Privacy: Why it must be wrested away from compliance officers

Privacy law is changing and the effect on personal data – key to the relationship between brands and consumers – will be monumental, says Colin Strong, Managing Director, GfK NOP Business & Technology. So what can brands do to ensure they don’t get caught out? Ensuring data issues are not ghettoised within a business is step one…

Brands are going to have to wise up quickly to new EU regulation on personal data or risk getting or the wrong side of the law. Forthcoming EU General Data Protection Regulation aims to give consumers more control over what happens to their personal data and requires brands to keep consumers better informed about what they plan to do with it.

This will have a seismic effect as personal data is increasingly central to the relationship between brands and consumers. As every consumer touch-point becomes ‘datafied’ the data-relationship is in fact defining the customer relationship.

The danger for brands is that the way in which personal data issues are handled is ghettoised – typically sitting with a compliance team rather than having any visibility with strategic marketing.

Unfortunately, all manner of activity is currently undertaken with personal data that consumers are not aware of and, indeed, may not be happy about. Companies are now springing up that generate greater awareness for consumers about the way their personal data is being collected and used – a topic for which the majority of the public have historically been living in blissful ignorance.

So companies such as MyPermissions are gaining ground, providing services that allow consumers to track which companies they had given permission to access their personal data from sites such as Facebook or Twitter. Consumers are then given the opportunity to stop apps from accessing their personal data.

Another company, Docracy, aims to put the spotlight on the hazy world of T&Cs, making consumers more aware what they are signing up to. This year Docracy launched a Terms of Service Tracker which logs changes that companies have made to the T&Cs, increasing consumers’ awareness of how data is used.

Whilst for most of us this is not exactly riveting reading, it nevertheless makes it much more difficult for brands to make changes without them being noticed more widely. And whilst the majority of the population will not necessarily use these services, early adopters will, and in doing so push privacy up the agenda in the broader public’s consciousness.

So what do consumers currently think about personal data issues? At GfK we recently ran some fairly straightforward questions on privacy, which we shot to a nationally representative sample of the online population, comprising 1,000 individuals.

Consistent with the forthcoming regulation, 88% think it’s important to understand how the data they provide is used by the company and 86% would like to have more control over the way companies use it.

The potential nail in the coffin is that 79% of consumers would welcome more stringent government regulation about the way data is collected and used. So there is clearly an appetite by consumers for greater transparency and control over their personal data.

A recent report by the World Economic Forum considered that it was virtually impossible for consumers to consent to all the ways their personal data is used and new means are required to allow better choice and control when data is being used in a way that impacts them.

A clear mandate was given; organisations must be clear to individuals about the value exchange that is taking place for data, so consumers can make truly informed choices between different options based on what they consider fair.

A number of brands have been seeing the commercial benefits of making personal data a key platform in their proposition. Microsoft has made a big deal out of the way they claim Google handles personal data with their ‘You’ve been Scroogled’ campaign.

Google has, however, taken steps to allow users of Google+ Sign-In greater control. So Google+ Sign-In will allow users to specify which Circles they want a particular app or website to share to and exclude those they think won’t care about that particular app activity.

O2 has also made a play, launching a ‘digital dashboard’ for consumers to manage their privacy settings. ‘Do Not Track’ capabilities have been controversial ever since they first appeared in Firefox 4 back in 2011, but earlier this year the battle became even more intense when Mozilla announced that it planned to begin blocking third-party cookies by default.

So the environment for privacy is changing – being driven by a combination of regulation, consumer sentiment and companies that push this up the agenda. Brands will increasingly find themselves having to explain how they are managing personal information – giving greater transparency and ultimately engaging the consumer more on how they want to manage their own privacy with regard to their personal data.

Brands are going to need to articulate the value exchange with consumers and show what benefits consumers are getting for sharing their data. Some benefits are broadly understood by consumers; for example we found 61% of consumers consider that not having to sign in every time they visit a site is useful to them.

Other benefits are less appreciated, with only 43% agreeing that a site that can tell them what other people bought who looked at the item they were viewing is useful to them. The benefits that consumers want and expect need to be better understood and used to inform brand strategy.

We need to move the agenda for privacy away from their Compliance officers and into the boardroom. Consumers increasingly expect to be willing partners in the way their personal data is used rather than passive donors. Privacy is now a strategic marketing issue and brands that don’t recognise this will suffer.