How to handle consent in a privacy-forward world

Business leaders and the American public are out of sync when it comes to data, privacy and consent.

On the one hand, businesses are collecting more data about customers and employees, seeing the opportunities to leverage that information for new insights and revenue streams. On the other hand, consumers are increasingly wary of what data are collected and how they are used.

Consider an August 2021 KPMG study, which described this gap as a “trust chasm.” According to a KPMG survey, 70 percent of business leaders increased the amount of consumer personal data they collected in the previous year. Nearly a third said their company sometimes used unethical data collection methods.

In a KPMG survey of the U.S. general population, the chasm is evident. Eighty-six percent of those surveyed say data is a growing concern, 68 percent are concerned about how much data businesses are collecting and 40 percent do not trust companies to use data ethically. Thirteen percent do not trust their own employer to do the right thing regarding data.

The KPMG findings are similar to those in a survey by the International Association of Privacy Professionals and EY. Despite increasing regulatory controls at the regional and state level, only 51% indicate their organizations are very or fully compliant with European Union data privacy guidelines.

A complex regulatory landscape

The European Union’s recently passed General Data Protection Regulation is a sweeping privacy reform governing residents of EU nations. It applies to organizations such as websites and credit card companies that collect or process information on EU residents. Visitors must be notified about data a site collects about them, notify them if their data has been breached, and allowed to have their presence on a site erased. Personally identifiable information must either be anonymized or pseudonymized.

Multiple U.S. states are also tightening data privacy laws. The California Consumer Privacy Act is a state statute that provides California customers to know what data are being collected about them, know if their personal data has been sold and to whom, refuse the sale of their personal data, access their personal data and request that a business delete personal data that has been collected about them. In addition, the law prevents discrimination against those who have exercised their data privacy rights,

Other states are following on California’s lead. Yet in the IAPP survey of executives responsible for privacy at their companies, only 41 percent rated their organizations as fully or very compliant with CCPA.

Understanding key challenges for marketers

Marketers, who rely heavily on insights gleaned from visitor traffic to websites, are adjusting to the new data privacy rules. The adjustments are costly. Privacy budgets increased by 30 percent to $873,000 on average, according to the IAPP survey. Howe4ver, 60 percent of respondents said the budget was insufficient to cover all the privacy needs.

The recurring theme is a lack of tools available to help businesses adjust to the new data privacy reality. Companies do not have a baseline from which to gauge the scale of data they collect, store and use. If they do, it is often a static, singular point in time, Instead, companies need dynamic, real-time insights to comply.

Record-keeping alone is a massive undertaking, with various regulatory agencies requiring detailed, and not uniformly constructed, reports. Each law has its own definitions, guidelines and responsibilities to those the statute covers.

What’s more, most enterprises have dozens of systems that collect, store and use data. Some are managed internally and others use external providers. Some use structured data, others unstructured data. It’s a maze of systems, data structures and uses (customer engagements, transactions, marketing) to sort through.

Carving a path toward trust

Bridging the trust chasm will take time, and deliberate approaches by marketers to regain trust and foster an ongoing trusting experience for consumers. How? Here are a few approaches.

• Transparency. KPMG noted that 76% of the U.S. population wants more transparency on the use of data. Forty percent would share personal data if they knew how it would be used. Business leaders need to develop robust policies and procedures on data usage, and share them with consumers
• Give consumers control. Giving consumers control over their data – what’s collected, how it’s used, to whom it is sold – is at the heart of many of the regulatory practices. Businesses would do well to be proactive, getting ahead of and exceeding the regulatory mandates by giving consumers the power to control their own information
• Create a culture of trust. Companies must value, reward and expect a culture of trust when it comes to consumer data. The information bestowed upon or collected by them should be considered sacred. Building an internal trust culture will improve consumer confidence and add value to the company in the long run
• Anonymize data. Whenever possible, companies should anonymize data. These techniques are becoming more sophisticated and can still provide businesses with insights to deliver effective marketing campaigns

Learn how Lytics can help with your data privacy needs and deliver insights and tools to maintain data privacy and be effective in reaching consumers.