walking and texting

I’ve written before about privacy experiences and how you can benefit from an increased focus on user’s privacy. The follow up question I hear most in this context is how to go about implementing a privacy-centered user experience on your website and other digital channels while still delivering on KPIs and your management by objectives. After all, if you’re no longer able to track a user how can you tell if your advertising campaigns have been effective? Or if you’re even targeting the right audience with your content and ads?

The reality is privacy should not hinder your ability to deliver personalized experiences on your website. In fact, most users are willing to share their data if they feel they maintain control. CDN provider Akamai released a study that showed 55% of consumers are willing to exchange personal data with a brand they know and trust. That number increased to 66% when the user is given an option to control access to that data. This suggests it’s not an all-or-nothing approach to privacy. It’s just that the exchange of data has largely favored the recipients of the data (i.e., the data collectors and aggregators) over the individual. And laws like the CCPA and GDPR seek to rectify that imbalance.

Related Article: Evaluating a Web CMS in the Face of $5 Billion Fines

Privacy Experience and the Digital Customer Journey

So how do you go about creating a privacy experience built from your web CMS up to earn and keep the trust of your customer (while keeping your legal team happy)? First, let’s break down a typical customer journey on a website:

  • Customer hits the home page.
  • Customer navigates to a product page/shopping page.
  • Customer may add a few items to the cart.
  • Customer goes to check out.
  • Done.

Naturally this is a heavily watered down "happy" path, but you get the point. Along this typical journey several data points are usually collected from the consumer:

  • Cookies, beacons and pixels from when the visitor first visits the site for general display advertising purposes.
  • Cookies, beacons and pixels for re-targeting campaigns and to minimize cart abandonment usually dropped after user engages with the site.
  • Personal data collected at the time of purchase like email, SMS and mailing address.
  • Personal data collected if the user signs up for email newsletters and the like.

Throughout that journey you’ve collected and processed a number of data points on the individual from their interests and browsing history (cookies, pixels, etc.) to their personally identifiable data (email, SMS, ip address, geo-location, etc.). But typically, the “privacy experience” on a website looks something like this:

  • User hits the home page.
    • Vague banner at the bottom of the page talking about cookies that assumes the user has already given their permission even though most users couldn’t explain what a cookie is if their life depended on it.
    • A link to a privacy policy full of legalese that requires an advanced degree to interpret but starts with “We Value Your Privacy.”
  • That’s it …. No really. That’s it.

Not great, huh?

Related Article: Let 'Ethical by Design' Guide Your Use of Consumer Data

Introducing Progressive Consent

So how do we solve this less-than-ideal information exchange? You start by focusing on gaining customer trust at the moment they initiate the consent experience with your website. We call this progressive consent.

First, we look at each stage of the customer journey and highlight the exchange of data and what a user can expect to receive by agreeing to it.

  • User hits the home page
    • Small banner at the bottom, which explains in simple and “on brand” language and style that the only cookies running are for analytics and performance at the time, and includes a link to an easy-to-read and well-designed privacy policy.
  • User navigates through the product pages
    • Non-obtrusive message prompt that thanks them for visiting after a few clicks/pages in and asks if it’s OK to use advertising partners to inform them of deals and specials as they’re on the web.
    • Bonus — geolocation
      • For sites that use geo-location, don’t just rely on the default browser message to gain the right. Explain to the user why you’re asking to know their location and how they can turn it on or off.
  • User purchases and checks out
    • Clear disclosure that the data they provide will only be used in relation to this particular purchase and delivery, with a link to your privacy policy.
    • Optional check box that allows you to use their personal data to direct market to them in the future (optional here means it’s unchecked of course).

Progressive Consent Puts Customers in Control

The intent of Privacy UX is to highlight, along the customer journey, how and why personal data is collected and used, and to provide the user with a clear and actionable way to take control. We know many users want personalized experiences, personalized content and to be informed of deals through email and SMS. That hasn’t changed. What has changed is that consumers are asking for more control and information to protect themselves online.

Progressive consent provides that control. Cookie/consent walls attempt to collect everything up front, even though the user hasn’t really received any value yet in the exchange. Regulations are only going to become more complicated and fines for uncompliant companies more regular. If you offer your customers a progressive consent experience, you’re giving them the ability to control the information exchange with your brand. Not the other way around.