Managing Customer Relationships and Privacy
by Rob Bentley

This blog post is the second of a two-part series. If you haven't already, check out part one to read more about how brands can become leaders in both delivering personalized content to customers and meeting data privacy requirements.

An unfortunate consequence of government regulation, in any industry, is that larger businesses with lower cost of capital and greater scale of operations have easier and less costly (per customer) times responding and adhering to the regulation. 

They also have much greater incentives to solve the problem: The fine for a GDPR violation, 4% of company revenue, represents a $6.4 billion liability for Google and a whopping $14 billion for Apple. Is it any wonder that both companies have announced sweeping changes to cookie collection?

The self-regulation, cost, and data and technology expertise needed will benefit the larger technology companies. Smaller companies without data and technology engineering resources will be at a disadvantage.

The key, then, is to keep investing in marketing data and technology — but to make sure that data and privacy governance are a greater part of this investment. Invest in data and technology solutions that allow customers to give you data on their terms, plus the flexibility to change those terms when they change their minds. Ensure that your personalization technologies are highly integrated with your governance technologies and that both are built as service platforms. Your governance system should not be siloed, but rather an open service that any of your first- or third-party platforms can call so that those platforms can be up-to-date on customer preferences.

It's easy to respond to this wave of customer backlash and government regulation by slowing down your personalization efforts. We argue that doing this will put brands further behind on both personalized customer experience and customer privacy and preference experience. Instead, this is the time to invest even more in your data and technology solutions. If your competitor solves hyper-personalization coupled with customer data governance, do you really think you can compete?

More Prepared Than Ever

When brands and marketers need to prioritize relationships with consumers while balancing data privacy concerns, they should consider the following actions:

1. Do not abandon personalization technologies. The first thing brands need to do is not take their foot off the gas with respect to personalization. While data privacy concerns will ebb and flow, the general course of history has been that customers value utility; if that utility is sufficient, they will suppress those privacy concerns. We believe this is a fundamental equation, so if utility is greater than data privacy concerns, customers will maintain loyalty to your brand. Because the data privacy concern trend is rising, it's all the more important to make sure you provide greater utility to your customers.

2. Prioritize and invest in customer data and privacy. This includes organization and people, data, and technology investments. These investments will be the checks and balances to your personalization investments. It's important that the leaders of your marketing technology and governance teams understand that their jobs are to work together, not fight each other's efforts. Winning brands will be those that find win-win solutions to personalization and privacy.

3. Assess your capability maturity. Once you are serious about tackling this opportunity (and it really is an opportunity for competitive advantage), you can ask your team a series of questions to see how mature you are in this space and where you need to make investments. One great way to assess your capability is to do a stress test on your organization and systems. Here are some examples, from ones you can do yourself to others that require help:

• Go to your website as a customer who wants to unsubscribe and delete all your data. How easy was that experience? Were you able to find any links or ways to delete your data? How long did it take your brand to take you off the email list?

• Ask your internal and external customer data and marketing technology partners about how they store and transfer customer data, and which customer data. For example, ask them whether they distinguish between personally identifiable information and non-PII data. Ask them whether data is encrypted at rest and in transit. Ask them who (internally and externally) has access to that data and why.

• Ask your data and marketing technology internal and external teams whether there has been an audit (internal or external) on your systems, processes, and protocols related to data and privacy compliance. If you are not satisfied with the recency or comprehensiveness of the audit, make the investment in a third-party auditor, and make sure you also have the resources to make necessary changes that result from the auditor's recommendations.

The good news is, many third-party marketing data and technology providers are baking privacy, data governance, and consent management into their solutions. Your brand still has ultimate responsibility for keeping customer data safe and using it judiciously, but by choosing partners who also take this seriously and have invested in data and privacy compliance, you will be more equipped to protect customer data, reduce negative outcomes, and be more prepared to respond to them when they occur.