Woman holds up a dog with a Red Sox baseball jersey on.
PHOTO: Meaghan O'Malley

By now, marketers don’t need any convincing that consumers care about privacy. The proof is in the numbers. A 2019 Factual survey found 53% of Gen Z and 51% of millennials were either “somewhat” or “very” concerned about data privacy. And in its latest State of Digital Customer Experience report, Simpler Media Group (CMSWire's parent company) found for the first time respondents viewed privacy as a competitive differentiator.

We’re in 2020 now. Major data privacy laws like GDPR and the California Consumer Privacy Act (CCPA) are already in effect. Marketers should be thinking how they can help their brands gain customer trust. And according to some privacy and marketing experts, there’s no better time for marketers to take charge in data privacy efforts and stop deferring to legal, IT, or privacy and security teams. 

“We're actually seeing an increase in the need for marketers to take ownership over data privacy,” Kristina Podnar, digital policy consultant and author, said in an interview with CMSWire at the 2019 DX Summit. [Editor's note: CMSWire produces the DX Summit conference.] “And that's a really great opportunity. It's no longer about being a burden. It's about having an opportunity to step up and lead the organization in a way that's going to support marketers.”

Aligning Departments Across Business, IT

How do marketers get that support? They speak up. They support alignment with other departments. It’s about going to these crucial departments outside of marketing and “getting them to line up behind marketing, which traditionally has not been the case,” according to Podnar. “It's always been IT or security or privacy or legal leading the way,” Podnar said. “We're seeing a shift inside of organizations.”

Podnar said she met a practitioner who discussed that very effort: Wearing many hats is simply a necessity today. You have your IT hat. Your compliance hat. The business and marketing hat. All departments must think in terms of wearing multiple hats. “You can put those on as we need to have a conversation,” Podnar said. “Look at things from your compliance perspective, but then take the hat off, put the business hat on and try to understand what are we trying to do as a business, and then try to balance those two things out. And that's what I think governance and compliance is really all about today.”

Getting Ahead of Privacy in Marketing

Marketers need to lay out their annual plan for protecting consumer privacy, determine the risk factors, get legal engaged, do the required research and simply make good choices on data collection, according to Rose Hamilton, founder and CEO of Compass Rose Ventures and a former CMO. This is especially true “as you're thinking about infrastructure around data, thinking about what you want to give to customers and what data is the minimum viable amount you need to personalize,” Hamilton told CMSWire in a video interview at DX Summit 2019. “And as businesses are growing in that personalization capability it's now become an expectation from consumers. We have to be very careful about the infrastructure."

Related Article: 9 Considerations for Marketers in the Age of Consumer Data Privacy Laws

CMO Should Spearhead Discussion

So who should make this happen in marketing? Of course the easy answer is that it should be a “team effort.” However, the marketing leader, the CMO or VP of marketing, should be the one to start the conversation, according to Hamilton. “There's a lot to think about in terms of how you organize and orchestrate that data,” she said. “Policy, rules, regulations … it's really important, especially for the CMO, to be engaged with and helping spearhead the discussion.”

Getting the C-Suite to buy in is really where you will get traction, Podnar said. “What we really need is not necessarily them involved in the day-to-day of digital governance, but we need a mandate from the top.” CMOs can delegate to their direct reports to “make governance happen,” Podnar said, and that can include several things such as a digital governance framework. People in the organization need to understand there is a very clear mandate and priority around privacy.

Respecting User Privacy

Ultimately, marketers should take note of important regulations like GDPR, CCPA, LGPD in Brazil, POPIA in South Africa. More importantly, though, is recognizing the trend toward user privacy, Podnar said. “What people have to recognize is not the individual laws and the regulations,” she said. "They have to recognize the trend toward user privacy. And that's really the focus of what we have to get to."

Determine the commonalities among all of those regulations and laws and what they're really asking you to do: respect user privacy, give the user basic rights and basic freedoms and do that in a framework of transparency and trust. “And if you can do that, then you're going to find that you're 90% to 95% compliant across the board with the privacy regulations," Podnar said. "You might have to make some adjustments, but honestly, you'll be way ahead of other organizations, and you'll be realizing a competitive advantage which a lot of people lack today.”

Related Article: Accepting Privacy as a Customer Experience Issue

Leading Privacy Efforts Doesn’t Mean Cool Down Data Collection

GDPR did not turn marketing upside down, Podnar said. You can still collect as much information about customers and prospects as you like. “In fact, I encourage people to do that, but in a context where my information is being valued, where you're actually giving me something in exchange for my private data,” Podnar said. “... It's not about limiting the data you collect. It's about being open. It's about being transparent. It's about being respectful." 


Bottom line? This is about giving marketing the ability to move at the speed of innovation and technology they have at their disposals, but in a slightly different way they've done historically, Podnar said. Further, if consumers are not happy with how their data is being used, they're not going to give you the data, Hamilton said. “And if you're not providing value in a way they want to give you their data,” she added, “you're not going to get that data.”