Face the music: Apple privacy changes hit e-commerce marketing
Apple privacy changes are right around the corner, and marketers who rely on Facebook ads are bracing for major impact. Here's what you need to know.
A recent study around consumer data privacy found that consumers share data more regularly than ever, accelerated by the COVID-19 pandemic. Today, 61% of consumers share personal data “most times” they interact with a new application, while 46% share data daily when they shop online.
This massive rise in data sharing has pushed consumer data privacy issues into the spotlight: Data sharing has become part of everyday life in today’s digital-centric world – and data breaches are becoming more and more common, too. But consumers are demanding trust and transparency from companies that collect, store and use their personal data.
Basic principles: Consumer data privacy and data leak prevention
Brands need to find ways to stay ahead of the wave of ongoing legislation, new rules, and compliance requirements. That includes these three moves:
- Proactive measures to gain consumer trust and loyalty, such as robust data privacy solutions that go beyond compliance and regulations
- Additional security measures to protect customer data from cyberthreats
- Using data to boost the customer experience
In addition, according to Gartner, by the end of 2022, more than 1 million organizations will have appointed a privacy or data protection officer. Ideally, it is one who reports directly to the board, that is empowered to deliver on compliance issues as well as focus on customer satisfaction. This is a huge leap from the few thousand privacy officers worldwide before the GDPR took effect in 2018.
There is no doubt that the consumer landscape has likely shifted permanently from the physical to the digital space, thanks to increased e-commerce and other online trends.
Constitution of data breaches and significance of consumer data privacy.
More consumer data is available and exposed than ever before. Consumer data privacy cannot be ignored.
A data breach is any scenario in which access to personal, protected, confidential, or sensitive information is gained by an unauthorized person. There are varying levels of breach or exposure:
-
- Event-this category is representative of attempts to gain access, a firewall blocking effort, as an example.
- Security incident-a straight-up violation of security policies of an organization, like a malware attack.
- Privacy incident-when data that is protected by regulations is compromised, it is defined as a privacy incident and carries greater legal repercussions.
- Data breach-when the breach is so significant that users must be notified. It may have started as a privacy incident and was not handled effectively.
Certainly, insights from first-party online consumer data offer expanded opportunities for enterprises to understand their customers and personalize marketing and advertising. However, those customers also want to know their data is safe.
As a result, efforts to protect consumer data privacy have become a government regulation priority and a big challenge for businesses. A wave of consumer data privacy legislation has been enacted in recent years, by various countries and U.S. states, with more in the works.
Rise in consumer data privacy regulations
According to Gartner, 65% of the world’s population will have its personal information covered under modern privacy regulations in 2023, up from 10% today.
More than 60 countries have enacted or proposed postmodern privacy and data protection laws, including:
- Argentina
- Australia
- Brazil
- Egypt
- India
- Indonesia
- Japan
- Kenya
- Mexico
- Nigeria
- Panama
- United States
- Singapore
- Thailand
Consequences of a data breach for organizations
One of the strictest data privacy regulations is Europe’s General Data Protection Regulation (GDPR), which was first passed in 2016 and enacted in May 2018.
It applies to all businesses that collect and process the personal data of EU citizens or residents. Businesses that do not comply with the consumer data privacy regulations of GDPR can be fined up to approximately $23 million, or 4% of their global revenue.
That’ll be $425 million: Amazon potentially facing massive GDPR fine
Months after three Amazon execs say they were forced out for raising concerns surrounding data privacy policies within the global e-commerce behemoth, Amazon is facing a massive potential GDPR fine, to the tune of $425 million.
According to the GDPR, individuals must have control over their business data, and businesses must document and store the consent from website visitors before collecting data. Most sites now implement cookie consent/alert banners on their sites in order to comply.
In the U.S., Virginia recently enacted the nation’s second consumer data privacy law, following some elements of the California Consumer Privacy Act (CCPA), which was passed in 2018 and enacted in 2020. The CCPA gives California consumers rights around the collection and use of their data, including the right to know what personal information a business collects; how it is used and shared; the right to delete the personal information; and the right to opt-out of the sale of personal information. Nevada and Maine have also already enacted consumer data privacy legislation, and many other states are set to do so.
A recent Deloitte article makes clear that trust has become “a new form of currency.” The fact is, consumers will seek out and be loyal to retailers and other businesses that make them feel safe. Strong data privacy policies are a first step to enabling that trust and loyalty. Going beyond checking the compliance box will become critical to bridging the trust gap.
After all, the future of consumer data privacy is really about the future of business in a post-pandemic, digital-centric world. Those brands that strike the right balance will be the ones that succeed in a volatile, challenging global marketplace.
Best practice for data leak prevention
Takes steps now to head off threats to your data security. Here are a few things to implement immediately:
- Create a data loss prevention plan—it sounds simple, but many companies are still reacting. Be proactive.
- Establish a data loss prevention officer—maybe you have someone who can step into this role, or perhaps it is time to scout an individual who understands the nuance and priority of data privacy.
- Undertake data housekeeping—take stock of what you have and where. Is it safe? Is it still needed?
- Build a timeline—Rome wasn’t built overnight, neither will your data privacy and data loss prevention process.
- Draft a framework—types of breaches have levels, do the same thing with your data, defining the different levels of privacy and risk.
- Make your laws—clearly define the process for data handling, and, the action plan in the event of a breach.
- Revisit, review, refine, and repeat these practices for the rest of time.
Crush revenue + growth targets.
Power up your competitive edge.
Win customers.
It all begins HERE.
