By Shallu Behar-Sheehan, Regional Vice President, EMEA Marketing and Global Campaigns at F5 Network
Private details and Personal Identifier Information (PII) are precious commodities and the jewels in the crown of business intelligence. A rich bank of behavioural understanding, personal profiling, and a catalogue of characterisation are gold dust for companies today.
The EU’s General Data Protection Regulation (GDPR) has moved the goalposts, and the stakes are higher than ever. Significant numbers of senior executives are already being held accountable for their inability to explain their legal position for data collection, processing, and distribution. Serious data breaches or mismanagement can now lead to major fines or even prison sentences. The impact on digital and social marketing has been notable. Certainly, any data profligacy business as usual practice is no longer an option.
As consumers, we are all subject to targeted advertising, including digital marketing, social media, email campaigns and even direct mail. Good data is the lifeblood of relevant customer engagement, but privacy is paramount. Without it, there is no trust or respect for a company’s business ethics.
Informed consent is the new gold standard defining data mining boundaries. However, many organisations are still struggling with the due diligence needed to ensure all customers are fully aware of their rights and have given their adequate consent, specifically with a positive affirmative action. Others are taking big risks with inappropriately calibrated automatic decision-making, e-marketing, data processing, or cross-border data transfer operations.
According to a survey by the GDPR Associates, 52% of organisations see data governance as the biggest compliance headache. For many, the introduction of the GDPR was the first time they accurately identify and legally define all data related to both external customers and internal staff members.
The GDPR is about taking ownership and showing responsibility. It elevates personal data protection as a strategic priority for organisations working with EU residents. It requires businesses to be transparent, fair and lawful. It also mandates a culture in which data privacy and security form a central part of the customer relationship.
Companies that value customer loyalty now need to take a hard line with app security, database management, and the way they harvest their data-based social media and marketing assets. Sound information management is essential within the context of an organisation’s existing security and compliance structure. Today’s tech-conscious consumers only want to work with the most trustworthy data handlers, and the GDPR allows them to call the shots louder and with more influence than ever before.
Stick to the rules
It is vital to stick to the rules when keeping customers ‘sticky’. The answer is transparency, which is mandated by the GDPR at the point of data collection, and businesses must be explicit about their data usage intentions. This includes what data is being collected and specifics on how, where and why it will be used. Most importantly, individuals need to be made aware of their rights at the onset, including options for opting out and retrieving their data.
Targeted advertising can be a powerful, mutually beneficial exchange, but the consumer must always be in control. The long-held belief that more data equals more productivity, engagement levels or profit, is false. Consumers demand relevant quality over quantity. Wasting their time or wilfully compromising personal data is a recipe for disaster. Marketeers must always:
- Earn trust and maintain it, including explaining how and where data is gathered, either from single or aggregated sources
- Reveal how individuals are profiled, particularly when extensive data habits and user behaviour are collected
- Provide the right to challenge and correct the profiling data and have access to human oversight and interaction
- Respect data subjects’ right to halt processing at any time
- Respect consumers’ right to withdraw consent and to be “forgotten”
- Have systems in place that can provide customers with copies of their data on-demand
Businesses can no longer shun data transparency and accountability responsibilities when processing customer data. At every hierarchical juncture, they must be assiduous and empathetic to the trust customers place in them, as well as their duty to mitigate against an increasingly complex cybersecurity threat landscape.
Now is the time to cancel the complacency and embrace a new world of digital engagement and data trust.