Navigating Privacy And Data Challenges: A Blueprint For Success

In today’s rapidly changing landscape, the urgency for brands to prioritise privacy and data protection cannot be overstated. Failure to act not only exposes them to regulatory penalties and cyber risks but also puts their entire existence at stake.

Research supports this grim tale, revealing that losing consumer trust costs brands upwards of AU$3.78 trillion per year. And when it comes to security breaches, the Australian government is coming down hard with maximum penalties set at AU$50 million or 30 per cent of the company’s Australian turnover in the breach turnover period.

The cost of lost consumer trust, both financially and reputationally, serves as a stark reminder that in today’s landscape, safeguarding privacy is not only a legal obligation but also a critical aspect of long-term success. Considering a worrisome 11 per cent of brands say they have a clear path to preparing for this sweeping change, according to recent Arktic Fox research, that means nearly 90 per cent are left woefully unprepared.

The urgency for marketers to act now on privacy

The privacy problem is nothing new. In fact, Australia’s Privacy Act was put into action back in 1988. So why the urgency now? Well, there are at least three main forces at play here, namely:

• Global pressures: From the EU General Data Protection Regulation (GDPR) to the California Consumer Privacy Act (CCPA), more than 120 countries around the globe have established privacy and security regulations that protect residents’ data privacy and security. This sparked the review for Australia’s Privacy Act review, which aims to better align Australia’s laws with global standards of information privacy protection and properly protect Australians’ privacy.
• Major cyber breaches: High-profile data breaches, such as those experienced by Optus and Medibank, have significantly heightened people’s awareness of cyber security. And the continuous media coverage of these incidents serves to further reinforce their concerns and perceptions.
• Apple’s privacy push: Privacy changes make “renting” audiences an unsustainable practice. Apple’s changes to Identifier for Advertisers and Google’s plans to remove third-party cookies by the end of 2024 mean marketers will soon face a virtually cookieless future.

Understanding the changing landscape

Chris Brinkworth, a media and marketing technology executive with a history of delivering innovative strategic projects across global markets, was recently a guest on my podcast. If you’re not familiar with his story, Brinkworth was at the forefront of the third-party cookie revolution in the ‘90s. “Dropping cookies” to collect more data and target people in new ways was a main KPI throughout the first half of his professional career.

As they say, “When you know better, you do better” and looking back, he takes issue with the way things were done to target consumers. “I’m kind of like the tobacco industry guy that suddenly realised all the harm he’s done,” Brinkworth shares. “I’m looking at everything I’ve learnt over the years, thinking how can I undo what’s been done and get involved in this privacy movement in advertising and marketing.”

He likens what’s happening in the marketing and advertising landscape of late to bookends. “On one end, global laws have changed in regard to how we conduct measurement. There’s cookie deprecation. And just the other day Apple announced removing any kind of link decoration within mail, messages and so on. This bookend is frustrating to marketers. It’s something they’re trying to come to grips with,” Brinkworth explains.

“On the other side of the coin, which is the not-too-distant future, there are changes to the Australian Privacy principles. If we were to look at that in isolation, as an industry, there’s obviously this frustration. However, if we step outside of that, we’re also humans. We have families and should be having an active conversation, becoming involved in this when it comes to the government’s requests. We must put forward what we feel is right as both citizens and industry folks.”

Marketing Technology News: MarTech Interview with Kala Halbert, Director of Marketing, Prophia

The compliance blame game: It’s not you, it’s your legacy systems

The frustration is there no matter how you spin it. But arguably, what’s worse is the majority of APAC businesses and brands are simply not ready for these changes. However, for a lot of them, it’s not their fault. Change happens so rapidly that it can be challenging to keep up. At the same time, agencies aren’t providing ongoing education to keep employees up to speed.

If they’re looking to place the blame somewhere, it should fall on their legacy systems. “The hygiene of old legacy zombie tags are on their site, potentially leaking data,” Brinkworth points out. “Yet, the people in that business or brand often feel like it is their fault. They have their heads in the sand because they don’t even want to start this conversation.

“So when we go into a meeting with the head of digital media buying, CTO, head of experience, SEO expert, etc and go over the data that’s being collected on their website line by line, it’s almost a cathartic release.

“They begin to realise that it’s not their fault. It’s fascinating to see how everyone gets this renewed kind of excitement on what they’re going to stop, so they can finally go back to their risk folks and internal legal counsel to say, ‘This is what we’re collecting, and here’s why we’re doing it.’”

A customer data disaster: How you could be setting yourself up for a privacy breach, unknowingly

It’s common for brands and organisations to have customer data that’s out-of-date, incomplete, incorrect or duplicated. However, with privacy laws tightening across the globe, this ‘messy data’ is setting them up for a customer data disaster.

Recently, New Zealand’s largest retail group found this out the hard way. It has been building out its loyalty program, already boasting one-million members strong. The retail group also has 4 million unique customer identities in its Salesforce stack.

The retail group’s confidence in the strategic advantage of “growing first-party data across all our brands” was put to the test when a journalist decided to investigate further. Under a Privacy Act request, she sought her own data but received more than just her information. Surprisingly, the data provided also included details of several other individuals who shared the same name – a privacy breach, according to the Privacy Commissioner.

The journalist knew she had shopped at the retail group 52 times in the last three years (from her credit card transactions) and it had data on:

• 47 of these transactions, including items purchased, store, price paid, date and time
• 38 of the purchases had been online and five had been in-store and identified through her loyalty program membership

The retail group used her customer data to send her:

• 50 emails over three months (none of which she’d clicked, opened or purchased from)
• 50 app push notifications (but no data on her actions on those notifications)

This was the first time this large retail group has ever had to supply data like this. And, it probably won’t be the last.

The moral of the story? Understand what data you have. Until you can confidently do that, you will be exposed to privacy breaches. A CDP (customer data platform) like Amperity can help you make sense of your messy customer data. Let’s take a look at how.

5 actionable ways to succeed in a privacy-first world with a CDP

Below are the five key actions all businesses need to do to start – and succeed along – their privacy journey.

1. Adhere to current Privacy principles now:

A CDP can help you ensure compliance with Australia’s current privacy act by providing capabilities that fulfill data privacy use cases. It can help you manage access to customer data and, importantly, efficient retrieval when requested, in accordance with privacy principles.

2. Understand what data you have:

A CDP can help consolidate and unify your customer data, therefore, assisting you in classifying and cataloging it for deletion requests. It can provide insights into your MarTech and AdTech partnerships, helping you understand where your data resides and how it is being used.

3. The fair and reasonable test:

A CDP can help you adhere to the guidelines issued by the OAIC, regarding fair and reasonable use of customer data. It can assist in managing universal consent across marketing channels, ensuring efficient processes for data audits and simple to set-up data retention policies.

4. Be the trusted custodian of your customers first-party data:

A CDP can play a crucial role in building and managing a robust first-party data strategy across the entire business. It can help you collect and organise user-consented data effectively, ensuring compliance with how that data is democratised across your teams for who can access customer PII (Personally Identifiable Information). It can also help you assess the quality and validity of existing data.

5. Design with privacy in mind:

Implementing a CDP involves setting up appropriate security protocols and governance around data usage. Collaborating with experts who understand the changes on the horizon will assist you in modernising the way data is used across your organisation, i.e. who has access, how it can work with the evolving paid media landscape and how it fits within your technology ecosystem.

The future is first-party

Looking toward the future, the evolving privacy landscape presents several challenges but also numerous opportunities for marketers and brands. As consumer expectations and data regulations continue to evolve, brands have the chance to differentiate themselves by prioritising privacy and data protection.

By taking proactive steps to build trust and transparency, they can forge deeper connections with their customers and create personalised experiences that genuinely resonate. Embracing privacy as a strategic priority not only mitigates risks but also unlocks the potential of data-driven insights, enabling brands to make more informed decisions and drive meaningful growth.

Marketing Technology News: The influencer space is evolving again. Here’s how AI fits into the future of influencer marketing.

 

About Amperity

Amperity delivers the data confidence brands need to unlock growth by truly knowing their customers. With Amperity, brands can build a unified customer profile foundation powered by first-party data to fuel customer acquisition and retention, personalize experiences that build loyalty, and manage privacy compliance. Using patented AI and machine learning methods, Amperity stitches together all customer interactions to build a unified view that seamlessly connects to marketing and technology tools. More than 400 brands worldwide rely on Amperity to turn data into business value, including Alaska Airlines, Brooks Running, DICK’s Sporting Goods, Endeavour Drinks, Planet Fitness, Seattle Sounders FC, Under Armour and Wyndham Hotels & Resorts. For more information, visit amperity.com or follow us on Linkedin, Twitter, Facebook and Instagram.

An inside look at the customer data collected and used by The Warehouse Group

A journalist requested her personal data held by The Warehouse Group (which anyone can do under the Privacy Act). The Warehouse Group is building out the biggest loyalty program in New Zealand.  It’s already at 1 million members and has 4 million unique customer identities in its Salesforce stack.   It was the first time The Warehouse Group had had to supply this data.  The journalist got her own data as well as the data of several other people with the same name (which was a privacy breach according to the Privacy Commissioner).

She knew she’d shopped at The Warehouse Group 52 times in the last 3 years (from her credit card transactions) and The Warehouse Group had data on;

• 47 these transactions including items purchased, store, price paid, date and time
• 38 of the purchases had been online and 5 had been in-store and identified through her MarketClub loyalty program membership

The Warehouse Group used her customer data to send her;

• 50 emails over 3 months (none of which she’d clicked, opened or purchased from)
• 50 Warehouse app push notifications (but no data on her actions on those notifications)