Businesses Need A New Approach To Data Privacy

Consumers are increasingly concerned about data protection

Over 18 months have passed since the General Data Protection Regulations (GDPR) came into force. In the two years prior and time since, we’ve seen a lot of change in the data and marketing industry – not to mention the UK’s political climate.

The constant appears to be the ongoing battle between global businesses, with an interest in our data, and the regulators trying to protect consumers’ privacy.

Much of this discourse is pushing us towards increased scrutiny regarding global data regulations, digital marketing, social platforms and many more of the connected experiences we increasingly engage with every day.

Something isn’t quite right

However, the fact remains that many of the data and tech power players are still largely able to write their own rules, with single nation regulators outgunned in this fight compared to these global giants.

Despite the media fanfare in May 2018 and the hard work that went on across the industry to get organisations ready for the new laws, it hasn’t taken long for the topic of privacy to quickly return to something discussed by compliance and legal departments.

Too many organisations still view their obligations as just that: a set of things they have to do. The adversarial nature of much of this discourse around data and a defensive approach to compliance is only making things worse.

In a world of fake news and lack of trust in industries or institutions we once held dear, the awareness among the public that something isn’t quite right is growing.

In the last year, astronomical fine notices have been handed out by the Information Commissioner’s Office (ICO) here in the UK to British Airways and Marriott under the GDPR.

These have been been the first signs that some organisations may not be the custodians of our data that we – as consumers – would hope. As the ICO continues to announce the results of these and other cases, the unrest among customers will only increase.

Customers are your most valuable asset

A narrow view of compliance, with laws like the GDPR and now the California Consumer Privacy Act (CCPA), as simply a set of legal obligations ignores the principles of accountability, fairness and transparency that underpin these rules.

It also means organisations are left fighting fires as they spark into flame in the hope there aren’t any burning their house down just out of sight, rather than taking a proactive approach.

The only way to stop people from using their rights as weapons against the organisations they distrust or simply have had a bad experience with, as we saw last year, is changing the conversation.

We must, as an industry, put the customer at the heart of our organisations’ practices. We need to stop treating people and their data like legal disputes and a little more like fellow human beings.

What must businesses do to address this?

This means taking practical steps towards real transparency of data processing, ceding control to consumers, and rebalancing the relationship between the business and its customers.

This final point is essentially fairness. It is something that can be easily translated to the general public in a way everyone can understand and may go some way to resolving the trust problem our data-driven economy has today.

It might sound like a lofty aim and something complex for organisations to define, let alone deliver on. But there are codes of practice already in existence, backed up by best practice, customer insight and legal expertise, that can help businesses on this journey.

In fact, as the Chair of the Responsible Marketing Committee at the Data & Marketing Association (DMA) I’ve seen how companies can champion the DMA Code – best practice guidance that all DMA members must abide by. This sets out four key principles of responsible marketing and the value exchange between a business and its customers:

  1. Respect privacy: Act in accordance with your customer’s expectations
  2. Be honest and fair: Be honest, fair and transparent throughout your business
  3. Be diligent with data: Treat your customer’s personal data with the utmost care and respect
  4. Take responsibility: Act responsibly at all times and honour your accountability

All of these are underpinned by and support the central point I mentioned earlier – put your customers first. Value your customer, understand their needs and offer them relevance.

The direct marketing code of practice

In addition to the DMA’s Code, the ICO has recently published its long awaited draft of the direct marketing code of practice and invited comments from professionals across the industry.

The code consolidates previous GDPR guidance, PECR and cookie advice, and focusses solely on direct marketing – defined by the ICO as essentially one to one marketing.

It is a critical document for the data and marketing industry because its elevated status as a code of practice, as opposed to guidance, will give it statutory status. Meaning that it will effectively become the legal rulebook for the sector.

It specifically mentions the DMA Code as a point of reference for marketing best practice, and supports many of its main tenets.

Values to propel the industry forward

Perhaps the most important takeaway from all this, alongside the need to build consumer trust, is that businesses must become more customer-centric.

Not just because the law says you should or even because a code of practice advises it, this will only perpetuate the problems.

Instead, create a new belief system within your organisation and sustainable future for your business by promoting responsible marketing as a driver for growth. Data innovation that is both responsible and transparent will embed a much-needed culture of trust in wider society, which can drive better business outcomes. Consumers must be reassured that every time their data is sourced and processed that it is supported by a code of ethics under a universal industry framework.

There has never been a more important time to think about our values as individuals, organisations and as a society to ensure we’re putting down the right foundations for future generations.

For the latest from DisruptionHub straight to your inbox, sign up to our weekly newsletter here.