MarTech Interview with Wayne Matus, Co-Founder | General Counsel & EVP at SafeGuard✓Privacy and Richy Glassberg Co-Founder & CEO

How can brand marketers safely navigate the constantly evolving privacy landscape? Wayne Matus, Co-Founder | General Counsel & EVP at SafeGuard✓Privacy and Richy Glassberg Co-Founder & CEO weigh in:

 

__________

Welcome to this MarTech Series chat, Wayne and Richy, we’d love to hear more about SafeGuard Privacy and its inception and how it’s grown over the years. What inspired the start/launch of this solution?

Wayne Matus: I am a lawyer, and had first hand experience with many clients addressing their privacy and compliance issues first as co-head of a large law firm’s privacy department, and then within a major global bank helping them become the first to be compliant with GDPR. I knew that innovation and technology could make a difference and wanted to do something that mattered.

Richy Glassberg: I come from the advertising world. Companies of all sizes were experiencing the same issues – these are laws, not standards. The industry has never had to face that before, and I could see the havoc that the patchwork of privacy legislation would unleash upon the ecosystem. Frameworks and spreadsheets weren’t solving the problem. They were headaches. We knew we could create a better way to manage privacy compliance and we set out to help companies across all industries. We wanted to enable them to answer the questions: “Am I compliant with these laws? Are my vendors?”

How in your view will global privacy laws change the game for online marketers and sellers? How can digital marketers and sellers use local privacy laws to their advantage and meet customer expectations when it comes to data policies better?

For the local or regional brand, the changes are significant but not as complex as for the global marketer.

The local or regional brand in the U.S. will have a few state laws that will matter and they will have to follow and comply with them. The requirements are about as simple as the tax laws, meaning not at all simple, but not impossible either. Like any other law, you have to spend time addressing the requirements and becoming familiar with them. In the U.S., we are developing along the lines of independent state laws falling into 2 different models, which increases the complexity further. GDPR on the other hand covers all 27 countries in the EU and gives you a degree of certainty about what you need to do to be compliant in all of those countries. It’s a complicated law but has wide coverage.

For global marketers, the proliferation of privacy laws is a compliance problem because each law has its own definitions and requirements. It is rare for them to be inconsistent with each other, but there is no one law that you can follow that will satisfy all the requirements that apply to your business. There is a concept that marketers should adopt the strictest standards that are available to protect the consumer and thereby protect their brands and their brand reputation. This means following the strictest portions of each state law. That is hard as there are so many different definitions and rules.  Since Unilever, P&G and so many others sell their wares around the world, the patchwork of legislation will make it harder for marketers to figure out the what, where and hows of what to do.

As with a local or regional brand, you can use privacy as a marketing advantage:

Privacy can certainly be used as a marketing advantage for both local and regional brands if you are smart about it. It is all part of the consumer experience and their trust in your company. Privacy should be integral to that. But it is also important to remember that a significant privacy failure or fine can be very damaging to your brand’s reputation and needs to be avoided.

We believe in the golden rule. Be fully transparent about what you do with your consumer’s data. Use plain language. Make it fully understandable and accessible for your consumers. It is their trust and their money you are trying to earn, so treat them as you would want to be treated.

Marketing Technology News: Shutterstock Introduces Generative AI to its All-In-One Creative Platform

How are you seeing brands open up to automation when it comes to compliance measures; what are some thoughts that you’d share with brands still at the stage of evaluating available technologies to help them meet compliance goals?

Privacy compliance and privacy automation will follow the classic path that so many technologies trod before. First, you throw a bunch of people at it, inside your business and out. Then you may outsource it or send it to a back room somewhere where you’ll spend countless resources building technology that might not be viable in a year. You have endless spreadsheets, email chains, shared drives and meetings.

In the current economic climate and in the future, those methods fall flat and won’t be able to scale at the rate of privacy regulation. Believe in B2B SaaS technologies that can accomplish all of those “old tools” and replace them with secure platforms that promote Accountability, Collaboration, Continuity and Compliance. We built a platform to allow companies to get compliant, demonstrate their compliance, and monitor their vendor’s compliance with their law firms and consultants, but at a fraction of the cost and the time. Any business wants that today.

We believe that we are entering Privacy 3.0 land. Many of today’s well-known leading companies in privacy tech started in 2016 or so and are being lapped by a host of newcomers that understand the complexity of the marketing and adtech ecosystem. As more laws go into effect and enforcement ramps up, you are going to see exciting innovations all over the space.

A few thoughts on the future of privacy regulations: what will take center stage in 2023?

An explosion of U.S. Laws in Virginia, Colorado, Connecticut, and Utah come into effect in 2023, and several more states will pass privacy legislation in 2023 no doubt. That will be significant, but not what takes center stage.

Taking center stage will be rising privacy enforcement by the new privacy agency in California, the California Privacy Protection Agency, which is scheduled to start enforcement in earnest on July 1st. And, at the core of the new California law is targeted advertising. Compliance obligations will be challenging for companies that find they are now third-parties, contractors, or service providers with new contractual requirements and obligations.

Also appearing on the center stage is the FTC. The FTC has taken a renewed interest in the enforcement of children’s rights, a woman’s right to privacy related to reproductive health care, and “dark patterns” (design practices used to trick or manipulate consumers into buying products or services or giving up privacy rights).

There will also be a massive upheaval regarding ID, cookies, and anything that smacks of fingerprinting a consumer. The confusion in the connected TV (CTV) space regarding actual consumer consent and targeting will be very painful. Unfortunately, regulators are not adtech/ martech experts, and the way they have written the laws makes it very hard to be compliant.

We are hopeful that cross-country data transfers will become less of a concern with new understandings between the U.S. and the EU.  But all is not quiet in the EU either. The IAB Europe is awaiting a final decision on the validity of its consent management platform. This has the potential for being a huge issue if the TCF (Transparency and Consent Framework) has to be substantially changed. Globally, the issues around transferring data will be incredibly thorny. Attribution will be a sticking point for global marketers and for folks in the U.S. with the way CPRA is currently written.

Marketing Technology News: MarTech Interview with Gabie Boko, CMO at NetApp

What do you feel about the future of the B2B tech industry, some key predictions for 2023? 

We will figure it out. Marketing is too big of an economic driver in every country to let it get entirely off the rails.

• Marketers need to understand these are laws, not standards. Viewability is a “standard”. CPRA, GDPR, COPPA are laws. Take this seriously. Do NOT outsource this.
• Consent will be the new battleground over the next few years, replacing the race for email addresses of the last few years
• First-party data matters greatly. BUT, not everyone’s first-party data is the same. Why can’t standard demographic data help you enough if you are selling soap? If you are selling insurance or another high lifetime value or sensitive product, you better triple down on your first-party data.
• Not everyone can be a “retail network.” There will be a huge shakeout. By definition, a “retail” company knows their customer. Too many have fallen for the allure of monetizing that consumer across a “network”. For the most part, they just do not matter. That said, Amazon, WalMart, those types of retailers with SCALE matter.
• Not all ID solutions will succeed, nor should they. We really need an independent global identifier, but highly doubt we will get what we need.
• 2023 is the year of enforcement and investigations will continue and lead to steep fines. Companies will want to get ahead of potential investigation headaches by having their assessments, and their vendor’s assessments audited or certified by a third-party.