions. There is a common misconception that privacy is an IT or Security issue, which could not be further from the truth. Privacy is an organization-wide issue and Marketing, Sales and Customer Service are all warriors on the front-line. Almost all privacy regulations stipulate some basic rights, all of which affect how we engage with our customers. Some of these rights include:
Right to Consent – Access to process personally identifiable data must be clear and intentionally given.
Right to Data Protection – Personally identifiable data should be protected with adequate and effective security controls.
Right to Access and Rectification– Individuals should be able to, upon request, review all information collected and to correct where applicable.
Right to be Forgotten – All data that has been collected should be permanently deleted upon legal request including archived data.
All four concepts above in addition to others not named here, places the responsibility of data collection, protection and use squarely in the hands of the organization despite how it may have been obtained. With this responsibility comes very large fines for the misuse or inability to adequately protect this critical data. For us Business development practitioners, this creates a bottle-neck of competing interests. No longer can we store or use customer information without clear legal interest that matches the use of data to the purpose for which it was collected.
So What’s Next?
Data privacy regulations should be viewed as a gift, not a curse. Following proper privacy regulations will lead to us collecting, storing and using less meaningless data as the less data we have, the lower the chances are of violations occurring. This creates a more competitive customer growth strategy as collecting less data means we need to collect more targeted data, and the more targeted the data, the more efficient our data use must become. Even without regulations customers are becoming smarter and more cautious about their data and expect a reasonable explanation for the use of their personal information. However, for most consumers, it’s about how the data is collected and used not necessarily what data attribute is being collected. I don’t necessarily mind the fact that you remind me that my yearly subscription is coming to an end a month or weeks in advance. What I do mind is you sending me an unsolicited email telling me that the shirt I wore to work today would look great with your new pair of designer slippers. Companies that combine data privacy with data use will, in the long-term, benefit from creating value through relevant communication all while increasing consumer trust over time.
Now, imagine meeting with your CEO to explain your customer growth strategy two days before she receives regulatory fines for privacy violations related to a recently concluded email campaign? Can you say no Promotion? Can you say let’s start crafting our resignation letter because we might be out of a job?