Published by Jessica Weisman-Pitts
Posted on November 16, 2022
5 min readLast updated: February 3, 2026
Add as preferred source on Google
By Jessica Jacobs, Global Director of Partnerships & Growth, Incubeta
The nuances of data privacy continue to bombard organizations from all angles, and, amid the impending sunset of Universal Analytics (UA), it’s time to stop playing catch-up. Instead, by enacting future proofing strategies around data as a first port of call, long-term compliance can be achieved as an automatic byproduct.
At data privacy’s ‘sunrise’, companies’ efforts were largely targeted towards the customer, ensuring that the ever-growing extent of information being handed over – wittingly or otherwise – was kept secure.
Next came the juggling act of leveraging that information in the most responsible, yet personalized way possible. The tightrope of a more bespoke and smart service, without looking invasive or ‘creepy’, is one that many businesses still fall off.
Across both of these critical junctures, however, and underpinning every decision that an organization makes in the data privacy space, is regulation. Four years ago, GDPR prototyped this more strict landscape, and several countries around the world have followed suit by ushering in their own interpretations of data protection.
But, as demonstrated by the upcoming depreciation of third-party data, compliance is never a rigid concept, nor set in stone. You only have to look to the UK, US and India to see how regulations can evolve, or take time to reach even a temporary form. In some countries the implementation of these rules can vary from within, with different states updating their own privacy laws according to their own timescales, making it difficult to keep track of which regulations apply to what region. With this in mind, instead of waiting for each new direction in this evolving journey, marketing leaders should look further down the road with their next steps.
By creating a future-proof, privacy-centric content strategy for their organizations now, they can both protect and delight customers, while remaining agile to future regulatory changes to come.
Put the customer first
Rewinding briefly to phase one of this data privacy conversation, the customer should still be at the forefront of minds when visualizing future regulatory adherence. After all, much of the changing legislation revolves around evolving consumer demands.
It is true that concerns around privacy have grown in recent years, as reliance on digital means of service provision has become more commonplace. However, what has also grown in tandem, is the expectation for a more personalized experience. The – often conflicting – upshot is one where marketing teams need to delve deeper into personal information to create a more individualized strategy, without breaching their privacy or jeopardizing data security.
Compliance-wise, this is reflected in regulators giving companies just two weeks to turn around any recognized issues of non-compliance before shutting down their entire online presence.
Self-accountability is part of the process, so it only makes sense to get that balancing act correct from the outset. If done successfully, not only will organizations be offsetting the need to reveal its own shortfalls in such a way, but customer loyalty will be emboldened in the process.
So, be transparent, be candid and be clear. Showcase to customers how their data will be used, how it will be protected, and how such existing, stringent regulatory requirements are being met.
First-party data presents a first-class opportunity
There is a slight, immediate glitch, to the above plan of action, however. The removal of third-party cookies is set to eliminate the head start that organizations have been getting to this point – their secret gateway to try and optimize data, and win over customers through indirect means.
This naturally places all of the emphasis on the collation of first-party data instead, which is not necessarily a bad thing. If an organization is already striving towards a sustainable future built on notions of transparency, relationship building and mutual trust, then dealing directly with consumers can be a great opportunity to showcase that approach and philosophy.
Again, there is a tightrope to be walked in terms of not coming across too invasive, as individual profiles and accounts are built. But, if handled delicately, and requested in exchange for incentives and rewards, then the payoff can be game-changing.
Here, the key is ‘data enrichment’. By enacting strategies such as extended reality campaigns, or incentivized data sharing, companies can begin to form more complete pictures of individual users, and collective demographics. That first-hand knowledge can then be converted into improved customer experiences more generally, and more bespoke offerings on a person-by-person basis.
Data enrichment is so valuable as it largely offsets the risk of changing regulatory landscapes. By dealing with first-party data only, the perfect representation of the ideal customer is formed; and best of all, it is formed with those customers’ direct permission and input.
A first step towards the future
The benefits of meeting customer expectations, and of enriching data, should be goals with or without regulatory pressures. It therefore makes no sense to wait for the exact dynamics of compliance to come to light before putting in place this future proofing strategy.
Legislation will indeed continue to change for different nations, regions and sectors. Similarly, we’re likely to witness similar step changes to the imminent removal of third-party data in the future as well. But compliance can be achieved ahead of time, if the actions being taken are responsible, customer centric, and – most importantly – still place data privacy as a priority.
Such an approach can get ahead of upcoming developments such as AI governance or data localization, because the core fundamentals will already be that perfect mix of lucrative and ethical. All companies need to do to get ahead of the curve is to maintain and demonstrate this human-centric, responsible approach to how data is gathered and used.
It is a mindset and course of action that should be taken even without the threat of legislation. Ultimately, it is an opportunity to build stronger, more loyal relationships with customers, en route to a more valuable data-driven business proposition.
Data privacy refers to the proper handling, processing, and storage of personal information to protect individuals' rights and maintain confidentiality.
Compliance in finance involves adhering to laws, regulations, and guidelines set by governing bodies to ensure ethical and legal business practices.
The General Data Protection Regulation (GDPR) is a comprehensive data protection law in the EU that governs how personal data is collected, processed, and stored.
Data enrichment is the process of enhancing existing data by adding relevant information from external sources to improve its quality and usability.
Explore more articles in the Technology category
