TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

The Privacy Advisor | Digital marketing and privacy: Navigating the Indian landscape Related reading: International technology, business groups seek changes to India’s PDPB

rss_feed

""

PrivacyTraining_ad300x250.Promo1-01

How many times has an advertisement for a beauty product or electronic gadget appeared on your social media feed while you were having a real-time conversation about a similar subject? This is the subtlety and sophistication of the world of digital marketing, a world heavily reliant on customer data, as it is beneficial in providing a more targeted, personalized experience to a customer.

Moreover, accelerated internet penetration in India, along with the proliferation of mobile telephony, has increased the user base, leading to scaling up the volume of personal data points provided to content, e-commerce, and social media applications and websites at unprecedented levels. This trend of providing personal data in lieu of personalized user experience attracts a host of privacy considerations, such as data permissions, user consent, profiling and informed data sharing.

Data dependency

Advertising in India has grown with the evolution of press, radio and television and has found its way into the digital space. Since the advent of the internet, the marketing industry has experimented and leveraged new mediums in ways that are beneficial to its clients.

Marketing is integral to businesses all across the globe given that it can prove to be extremely profitable if done the right way. From market research to advertising, a good marketing strategy can make a business float, sink or thrust ahead.

When it comes to market research for the digital medium(s), data analysis is crucial as it facilitates not just the development of the right message, but also understanding how to reach the right person with the message, be it through search engines or social media platforms. Using data related to markers, such as age, gender, past purchase behavior and geographical regions, marketers can create personalized advertisements that strike the perfect balance between what the business is selling and what a consumer is looking for.

This balance rests on the bedrock of thousands of cookies that lie semi-dormant in our browsers, analyzing our web-surfing patterns, noting the time we spend on a particular video or a photograph, our cursor movements on a particular social media post or the listings or articles we read and share over the internet.

One could safely say our online personas are a culmination of multiple layers of data, data that the marketers depend on to create accurate personality profiles for them to deliver the right product, and services, which we as consumers appreciate due to the salient personalization aspect of it.

Regulatory landscape and privacy considerations

In India, the Advertising Standards Council of India regulates the advertising sector, which is a self-regulatory voluntary organization. ASCI released the “Code for Self-Regulation” with a purported view to obtaining the acceptance of fair advertising practices in the best interests of the ultimate consumer. The ASCI code applies to advertisements disseminated and/or published in India, regardless of the medium and place of origin, as long as consumers in India are the target of such ads.

Moreover, there are a number of laws to regulate the advertising sector, such as but not limited to The Young Persons (Harmful Publications) Act, 1956 and Cable Television Network Rules, 1994. These regulations, while providing a framework from an ethical content generation point of view, are silent on aspects of privacy and data protection.  

Therefore, currently, Section 43A of the Information Technology Act, 2000 read with the Information Technology Rules (reasonable security practices and procedures and sensitive personal data or information) would amount to the applicable legal regime vis-a-vis privacy requirements for organizations.

The tipping point for a serious discussion on the need for a comprehensive privacy law came with the Supreme Court’s judgment in KS Puttaswamy (Retd.) and Anr v Union of India that recognized the right to privacy as a part of the right to life and personal liberty.

However, as previously mentioned, India is at the cusp of introducing a privacy law, the Personal Data Protection Bill, 2019. It is expected the Joint Parliamentary Committee will publish its findings on PDPB in the winter session of the Parliament (December 2020).

If passed in its current form, PDPB will likely increase the cost of operations for marketing agencies and organizations' marketing campaigns. The impact would be due to the requirement to obtain explicit consent from users before processing personal data and inform the user about the nature and categories of personal data collected, along with the purpose, including profiling, for which the data is processed.

Hence, it is prudent for organizations to initiate their readiness efforts to integrate privacy as the backbone of their processing activities. A few best practices are as follows.

  • Transparency and consent: Ensure you actively seek permission from your perspective and in-life customers, to contact them for marketing purposes only if their consent is in place. Therefore, a pre-ticked box that automatically opts a user in will not cut it anymore as opt-ins need to be a deliberate choice. Additionally, consider prompting users to add themselves to your mailing list by launching a pop-up on your website.
  • Purpose limitation: Focus on the data that you need, and refrain from asking for additional data elements. For instance, if a customer’s “favorite color” is required for the purpose of delivering the right product, then a business case can be made for the same, otherwise, as a best practice, collect only the data that you need for efficient marketing and customer service.
  • Data quality: Consider centralizing the personal data collection into a customer relationship management system, and make sure your users can access their data to review its proposed usage and make any changes as necessary. Additionally, you could explore auditing your mailing list by removing anyone who has not provided opt-in consent.
  • Access: Ensure users have an overview of how their data is processed and what their rights are with respect to privacy. Consider creating mechanisms that will let users easily access their data and withdraw consent for its use. This can be enabled in the form of an unsubscribe link within your email marketing template.

Therefore, with reliance on data for efficient placement of ads on one hand and compliance-related obligations on the other, marketers and organizations must tread this thin line between value creation through data and privacy of the customers.

Photo by Rodion Kutsaev on Unsplash


Approved
CIPM, CIPP/A, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPT
Credits: 1

Submit for CPEs

1 Comment

If you want to comment on this post, you need to login.

  • comment Aman Agrawal • Nov 19, 2020
    Customer insights are very much important for boosting your business engagements.