Opinion

|

Business Is Personal

Why So Many Privacy Policy Updates? Part 1 of 2

The backstory to what's behind recent privacy policy changes.

If you buy stuff, do business, and/or take courses online, you deal with someone who collects your email & other personal info. Recently, you’ve probably received numerous emails regarding changes in their privacy policy. A privacy policy documents how a company uses the data they collect during the process of selling something or providing content to you.

A little backstory is necessary to paint a picture of why data privacy has gained recent attention & how recent changes could affect your business.

Why the data is important to businesses

If you’ve gotten a credit card offer in the mail, credit card / bank / credit bureau data about you was used to turn you-the-product into you-the-customer. It’s easy to buy a list of mailing addresses of people who make more than $75K a year, live in upscale neighborhoods, & own their own homes. This is not new in the Facebook era & they aren’t the first company using this data. It’s been happening for decades.

Some of this use is wise. Advertisers want the best return for their investment & businesses want the advertisements they offer to be effective so that advertisers keep advertising.

When we see out of context ads, they seem stupid & annoying. You may wonder if the advertiser (and the company displaying the ad) know what they’re doing. Effective advertisers don’t make money being stupid, and annoying. They like putting stuff in front of you that you’re inclined to buy.

Retargeting, not Big Brother

Advertising effectively includes using what you know about a prospect to show them ads for things they’ve previously shown interest in.

Perhaps this morning you looked at baby clothes on Amazon. This afternoon, you might have been weirded out to see an Amazon baby clothes ad in the Facebook sidebar.

This isn’t Big Brother.

It’s the smart (and sometimes obnoxious / overbearing) re-use of data collected when you were shopping. It’s called behavioral retargeting. When you visit Amazon.com, a blog, or Pinterest, your browser stores info about what you viewed.

Amazon advertises on Facebook. When they do retargeting, their dynamically generated Facebook ad has the ability to re-use the data your browser stored on their behalf while you were at Amazon, but they can only see the data they stored. Other sites you visit can also buy Facebook ads pointing at Amazon-offered (and other) products based on what you viewed when on their site, but they can’t see what Amazon stored.

Circling back to privacy policy

The value of this data grows as you collect more of it. When value is developed, there will be people who want to abuse it. Likewise, there will be people who want to steal the data and misuse it.

For years, the Federal Trade Commission has been tightening up monitoring and enforcement of advertising & (particularly) testimonials posted by US-based online businesses. This happened because of poor behavior by a small percentage of people. They made up testimonials, paid for testimonials (without making it clear that they were paid for), and/or sold their contact list to other businesses without telling customers they’d become their product, etc. While not all paid testimonials are a bad thing, misuse & less-than-ethical behavior was going on. The volume of complaints to the FTC was increasing.

Originally, there weren’t many rules about how the data could be used because the companies with this data treated it as a trade secret. Before company networks connected to the internet, data was easy to protect. Obviously, being connected to the internet changed that.

The FTC hasn’t taken the next step regarding the contents of the privacy policy. By requiring businesses to state how a person’s data would be used, they left action to the consumer by allowing us to choose businesses (in part) based on their stated privacy policy.

Brick and mortar businesses and organizations like Equifax haven’t been held to the same standards as online businesses, probably because they’re easier for the consumer to find & confront. However, businesses like Equifax are under no regulatory requirement to adhere to your requests about the data they collect about you. For example, when you ask them to delete your personal data from their systems, they don’t have to do it (and probably wont). You’re the product they sell, remember? More specifically, data about you is the product.

The misuse & lack of consumer control provoked what happened next.

Want to learn more about Mark or ask him to write about a strategic, operations or marketing problem? See Mark’s site, contact him on LinkedIn or Twitter, or email him at mriffey@flatheadbeacon.com.

Comments

comments