The future of data, privacy and ethics
Can a webshop mention “only five left in stock” when that’s actually not the case? According to the European Commission that is considered a misleading practice. In fact, on the European Commission website, one can find clear regulations concerning unfair commercial practices. However, consumers are pushing for more regulations regarding online data collection. This will have an impact on brands, specifically marketers, in ways that are difficult to fathom.
A lot is happening in the field of data, privacy, and ethics. The introduction of GDPR regulations in May 2018 seems to only be the beginning. These regulations were further toughened in 2019 with the prohibition of implicit cookie permission and Safari and Mozilla are increasingly restricting the use of third-party cookies. Then there’s also the release of the Netflix documentary “The Great Hack” in which the data abuses of Facebook are showcased. And to further advance that point, Amnesty International issued a report that Facebook and Google are violating our human rights. To top it off, ePrivacy legislation is also on the way. As a CRO specialist or online marketer, you can no longer ignore it: unbridled data collection or unlimited visitor nudging is a thing of the past. But do you still have the overview?
Data vs Privacy
Innovation when it comes to the online collection of user data is rapidly developing. Some of these advancements go hand in hand with privacy. For example, digital marketers use anonymous data to make websites or apps more user-friendly. On the other hand, in recent years, marketers have increasingly been using technologies to track users at an individual level. These include third-party cookies, click IDs and Customer Data Platforms (CDPs). This is useful to better monitor the effectiveness of campaigns or to show visitors more personalised ads. But from a privacy perspective, you may wonder how much data you can and even want to collect about consumers.
The original idea was to launch ePrivacy legislation at the same time as GDPR since this concerns online communication, such as the encryption of emails. However, due to continued deliberation and lobbying, the ePrivacy Act has yet to be enacted. As of November 22nd, the current proposal was still rejected by the Council. So it’s difficult to predict when the legislation will take effect.
However, many companies are taking strides to protect their user’s privacy. For example, Safari’s Intelligent Tracking Prevention (ITP) updates which leads to client-side cookies expiring after seven days. One can’t help but wonder whether companies like Apple and Mozilla are actually doing this for the privacy of their users, or as a new USP in the competition against Google. The fact is that these developments make the tracking of visitors more complicated.
Regulations when it comes to influencing tactics
Influencing consumers is a very different game and as such different rules apply. In “The Great Hack” it became clear how Cambridge Analytica used the data from countless Facebook accounts to make predictions about their personality, and thus sensitivity to certain advertisements. Based on this, users were shown personalised ads. The question that was asked at the end of the documentary was: can we still hold democratic elections when we have such advanced influencing tactics at our disposal?
In May 2016, the European Commission presented an updated version of the 2009 Guidance document on the application of the Unfair Commercial Practices Directive (the UCPD). Regarding influencing techniques, the document denounces the use of aggressive marketing techniques used to influence consumer choices. Aggressive commercial practices is anything that “is likely to significantly impair the average consumer’s freedom of choice or conduct with regard to the product and thereby causes him or is likely to cause him to take a transactional decision that he would not have taken otherwise.” So the most important take-away from this is that, as a company, you have to ensure transparency in addition to honest and clear communication.
Legislation vs Moral
There is a fine line between what the law expects from businesses vs. moral expectations one can impose on companies. The law dictates the minimum requirements that we have to comply with and there’s little difference between online and offline expectations. It’s worth noting that the AVG is actually a renewal of the Personal Data Protection Act and the ePrivacy legislation is a revision of the Telecommunications Act. You could, therefore, say that the rules we already had for offline communication will now also apply to online communication.
But is simply complying with the law enough? By allowing visitors to agree to your terms and conditions or cookies, you may be complying with the law, but that is not enough from a moral point of view. When a user logs in to an app with Facebook and agrees to the terms and conditions, it might be legal to share user data with Facebook. But when, for example, a menstrual tracker app shares data about women’s menstrual cycles with Facebook, most people agree that this crosses a line.
Acting ethically is therefore not always equivalent to complying with the law. Sometimes acting ethically means we have to do just a bit more. It’s difficult to define exactly how since, after all, ethics are linked to one’s norms and values. What you think goes too far, someone else might be fine with, and vice versa. You could, of course, set up entire teams for this and hold days worth of meetings, but here’s perhaps a simpler idea: talk to your customers. They’re the ones you end up doing it all for. Ask them how they would like to be treated.
What can you do as a company?
There is not one single correct answer to this question, but there are a number of things that you can focus on.
Talk to your customers: as an online marketer, you will quickly find yourself in a bubble where online tracking seems perfectly normal. But your frame of reference is not necessarily the same as that of your customers. What you find normal for tracking, your customer may find ethically questionable.
Collect data with a specific goal in mind: When you record information in an unbridled way, without a clear goal, that can have negative consequences for both your business and your customers. It will be difficult to find the information that you need and consumers might not consent to give you their data if you’re not sure what you’re doing with it.
Transparency and openness are key: especially when you are going to personalise content, it’s important that you can always explain why your visitor sees a certain variant. On the basis of what factors are they in that box?
Prepare for the use of first-party data: as soon as visitors log on to your platform, you will be able to record data without having to use third-party tracking, which means you will experience less of the impact of both ITP and AVG regulations. Which is nicer for your customers. As soon as they make themselves known, you can use their data to display personalised offers, for example.
When in doubt, ask your legal department: do you wonder about how you’re collecting data or if you’re using influencing tactics? Then ask a professional just to be on the safe side.
Is this a positive turn of events?
Are these useful guidelines or is this more an inconvenience for your personalisation strategy and retargeting list? It’s true, the above limits your possibilities as a marketer. But let’s face it, it was also time for some rules. When companies behave neatly online, they retain consumer trust. And that’s ultimately in your company’s interest too.