TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Privacy Perspectives | 'Trust arks': Preparing for the adtech privacy storm Related reading: Ad tech's privacy implications go beyond targets

rss_feed

""

""

Editor's Note:

This article has been updated to include additional content from the author.

The marketing and advertising technology industry is in a crucial moment. There is a global deluge of new privacy laws; suppression of advertising IDs; pressure to honor external "Do Not Track" signals; increasing focus on content-rich, just-in-time notices and opt-in/opt-outs; and let’s throw in third party “privacy” agents and data localization laws for good measure.

These are sea changes in the marketing environment. One thing is certain: For more than 40 days and 40 nights, for marketing tech, it’s going to rain. It needs to start building arks.

Marketing puts us in touch with a larger world, whether it be subsidization of the relatively free internet, the purchase that delivers delight on a bad day or fulfills a timely need, or plants the aspirational seeds for that dream vacation. The water-proofing preservation efforts of so many organizations working on applied privacy principle sets and model laws is a positive and meaningful contribution at the industry level. From policy and legislative points of view, Privacy for America has produced a comprehensive model for providing consumer protection while allowing the industry to innovate and flourish. IAB has made a substantial contribution to meeting the opt-out requirements of the California Consumer Privacy Act workable at an industry level — even if not widely understood or utilized.

Still, the martech/adtech machinery in which we have traditionally delivered consumer “goods” has to change for two industry-preserving reasons.

First, broad enablement is coming. Customers will be increasingly empowered by tech and consumer protection laws — overcoming privacy self-management malaise. Privacy-enhancing technology will get so much better in the next five years that the "privacy paradox" gap will constrict dramatically. “Privacy value exchanges” will be held up against the light and scrutinized out of the context of the transaction or sourcing event. Customers will opt out and audit data holdings, shares and uses through ubiquitous third-party agent proxies. Failures to honor customer preferences will be surfaced and maintained in cross-consumer relational matrixes for which there are ineluctable logs. Lawsuits will fly. Boycotts will happen.

Second, accountability. Regulators will become so much more tech-savvy and enabled as data privacy forensic tech becomes widely available — as will the researchers that support consumer protection. If agencies or researchers are aggrandized by settlements and payouts, the enforcement business will be good. Investigations will be permanent features in the landscape.

So what does leaning in to privacy- and industry-preserving change entail?

Martech/adtech and the advertisers they support need to start co-managing and co-building "trust arks" not just to survive the deluge or comply, but also to seize what is just on the horizon: real, connected, fair engagement and value-exchange.

Commit to radical transparency. Push transparency-enabling design that promotes first-party relationship building. Experiment with opt-ins versus opt-outs. Make the case for consent as opposed to relying only on legitimate interest or technically complying with notice and choice standards but using design to play "hide the ball." Show and tell. Augment privacy policies or data subject access requests with infographics to show how data is processed and shared and how customers are benefitted. You are already telling them.

Harden the data ecosystem with demonstrable artifacts. Conduct meaningful privacy and data ethics analysis of artificial intelligence and machine learning experiments. Test “nutritional labels” for data collection and sharing, including elements denoting data lineage and chain of custody for sensitive data. Blockchain could be efficacious for operationalizing the chain of custody for third-party sharing. Blockchain plus tokenization or anonymization would be even more efficacious.

Commit to fairness and real value exchange. Fairly examine the value and impact of data against the value returned to the customer. Seek meaningful feedback. Plus, examining value exchange necessarily leads to better data valuations, improves data assets value and utility, while communicating critical information to security, data breach, and risk/insurance teams. 

With a necessary focus on first-party data, commit to relationship building over time, not over transactions. Give real meaning to “existing business customer relationship.” Grant broad access to data, not just at the category level but specific data. Done well, you will improve your data especially with your most important (valuable) customers. This will enable richer contacts and impactful personalization setting off a very virtuous circle. If you are not a traditionally regulated industry, allow virtual private network connections — work on building the relationship. If you are a traditionally regulated industry, allow VPN connections — use strong credentialing and identity proofing tools.

As we innovate — and we must innovate — we have to cogitate. We should start imagining and building that responsible data world now. The alternatives are less than desirable. We had cloned sheep, before cloning principles and applied bioethics. Nuclear and smart bombs, before smart bomb and how-to-stop-the-world-ending ethics. We made problems then flailed about for solutions. In one case, M.A.D. was the best we could do. Data and data ethics are just as important to consumers, citizens, society and our collective futures.

Lastly, I have committed to deeply considering my own biases and the social equity and justice implications of everything I do and say in this privileged space of power and responsibility. I encourage all people of goodwill to do the same. Marketing by its nature involves segmentation and categorization of people. Whether it’s a hash or a profile, it is people. The mere act of segmentation can have both intended and unintended implications affecting people by virtue of the never-ending tail of data. "Hardening" the data ecosystem with a corpus of artifacts can be ameliorative here by allowing objective review.

I, along with many others in our profession, am very aware of the widening digital divide — especially with its immediate implications in this time of pandemic (access to information, access to schooling, access to unemployment benefits). I am increasingly concerned about a reasonably foreseeable digital privacy and security divide. If the future of privacy self-management and security is in the access, tools and services we can buy, and the time available to invest, the least privileged of society will be left behind. Those left behind here can be even more grossly, disproportionately subject to data abuses, manipulation and permanent classification.

The current and coming changes are inexorable. Principles matter here. Economic principles, as well as privacy principles. As with accounting principles, privacy principles must be integrated and assured as part and parcel of business operations, not just as compliance checks. To be sure, martech/adtech will continue to be lucrative, return value back to advertisers, and brand building with privacy principles and responsible data ethics, not despite them. But it has to be a cross-industry collaboration to conceive and build your trust ark.

Photo by reza shayestehpour on Unsplash


Approved
CIPM, CIPP/A, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPT
Credits: 1

Submit for CPEs

Comments

If you want to comment on this post, you need to login.