Strategy

Data Privacy Laws and Marketing: How to Stay Ahead of Changes

06-17-2021
Written by

Zlata Faerman

The last three years have been tumultuous on the digital privacy front. In 2018, Facebook faced massive backlash amid the Cambridge Analytica scandal, which revealed a data breach of more than 50 million profiles and a misinformation campaign surrounding the 2016 election. The breach prompted congressional hearings and new discussions around how data is captured and used. That same year, Europe’s sweeping GDPR laws largely re-shaped the privacy landscape as we know it. Today, jurisdictions from around the world are now exploring their own frameworks for data privacy regulation, with states like California, which passed the California Privacy Rights Act (CPRA) in 2020, and a handful of others following suit. 

Data privacy is in the limelight once again, all around the globe. With advertising garnering so much of the attention in the privacy discussions, what do data privacy laws mean for marketers? 

Data Privacy and Your Marketing Plan

Over the last two decades, third-party data has become the heart of most digital marketing endeavors, due to the steady increase of internet use both at home and at work. Personalizing the advertising experience across channels and devices proved a powerful institution for advertisers. 

But things are changing. Data privacy laws and new regulations focus on limiting this kind of data exchange, with new rules for how that data can be used, who has access to it, and what degree of consent is required to access it. As such, new advertising models are necessary. 

Third-Party Cookies Have Crumbled

Chrome accounts for more than 64% of browsers in use. When Google phases out third-party cookies in 2022, joining Apple and Firefox who have already done so, cookies will officially be over. 

Here are a few viable solutions marketers can begin to work into their plans for late 2021 and beyond. 

Automation Can Help

One solution may be to invest in your technical infrastructure. Harvard Business Review suggests that businesses can leverage automation and deep analytics to help meet legislative requirements and audit requests more efficiently. “Rights of access” requirements, for example, which are included in the CPRA, mandate that consumers must have a way to ask for a copy of data categories, or for their data to be deleted. HBR says that time-savers like auto-fill forms and real-time virtual assistants can help employees execute these tasks with improved accuracy and speed.   

Shift to First-Party Data 

Another solution is to shift your focus from third-party data to first-party data. By creating a strategy around your own collection of data, you not only eliminate the worry of privacy regulations around third-party cookies, but you also have an opportunity to design a more thoughtful and connective user experience. 

In addition to this shift, Federated Learning of Cohorts (FLoC) may be an alternative option. These new groups are designed by Google to replace third-party cookies by effectively “hiding” the user data within a crowd of user data. This keeps the individual’s private data secure while giving the advertisers a comparable target. Google claims these FLoCs have 95% of the conversions of cookie-based advertising, but the feature is still early in development. 

Diversify Strategies

Like any good investment, your marketing plan and advertising strategy will always benefit from diversification. Today, the hot button issue is data privacy, but even if we think we have our bases covered, there will soon be a new challenge to replace old ones. Relying too heavily on any one channel or methodology is a recipe for trouble. If anything brings risk to that channel or strategy — like relying exclusively on third-party cookies and then facing new global regulations eliminating them — there will be widespread campaign disruption. Depending on the scale of your marketing plan, it could mean a company-wide disruption. 

If it is only one element of your strategy, however, you’ll have built-in shock absorbers. Any losses you experience will be temporary, and since your other channels are unaffected, you can still keep them running while you correct the issue. While you may still experience some disruption, this keeps your overall plan on track and allows you to recover quickly. 

From data breaches to misinformation campaigns, there are valid concerns for data privacy everywhere. As marketers, we are bound by the laws and regulations that govern how we can interact with data, but it can be as much of an opportunity as it is a challenge. Use this time to genuinely re-evaluate your marketing strategy. Ensure you are hitting your audience at all parts of the sales funnel, and build a thoughtful user journey that incorporates more personalized data exchanges. Most importantly, do not rely too heavily on any one channel or data-collection method. 

Want to talk more about GDPR, CPRA or your other privacy laws and their implications for marketing? Reach out any time