woman hiding her face
PHOTO: Priscilla Du Preez

The consumer privacy landscape is rapidly changing. Europe has been leading the charge with the General Data Protection Regulation (GDPR). In the US, however, companies are faced with a patchwork of laws. The California Consumer Privacy Act (CCPA), one of the better known regulations, just started being enforced on July 1. Other states may follow suit with slightly different rules, and California is voting for a new privacy act in November.

While most marketers understandably approach privacy with feelings of skepticism and loss, we offer a contrarian view. Marketers should embrace privacy legislation as it provides an opportunity to redefine their data strategy and deliver an exceptional customer experience.

For decades, the effective management of customer data has been an aspiration. The dream of seamlessly connecting customer data has been held hostage by the reality that adding on new data is easier than joining data to an existing architecture. Data is often siloed and underutilized as a result.

Analytical leaders noticed this deficiency. But every corporation has a list of ways it can improve its operational efficiency, and somehow cleaning up a mess never quite fit the bill. Ultimately, it was easier to add an 18th data set instead of trying to resolve conflicts amongst the other 17. 

As marketers grapple with new privacy regulations, they should follow these three steps to redefine their data strategy and ultimately embrace regulation.

Related Article: Customer Trust: Are We Experiencing an Existential Crisis?

Develop a Clear Sense of Your Customer

The concept of "a customer" is surprisingly fluid for most marketers. It may represent an email address or a mailing address or a website login. At one retailer, one of us (Raghu) technically represents a dozen customers. Why? Because new customers are given 15% off, and Raghu has a lot of email addresses.

How may regulations force a different and even beneficial perspective? Raghu is one person, and any information about his behavior is relevant to a CCPA request. How the business is organized and spreads that information around is unimportant. Businesses will have to finally answer this challenge: clearly describe who their customer is and then update their data sets around that definition. The secondary benefits, such as cleaner metrics about new customer acquisition, can help a company understand whether it is successful in acquiring new customers or if it's simply incentivizing people to sign up one more time with a different email address.

Related Article: Will There Still Be Marketing After the GDPR?

Redefine Your External Data Partnerships

In the past, simply having the capability for integration (e.g., an API) was sufficient for a data partner. The burden of functionality fell on the company. The marketing team at one large fashion brand we spoke with took only a few minutes to import their customer list into a new digital advertising platform. But, it took their engineering team another six weeks to integrate that same system with their CRM data in order to manage compliance and appropriately use of data.

Moving forward, companies need to impose higher demands on their data-sharing partners. The partner needs to build more robust tools for integrating customer data as part of the relationship. This can help reduce the costs to their own engineering teams and in satisfying ad-hoc requests under CCPA.

Related Article: The CCPA Provides an Opportunity for Competitive Gains in Customer Experience

Measure the True Cost of Your Data

Advancements in cloud computing have made data storage remarkably inexpensive. But while a single gigabyte of customer data would technically cost just pennies a month, companies are now facing the added cost of securing and retrieving this data because of the changing privacy landscape.

Consider what happened when one of us (Neil) requested personal data from a hotel chain. Neil’s information was fragmented, partially digitized and limited to a single property that he stayed at overnight nearly five years ago. The corporate office then relied on a similar process for nearly two dozen other properties and compiled a 170-page document to remain compliant. To put this single data request in perspective, a company receiving 10,000 of these each year (less than 1% of California's population) could spend upwards of $2.5 million annually in analyst time simply satisfying their privacy requirements (assuming that an analyst’s time is about $25 per hour and they spend about 10 hours or so per request). And around 20% of businesses are expected to cross this threshold by the end of 2020.

Privacy regulations are offering companies an opportunity to redefine their data strategy. After talking to many of the companies scrambling to become privacy compliant, we find some fairly surprising results. Most of the data subjected to these regulations isn't being used anyway. It’s aspirational. (“We could do this someday.”) It’s flawed. (“We need to clean up these fields before they can be applied.”) Or it’s redundant. (“We have this data, but it’s not our source of truth.”)

We are on the verge of witnessing a revolution in how customer data is managed. By emphasizing a new understanding of the customer, third-party partnerships and where value is created, companies will better serve the demands of the modern consumer. This is where we see visionary leaders seizing on the moment to create a new sense of alignment for their organizations.