COUNCIL POST| Membership (fee-based)
CEO and Co-Founder of one of the first data intelligence platforms, BigID, and a privacy, security, and identity expert.
New privacy regulations like GDPR and CCPA have introduced a number of new data rights for consumers, ranging from data access and deletion rights to do-not-sell or sharing consent. These new data rights are intended to provide greater data transparency, choice and trust for end users: consumers, customers, patients, even employees.
For some companies — those whose names are not Facebook or Google — the new obligations may seem daunting: They require an ability to account for data by identity — which is difficult in the best of times for highly identifiable data, and even more difficult for contextual identifiable data like passwords, web click stream, GPS coordinates and more.
And it’s not just the ability to account for data itself: Organizations need to create stronger data policies to manage that data collection — making sure there’s a purpose, process and reason behind collecting data in the first place.
They need strong policies in place to protect the privacy (and security) of the consumer data that they collect — with the ability to disclose what data they’re collecting, the purpose of processing it and a proactive approach to protecting that data.
MORE FOR YOU
Kevin O’Leary: Every Investor Should Diversify Into Startups
Customer Experience Can Be Data Driven—Here’s How
New data technologies also make the ability to account for data by identity and context possible for the first time. Despite the fact that the technology is available, some companies remain resistant to adopting new data compliance technology because of perceived complexity and cost.
This resistance is shortsighted. These technologies remove the burden from data stewards inside enterprises, who are trying to perform these tasks manually, which is both costly and error prone. These technologies can also help organizations enforce business policies around the what and the why of the data they’re collecting.
But the bigger missed opportunity? The chance to build a better relationship with customers around trust and transparency. The chance to take a customer-first approch when building out policies on data collection, minimization, transparency and protection.
By adapting these new data policies and technologies, companies can build a better relationship with their customers that is based on trust and transparency. And there is no time to waste: The world’s biggest tech companies, including Apple and Facebook, are currently scrapping over privacy issues. For marketers in the near future, the ramifications are unclear.
Current and emerging data privacy and protection regulations are a catalyst for change — and companies that get ahead of them can benefit.
Privacy is a sought-after commodity, and customers who feel that their data may be at-risk have shown a distinct tendency to avoid companies that don’t properly market themselves as privacy-friendly. One need only look at VTech, the toy company that suffered a major data breach in 2016 and later became the subject of scorn and warnings from cybersecurity experts, to understand the implications.
Enhanced data protection also brings other benefits. In addition to boosting trust between business partners and customers, companies that are compliant with data collection rules find it easier to manage their data and automate business processes. The reputation of their brand improves, and they also have a better handle of the data that they do collect, which further streamlines operations down the road.
Enhanced privacy regulations on data collection, in fact, translates to an increased marketing ROI. That’s because it brings with it an opt-in policy for data collection, which eliminates irrelevant leads. It streamlines and strengthens the processes already in place, which is a boost for business.
It’s now more essential than ever before for companies to think through the customer experience for their digital consumers. What kind of transparency do they provide their customers around the data they collect, process and share? How do they assure data trust and integrity? And how do they bring their customers into the conversation and make them feel that they have a choice around how their sensitive data is shared?
California and the European Union have long been leaders in the technology community, and we should expect more U.S. states and more nations globally to follow their lead. The demand for companies both big and small to deliver data-centric privacy compliance will soon grow into a rallying cry. That compliance plan will need to address emerging needs for data rights, data deletion, do-not-follow, do-not-share, cookie management, record of process activity and more.
When done right, these new regulatory obligations can be seen as an opportunity to rebuild customer loyalty through transparency, choice and trust.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
