We humans generate massive amounts of data—estimates suggest the “entire digital universe” could reach 40 zettabytes this year. That’s 40x more bytes than the number of stars in the known universe. What’s more, we send 294 billion emails and perform 5 billion searches every day.
This data is the lifeblood of digital marketers, who use it to:
- Identify their target audience.
- Build buyer personas.
- Determine SEO strategies.
- Optimize campaign and website performance.
- Demonstrate marketing spend ROI.
However, consumers are wary of how brands collect and use their personal information. One survey found that misusing personal information was the leading cause of distrust in the tech industry. And another study suggests that e-commerce and website traffic and revenue have been impacted by the General Data Protection Regulation (GDPR), the European Union’s sweeping data privacy law.
In today’s option-filled world, customers who lose trust in a company can easily shop elsewhere. To cultivate trust and build loyalty, brands need to make data privacy a core part of their business.
What Is Data Privacy?
Data privacy, also called information privacy, is the right individuals have to determine how their personal information is collected, used, and stored; and whether or how it is shared with third parties. Sometimes, data privacy and data security may be confused or used interchangeably.
The two concepts are related, but serve different purposes. While privacy ensures personal information is properly collected, used, and shared, security protects that information from malicious attacks and the exploitation of stolen data for gain.
Why Is Data Privacy Important?
Most brands know why privacy is important: a recent report by Forrester Research found that 85% of B2C marketers recognize that upholding consumer privacy is a cornerstone of establishing trust. Brands that build data privacy into their marketing strategies derive other business value, such as:
- Meeting compliance requirements.
- Maintaining and improving brand value.
- Supporting their code of ethics.
- Gaining a competitive advantage.
- Inspiring innovation.
Data Privacy Issues
As hackers launch more sophisticated attacks, the threat of data breaches looms over companies that use highly sensitive personal information, such as social security numbers, home addresses, online credentials, and medical records. A recent estimate suggests that breaches in 2019 and the first part of 2020 have exposed 8 billion records.
Brands that suffered large breaches have racked up serious fines:
- British Airways was fined approximately $230 millioin for a breach exposing approximately 500,000 customers’ personal information.
- Yahoo agreed to pay $117.5 million for a series of breaches between 2012 and 2016.
- Uber was fined $148 million in 2018 for violating state breach notification laws after it failed to report an extortion scheme threatening the sensitive information of 57 million drivers and passengers.
- Facebook agreed to pay a $5 billion fine over the Cambridge Analytica scandal.
Fines are only one of many data privacy concerns. Every two seconds an American falls victim to identity theft, a complex crime that takes hundreds of hours to resolve—if it ever is. Other risks such as account takeover fraud, phishing attacks, and social media scams all threaten customers who live, work, and play online.
Data Privacy Laws that Protect Your Customers
We can’t talk about data privacy without talking about consumer protection laws. These regulations are largely a response to increasing awareness and concerns that consumers have about how their data is being used. Some of these laws, which highlight why privacy is important, include:
Gramm-Leach-Bliley Act (GLBA)
This US federal law requires companies that offer customers financial products or services to explain how they share information and to safeguard sensitive data. In addition, financial institutions covered by the GLBA must give customers the right to opt-out if they don’t want their information shared with third parties.
Children’s Online Privacy Protection Rule (COPPA)
COPPA is another federal law that helps parents control what information websites can collect from their children. For example, a website operator must receive “verifiable parental consent” before they can collect personal information from a child.
California Consumer Privacy Act (CCPA)
This expansive new privacy law, which went into effect on January 1, 2020, gives California consumers the right to know what personal information is collected, used, shared, or sold. It also allows them to request the deletion of or opt-out of the sale of their personal data to third parties.
General Data Privacy Regulation (GDPR)
Some consider the GDPR to be the “world’s strongest set of protection rules,” and it applies to all companies who do business in the European Union. Under the GDPR, customers are promised easier access to their personal data and a “right to be forgotten”—similar to the CCPA’s right to delete provision.
How to Protect Your Customers’ Personal Data
Only 36% of B2C marketers polled in the Forrester Research report indicated that their privacy practices build trust with consumers. But while there’s no 100% privacy guarantee for data in our hyperconnected world, brands can do much to minimize improper exposure of personal data and build customer trust. A few key strategies:
01 Encourage Customers to Practice Good Security Hygiene
Customers have stewardship over their own personal data. Brands can educate customers on important tips, such as:
- Securing home WiFi networks and other devices.
- Not providing social security numbers without a legitimate reason for doing so.
- Avoiding oversharing on social media.
02 Be Transparent about Data Use
Digitally savvy shoppers like Gen Zers prefer brands that are transparent in how they collect, use, and share personal data. These brands ask for consent before using information, clearly explain how it will be used, and give customers something valuable in exchange for their information. This could be a personalized offer based on their identity or simply a fun and interactive experience, like a poll or a quiz.
Brands can further build trust by reassuring customers they will never sell or share the data they collect.
03 Use Minimal Data
Minimize privacy risks by using only the data required for transactions. Brands can use customer verification services to confirm that an individual has the identity attribute required to redeem a personalized offer, such as an affiliation with a particular group like the military or being a student. The best verification services don’t require sensitive information like a social security number, and that’s good news. Only 18% of consumers said they would be willing to provide one.
How Identity Marketing Keeps Your Customers’ Data Private
Identity marketing is a new form of personalization in which brands use personalized offers to engage consumer communities, such as students, teachers, nurses, first responders, and the military. In identity marketing campaigns, brands invite these groups to enjoy a personalized offer and use an identity marketing platform to confirm consumer eligibility.
Identity marketing helps companies respect customer privacy because it:
01 Relies on a Consent-Based Approach
Unlike behavioral marketing that collects user behavior through third-party sites—the type of business data privacy laws aim to protect against—identity marketing adheres to a completely opt-in process. For example, Comcast offers students an exclusive deal on subscription plans, and students who want to redeem it opt-in through the verification process.
This consent-based approach changes the brand-consumer data relationship. It creates a clear value exchange for how the data will be used and what consumers will get in return. And it collects self-attested information from the consumer, which gives brands like Comcast high-quality data.
02 Uses a Privacy-Friendly Approach to Data Collection
Brands that use an identity marketing platform to confirm eligibility for personalized offers are verifying customers the way consumers want. Research shows that 57% of consumers prefer to be verified for a personalized offer by an independent third-party, rather than a brand’s customer service representatives.
Also, personal information gathered in an identity marketing campaign is never shared or sold. In fact, the identity marketing platform encrypts all data and puts it through a one-way “hash” process so it can never be reused for marketing purposes.
03 Requires Only Basic Customer Information to Verify Identities
Some data privacy laws broadly define personal information. Under CCPA, this is data that “identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” This includes a consumer’s biometric information, online activity, and even geolocation data.
Identity marketing supports data privacy requirements by collecting a minimal amount of data, and only the information more than two-thirds of consumers are willing to provide, such as their name and email address.
Lowe’s Home Improvement: A Data Privacy Success Story
The home improvement giant Lowe’s wanted to increase engagement among its military customers, so it offered them an exclusive discount.
To verify eligibility for the offer, Lowe’s initially required customers to present military documents when checking out. But the company wanted to avoid having to retain any of the personally identifiable information (PII) that appeared in the documents, so it relaunched the program using SheerID’s Identity Marketing Platform. This minimized the risks associated with a data breach and facilitated customer trust.
The newly launched program resulted in a 2-3x higher engagement rate than other campaigns Lowe’s was running. In addition, Lowe’s increased email open rates by 2x and click-through rates by 4x while doubling the number of trips military buyers make to the store.
“We definitely wanted the consumer group to feel confident in the data security,” says Ryan Fagan, Lowe’s director of sales and operations planning.
Customers expect companies to keep their privacy protected. Brands that understand the importance of privacy, such as Comcast, Lowe’s, Purple, and T-Mobile, use identity marketing campaigns to deliver high-value offers while preserving the privacy of data. In doing so, they build unshakeable customer trust one transaction at a time.