One of the biggest reasons consumer data privacy regulations exist today is the exponential increase in the amount of consumer data being collected via cookies, mobile device IDs, and other means, which allows enterprises to follow users across the internet via third-party cookies & mobile advertising IDs.

From these types of ads, to excessive amounts of data collection with  questionable usage, such as in Cambridge Analytica (Facebook) case, to massive data breaches e.g. Equifax, the consumers now realize that they are giving away a lot of data without being properly informed or even given a choice.

Data collection & selling is big business for many vendors in the marketing/advertising space, and for such vendors everything is fair game unless there are tech limitations or regulatory checks.  Moreover, some of the behemoths like Google and Facebook, who have reach across billions of users, collect enormous amounts of data on individuals and wield a lot of influence on consumers’ behavior.

These regulations require that a business only collects the consumer data that it needs to conduct business, and gives consumers choice when it’s collecting the data. Moreover, the regulations ensure that a business needs to make available the data it has on a consumer to the consumer on request and the consumer has the right to say what the business can keep using and what they want the business to delete.  All this requires that a business has a good handle on all the consumer data it has across all their business systems.

While companies like Google and FB, whose advertising business is all based on consumer data, and are therefore really good at collecting, managing and controlling their consumers’ data, the average company is not.

Most companies don’t have a good way to control and honor a consumer’s request not to be tracked or marketed to. The regulations state that when a consumer lands on a company’s website, the company has the right to collect certain information to understand data points like how many visitors are visiting their web store etc. But it shouldn’t mean that the business can collect consumer data such as email address, IP address, browser/device information etc. and any data collected should not be shared with many third parties without explicit consent. Consumers should have a choice whether to allow a business to share their data or not and whether they want to be marketed to once they leave the website.

This all translates into some simple rules; A business should seek permission (opt-in) before sharing someone’s data with third parties who may use that data for their own gain. Also, if a consumer has opted out of the marketing, that should be respected on every channel unless the consumer opted out of marketing on a specific channel only. With the marketing opt out, this is valuable data for the business as it does not make economic sense to market to a consumer who doesn’t want the ads to be shown, not to mention the irritation it causes the end user.

Current cookie blocking solutions (similar to an ad blocking software) only block if a consumer doesn’t accept cookies, and these solutions don’t carry across browsers and devices and many times doesn’t carry from session to session even on the same browser. The result is poor privacy compliance as well as wasted ad dollars for the advertiser, who is advertising to a low intent consumer; and potentially annoying them. The right solution would ensure that consumer’s opt-out and “do not sell my data” requests are consistently followed across every channel, device and browser.

This is where LayerFive Marketing Compliance Manager comes in. With a Unified Consumer Profile that connects online and offline consumer IDs of consumers, LayerFive can ensure that consumer choices are followed everywhere including in current and future advertising campaigns. This not only keeps your business privacy compliant; it saves wasted marketing dollars and improves consumer trust.

Learn more at layerfive.com or contact us at learnmore@layerfive.com

The post Digital marketing compliance in the context of GDPR/CCPA appeared first on LayerFive.