Search
SOLUTIONS
SERVICES
CAMPAIGNS
TECHNOLOGY
INSIGHTS
COMPANY
OUR WORK
OUR WORK
CONTACT
CONTACT
Technology

Keeping up with Consumer Privacy Compliance

November 16, 2020 | by Stu White
  1. Home
  2. Blog
  3. Technology
  4. Keeping up with Consumer Privacy Compliance
In today’s global marketplace, organizations must comply with a complicated set of international laws and regulations to protect consumer privacy.

In today’s global marketplace, organizations must comply with an increasingly complicated set of international laws and regulations to protect consumer privacy. As a result, businesses must scrutinize their audience data more carefully with better analytics. Those are among the take-aways of a presentation about evolving consumer privacy delivered recently by David Corchado, Chief Digital Officer, Investis Digital; and myself.

David and I spoke at Investis Digital’s Connected Content Week, where businesses and our own thought leaders shared insights into the many elements of Connected Content – our company’s approach for building deeper audience connections and improving business performance by telling a brand’s story through strategic and engaging content, building and running intelligent websites, and reaching audiences with performance marketing. We focused on how consumer privacy legislation around the world continues to evolve and challenge businesses.

Key points of our talk:

  • Data protection is not new. Back in 1995, the European enacted the Data Protection Directive, which showed that use of personal information is critical component of human rights law. This directive was critical to guiding European law until the European Union’s landmark European Union’s General Data Protection Regulation (GDPR) legislation.

stu-1.png

  • GDPR landmark act has been followed by a patchwork quilt of laws that are making it harder for businesses globally to keep up with compliance to regulations from one region to the next. For example, the recent Schrems II decision by the Court of Justice of the European Union invalidated an agreement in which thousands of businesses regularly transferred personal data between EU countries and the United States.
  • Compliance with consumer privacy laws such as GDPR is essential. First and foremost, consumers want it. How a business processes and collect personal data is just as important as how well a business secures its site.
  • But compliance is difficult. It’s difficult because regulatory authorities are issuing rulings in cases where they do not fundamentally understand the technology involved. And regulations are made more complicated by global politics. For example, because of the United Kingdom’s divorce from the European Union through Brexit, the United Kingdom may end up with its own consumer privacy legislation apart from GDPR.
  • In context of complicated privacy regulations, businesses are starting to get hit with fines for noncompliance. For example, Vueling, the largest airline in Spain, was recently fined 30,000 euros by the Spanish Data Protection Authority for unlawful management of cookies on its website. Noncompliance can cause damage to a business’s reputation. It’s not as if companies are malicious. They’re just not keeping up with changes in the law.
  • There is no easy way for businesses to become compliant with regional privacy regulations. There is no one-size-fits-all approach. For instance, there are regional variations for dealing with cookies. How does a business manage regional requirements for consumer opt-in/opt-out? Getting those nuances right is hard and potentially costly.

stu-2.png

  • But there is a way forward. Businesses need to first identify your audience. Know where they are and how they are interacting with your websites. Digging into your audience analytics is important because those audiences are protected by different regional regulations. Then define your processes for managing privacy requirements. Document your processing activities and develop privacy policies that speak clearly about how you are collecting, using and for how long you are storing personal data. Map data storage locations to archiving policies and ensure your subcontractors have a data protection agreement in place.

Stu-3.png

  • Re-examine your analytics. Balancing a good user experience with demand for data protection will require a new approach to analytics. The days of monetizing third-party data to target users without their consent are numbered. Ultimately, analytics does not go away, though. Analytics cannot go away. Website cookies are at the center of everything you do now.

Stu-4.png

For more insight into cookie management, read our recently released blog post.

Contact Invest Digital

As a provider of digital communications, we work in highly regulated landscape. We host more than 2,000 websites. For that reason, we work with clients to ensure that they are meeting the latest regulatory requirements and respecting privacy. Contact us to learn how we can help you.