3rd April 2008
NMA
Consumers are often willing to give out their personal data, especially on social networks, yet they seem wary of how it may be used by marketers. Nicola Smith looks at how can brands stay safe amid such contradictions
When Facebook launched its Beacon advertising system in November 2007, allowing it to broadcast what users had bought on external partner sites, all hell broke loose. An online petition against it topped 78,000 endorsements, prompting the social network to adopt an opt-in rather than opt-out policy for the initiative.
This, plus the recent strategic marriage of Google and digital marketing specialist DoubleClick, not to mention Microsoft’s persistent courting of Yahoo!, has again brought the murky issue of online privacy to the fore. It seems that striking the balance between carefully tailored advertising and barefaced intrusion is a fine art.
Like many aspects of the fast-evolving new media industry, the rules are still being made, and broken, as people learn. Online privacy is no different, with a host of messy and complex laws rife with loopholes and room for interpretation. As Kiran Sandford, head of IT at law firm Mishcon de Reya, says, it’s not just the Data Protection Act that businesses need to be concerned about. “There’s a plethora of regulatory requirements - for example, to obtain consent for electronic marketing and to inform users that cookies are being used.”
Unsavoury cookies
Cookies, which can be used to keep a log of what sites people visit, are an important area of activity. In December 2007, Ask.com gave its users more control over their privacy with the AskEraser button, allowing them to delete their search activity from Ask’s servers. Some ad networks have also given users a degree of cookie control. Brendan Condon, MD of Advertising.com, says, “It’s vital that advertisers and their partners are upfront about their use of data to educate users so that they fully understand what data is collected and how it’s used.”
The Facebook/Beacon issue has prompted people to look more carefully at what information is being stored and used by cookies. Rob Watt, media director at digital agency Avenue A/Razorfish, says, “If users fully understood how cookies work and how they can be used for behaviourial targeting, for example, then they’d probably opt out. Although data is anonymous, it could be matched to specific user details.”
Barclays uses behavioural targeting based on anonymous, aggregated data. In the experience of Julian Brewer, head of online sales and content, this is acceptable to customers. “Customers are happy with it because it doesn’t identify individual data,” he says. “Even if it gets implicitly personal - for example, if you go to a home insurance site but don’t get a quote, that company might still track you and offer a discount if you come back and buy - I think customers would see that as helpful.”
Nowhere is personal data uploaded so willingly and in such abundance as on social networks, which further muddy the waters of what is and isn’t personal data. As more and more people sign up, there are concerns that their information isn’t properly regulated, leading to fears that clumsy legislation will be forced on the industry in the near future. David Gilbert, client director at digital ad agency TBG London, says, “I’m sure legislation will be stepped up and consumers will become even more sceptical about handing over their personal details.”
Will McInnes, MD of social media agency Nixon McInnes, points out that the Telephone Preference Service gave people the power to block marketing phone calls and pop-up blockers enable us to avoid pop-up ads online. So it stands to reason that a “combination of behaviour, technology and legislation will make it harder for unethical use of personal information”.
With this possibility, Watt believes the industry needs to self-regulate, and fast. “Self-regulation exists in pockets - for members of the Internet Advertising Sales House [IASH] or Internet Advertising Bureau, say - but neither of these bodies has any teeth,” he says. “Brands and their agencies need to regulate their own behaviour and how they work with publishers.” He suggests asking questions of publishers and even getting them to sign contracts that cover key data protection issues. “It will be a while before there’s true industry regulation. Clients and agencies should protect themselves first.”
Email Issues
Aside from ensuring that they’re legally compliant, brands face a host of other problems associated with privacy online, not least the immediate nature of the medium. Ted Wham, general manager at email marketing company Epsilon and former advisor to the US Federal Trade Commission on online access and security, says, “Unlike other channels, email and online marketing permit consumers to provide instant and constant feedback about the quality of the marketing communications they receive. It fundamentally changes the game and creates a fresh set of challenges for marketers.”
For example, email users can mark a message as spam, which can result in a marketer being blocked even if that company received specific permission to send the email communication. “The key challenge for marketers is to fully embrace consumer control and respect their privacy preferences just to participate in the market, let alone be successful in it,” says Wham.
One brand apparently getting it right is online electrical retailer Dabs.com. “Our opt-in rates for email have increased from about 75% to 90% over the last 18 months,” says marketing director Jonathan Wall. “This is a ’soft’ opt-in but still shows that customers are willing to give their information to trusted sources.”
But the challenge is, arguably, becoming harder all the time. While Donald Hamilton, UK general manager of behaviourally targeted advertising specialist Wunderloop, believes that the Facebook incident may have helped to build trust because the brand was quick to respond, others disagree. Yann Motte, CEO of social network and aggregation site WebJam, says the controversy has raised awareness of the value of data. “Online users are now more cautious than ever about placing information online,” he says.
The issue of trust between consumers and brands is the ultimate concern. This is an area where the banking industry perhaps has an advantage because customers have a certain level of trust already. “There’s lots of evidence that customers are interested in having things far more personalised within the secure area of a bank’s website, to give them a better experience and better deals,” says Barclays’ Brewer.
“There’s also evidence that as long as a customer has opted in, we could target them with trusted third parties that are relevant to them,” he adds. “For example, Barclays might be able to negotiate deals for electrical goods, and if we can make them available in the secure area, I think customers would see that as appropriate.”
Ivan Izikowitz, MD of search marketing specialist Clicks2Customers, says defining what information a customer needs to give is the first step in winning trust. “It’s about clarity. Many marketers just assume that collecting and holding personal data is valuable, but often they have no predefined purpose for that data.”
Not only can this lead to poor-quality data, it can also make customers wary. “If you ask for personal data you don’t need, some consumers will go elsewhere or just lie,” says Chris Pounder, privacy expert at law firm Pinsent Masons. “Always explain why you need data and keep it on the side of ‘this is the minimum information we need to identify what services you might like’.”
It’s also about how the data is used. Michael Steckler, UK MD of AOL, says, “Don’t seek to collect any personally identifiable information.” AOL’s behavioural targeting company Tacoda uses cookies to track users anonymously as they visit different pages and websites. They then work with advertisers to target pre-qualified segments that correspond to a precise audience required. “Targeting should be based on large groups of users who share similar characteristics, not individuals,” says Steckler.
Izikowitz believes that winning customer trust is also rooted in understanding what makes the customer tick. “Know what they might value and provide some value to them in exchange for imparting data,” he says. For example, Columbia Records collects registration data and signs up subscriptions to its newsletter by offering a widget loaded with a specific artist’s music.
Do consumers care?
It’s hard enough to market effectively in the online world, but with the looming threat of tougher laws and growing consumer resistance to the volume and depth of information being captured, things could get tougher.
Quite how much of an impact the Beacon furore will have is unknown. After all, does joining the ‘Facebook stop invading my privacy’ group mean anything more to users than their joining the group titled ‘All girls on Facebook should be required to have a picture in a bikini’?
Epsilon’s Wham remains sceptical about how much consumers really care about online privacy, citing a Forrester study from December 2005 that concluded consumers are mostly ‘all bark and no bite’. “Most say they care about keeping their personal information private but will trade it for value and convenience,” he says.
Perhaps such behaviour is a result of naivety about exactly what data is being captured when and how it’s being used. But it certainly suggests that if brands demonstrate they’re using the information to drive value, consumers will share.
“Brands need to fully appreciate that consumers are unaware of privacy issues online,” says McInnes. “They can choose to exploit those naiveties for short-term gain, or educate consumers and build long-term credibility.”
Socially Savvy?
Research from the Information Commissioner’s Office in November 2007 looked at young people’s social networking habits. It found that 33% of young people have never read privacy policies on social networks and don’t understand how they can manage their personal information. 95% are concerned, with 54% caring ‘a lot’ about how their personal information is used. 60% of young people post their date of birth, 59% give their personal email address, 25% post their job title, 22% give their mobile phone number and 9% give their home address.
Private assets
Tink Taylor, business development director at Dotmailer.co.uk and a member of the DMA’s Email Marketing Council, offers ten tips for brand marketers who plan to make privacy an asset to their brand.
1 Display a clear link to your privacy policy on your site’s home page;
2 Make it accessible wherever you collect online data;
3 Use your brand’s conversational tone in your privacy policy. It shouldn’t read like a legal directive;
4 Always get consent for the use of visitors’ personal data;
5 Live up to your brand’s promises regarding privacy;
6 Say if someone’s name will be used when contacting their friends virally;
7 Remember, someone acquired through viral marketing can’t be emailed more than once unless they give permission;
8 Always include an unsubscribe link in any email marketing messages;
9 Have a policy to deal with subject access requests or complaints;
10 Know the legal requirements imposed by the Data Protection regulations for email, web and viral marketing (see http://www.ico.gov.uk/).
Loading ...
Subscribe to RSS
