By Guy Hanson, VP, Customer Engagement, Validity
While consumer data privacy continues to be a hotly debated topic and many regions are still grappling with how to effectively regulate this area, companies are fast realising that there's much to be gained by adopting stricter data practices, regardless of whether they're required to by law or not.
In regions that have introduced strong data regulations, like GDPR in the EU, companies have demonstrated improved results from their digital marketing programs, including increased customer engagement, higher consumer trust, and greater return on investment. In fact, for marketers everywhere, GDPR has been an unlikely lesson in the commercial benefits of giving consumers greater control over their personal data. Marketers appear to be relishing the benefits that tighter regulation has provided, and in the DMA's "Data Privacy: An Industry Perspective" report, almost 60% said they would like to see "more strict" data protection policy in the UK.
GDPR – from villain to hero
When GDPR came into force in May 2018, organisations across Europe were concerned about how they could continue to operate successfully under the tighter regulations. Many were worried that their marketing programs were going to be severely set back at the hands of the new laws.
A common concern for digital marketers in particular was their valuable email contact lists. GDPR enforces a requirement for subscribers to opt into email marketing correspondence. If they do not, the assumption is that they opt-out. Due to this, marketers had to choose whether to use "consent" or "legitimate interest" as their legal basis for processing personal data. Legitimate interest tended to be used when a customer relationship already existed, but it was where consent was relied upon that we saw many marketers having to chop away at sizeable email lists built up over many years. This is because consent had to be refreshed if the previous permission model had not met GDPR standards, for example a pre-checked box, and this resulted in many marketers effectively starting their lists from scratch.
However, despite their initial concerns, just one year after GDPR was introduced, businesses saw email marketing initiatives receive a host of benefits. The DMA's Data Privacy report found that GDPR offered broader business benefits with almost half (49%) of marketers stating that consumer trust in the handling of their data had improved as well as nearly a quarter (22%) saying customer relationships had been bolstered.
On top of this, the DMA's Marketer Email Tracker report noted an uplift against all major KPIs: increased deliverability (67% of respondents), open rates (74%), click-through rates (75%) and conversion rates (67%). Negative metrics that marketers want to avoid also reduced. Opt-outs and spam complaints were down by 41% and 55% respectively. This is hugely important as improved deliverability and lower complaints means companies have an in-built advantage when it comes to getting in front of their consumers.
The global legacy of GDPR
In many ways, GDPR has provided the blueprint for global data privacy regulations and many other countries and regions have either introduced (or are on their way to implementing) their own version of the tighter regulations. For example, the California Consumer Privacy Act (CCPA) is now in effect in the US. Despite some delays, Brazil's Lei Geral de Proteção de Dados Pessoais (LGPD) is now live.
Even in regions where new regulations haven't been introduced, the influence of GDPR is still being felt — with many companies in these locations choosing to be proactive in protecting customers' personal data regardless. A great example of this is Australia.
Australia – an exemplar of data privacy awareness
Compared to other parts of the world like the EU, Australia has long had a more relaxed approach to data privacy. Its current privacy laws date back to the 1988 Privacy Act and have remained largely unchanged since then (outside of some specific legislation such as the Spam Act 2003). While the Australian Government is set to conduct a review of the Privacy Act — including a potential right for consumers to have personal information erased as is the case under GDPR — this won't happen for several years
But despite having more relaxed regulations, many Australian companies choose to adopt strict data governance protocols. In fact, when it comes to ethical data practices, Australia is very much ahead of the curve without being legislated to do so.
The increase in the adoption of ethical data practices from companies in regions like Australia, where laws are less stringent, is indicative of growing global awareness around the commercial benefits of strong data governance.
By respecting privacy and using data thoughtfully, Australia has gained from one of the highest deliverability rates outside of Europe and Canada according to Validity's 2020 Email Deliverability Benchmark report. Companies engender consumer trust and loyalty — the modern-day currency of business – and this has never been more critical than in recent times with the disruption caused by the global pandemic.
Building trust in an uncertain world
With a large chunk of the world now working, socialising, and conducting everyday life online, consumers need extra assurance that the products and services they access take their privacy and personal data seriously. A recent report by Cheetah Digital found that in light of privacy breaches, many consumers are changing their online behaviour including installing ad blocking tech, disabling location tracking, and deleting cookies regularly. At a time when there have never been more online options for consumers, losing their trust quickly results in lost revenue.
Despite what some may think, adhering to good data governance does not mean sacrificing valuable insights and innovation. As demonstrated by GDPR, implementing more thorough data practices results in greater engagement and more accurate customer insights which in turn helps businesses to innovate faster. This is why more and more companies are proactively adopting stricter data policies, regardless of their region's regulations.