The Case for Transparency in Data Collection
Companies that commit to data transparency will be equipped to manage tomorrow’s compliance requirements and invest in their customer relationships.
- By Christine Frohlich
- November 16, 2022
No matter where you turn, data privacy seems to be the topic of the day. Amidst California’s evolving regulations, proposed federal data privacy legislation, and new state laws in Colorado, Connecticut, Virginia, and Utah, data professionals are taking heed and shoring up data governance programs to avoid fines and litigation. However, that may not be enough.
The data services industry must embrace transparency to survive in a regulated environment and meet the privacy expectations of increasingly sophisticated consumers. Data organizations that successfully adopt and promote data transparency will enjoy the sort of brand loyalty that drives revenue and future-proofs business. Yet navigating the ever-changing patchwork of state laws to provide consumers the transparency and control they demand remains an ongoing challenge.
Defining Data Transparency
The phrase data transparency may be too imprecise. It’s the sort of concept that can be left up to interpretation and too easily become lip service left unsupported by action. For data professionals, and the sake of this article, we’re focusing on transparency around data collection: if and how organizations disclose how consumer data is collected and used, who has access to it, and how long the company stores that data.
Consumers expect companies to take their privacy seriously. Despite preferring personalized digital experiences, most Americans say they are at least somewhat concerned about how their data is being used. Yet many companies still fail to institutionalize and/or communicate their data policies. When they do, it is not uncommon for the spirit of the policy to be lost in legalese and fine print. Consider website cookie consent banners. At their most basic level, they are a transparency tool designed to quickly and clearly inform visitors of a site’s cookie policy and allow users to control their preferences. Who among us can say we don’t instinctively bypass them given the first opportunity?
Other popular data transparency tools include opt-in fields, which can fall victim to deceptive and manipulative language by well-meaning marketers, and links to terms-of-use pages with public privacy policies -- which are almost always relegated to the footer of a website or email.
The relationship between consumers and data transparency (or in some cases, lack of transparency) is not unique to internet marketing. Parallels can be drawn between online data transparency and methods used for years by retailer loyalty programs. Long before the internet, enrolling in a loyalty program gave the issuer access to a consumer’s personal spending habits, geographic spending data, and other personal data -- and consumers rarely read the fine print in their agreements.
The reality is, reading and taking the time to digest privacy policies is a huge ask, especially in the context of the internet, which has become synonymous with instant gratification. One study found it takes more than 200 hours -- longer than a typical work month -- to read the average privacy policy word-for-word on the websites we visit each year.
Although that is an entertaining statistic, most consumers do not have any idea what they are saying yes to when signing into apps or agreeing to a website’s terms of service. They are blissfully unaware of exactly how companies use consumer data to test marketing campaigns, improve the customer journey, or share with third parties. At the same time, and perhaps consequently, there is growing pressure from regulators and lawmakers to force apps, websites, and online services to be increasingly transparent -- to clearly explain how consumer data is used.
Transparency Without Fear
Transparency has considerations for data providers, buyers, and consumers. Historically, some data providers have pushed back on transparency regulations because they saw them as a threat to maintaining their advantage in an increasingly competitive market.
For some companies that monetize data, the methodology on how and where their data is sourced is akin to trade secrets -- it’s their “secret sauce.” In efforts to protect their autonomy around consumer disclosures, reputable companies focused on enacting their own data management best practices. For more than 40 years, the marketing data industry focused on self-regulation with an emphasis on providing consumers notice and choice regarding the use of their data for marketing purposes. They had to self-regulate because no state or federal legislation existed to govern best practices and they were dealing in consumer data; they needed to make sure they got it right to maintain the integrity of their business and relationships with customers.
Without discounting the need for consumer privacy, the industry chose to champion self-regulation as an alternative to state or federal regulations. It was a small industry, conscientious about consent and personal identifying information before government directives were enacted to protect consumers. However, with the digital evolution ushering in a host of new companies attempting to monetize consumer data, self-regulation may no longer be adequate.
In retrospect, the industry’s preference for self-regulation may have been misinterpreted as an attempt to hide nefarious practices and likely accelerated the shift towards stricter privacy regulations. Right or wrong, states are passing privacy legislation in response to the perception that data companies are acting disingenuously and withholding information.
Embracing transparency is the first step in demonstrating that the data industry is not the enemy. There is a middle ground that provides transparency for consumers without revealing proprietary information or impinging on confidential partnership agreements. Companies can promote a culture of transparency while protecting their business. In fact, at least for now, being among the first to embrace a transparent approach to data collection could be a competitive differentiator.
Building a Culture of Transparency
First and foremost, data transparency requires consistency within an organization, and in some respects across the industry, so consumers can easily understand and navigate their privacy choices. Despite the ever-growing volume of data complexity, consumer data privacy is a fundamental business responsibility. Companies that stand to benefit from data must protect consumer privacy to the best of their ability.
Being transparent with the use and storage of data can help keep companies compliant with data privacy regulations, but industry leaders are realizing compliance is the bare minimum. When legislation is likely to move in a certain way (for example, new requirements around data deletion) companies with solid data governance policies will be well-positioned to enact changes ahead of their competitors and ensure they continue to do right by the consumer.
Ultimately, transparency programs should give consumers a feeling of a fair and appropriate value exchange for the use of their data. What this looks like in practice will differ, but in general, data collection frameworks should:
- Offer clear and simple privacy policies and opt-in/opt-out language
- Easily allow consumers to exercise their privacy rights with a minimal number of “clicks”
- Monitor upcoming industry changes and be flexible enough to accept new regulation
- Follow industry best practices for establishing data taxonomies and data transference
- Practice data minimization -- if data is not needed then it is not stored
Some industry trade associations are helping brands and advertisers navigate these difficulties by creating industry standards, filling gaps in legislation, and creating consistency in consumer reporting. The IAB Tech Lab, for example, produces global technical standards and solutions to support a healthy and sustainable digital media and advertising industry. The Association of National Advertisers has amassed more than 3,000 entries addressing the integrity of data and measurement.
No doubt it is a heavy lift to administer vast amounts of transactional data. Managing new regulations will soon highlight the disparity between mature companies with strong data governance practices and companies focused solely on a data grab, which is no longer a sustainable business model. Some companies simply will not be able to adapt; others will not have the technology or capabilities today, but they can put wheels in motion for the future.
Most consumers may not totally understand data privacy implications or read every word tucked in the fine print of every data privacy policy, but the vast majority do recognize that sharing personal information opens the door to a variety of threats -- and they expect the companies they do business with to mitigate those risks on their behalf. Data professionals should be thinking beyond the letter of the law. Companies that commit to the spirit of transparency will be better equipped to manage tomorrow’s compliance requirements while investing in the relationships they have with their customers.