Marketers Who Respect Contextual Privacy Stand Out to Customers

By now, companies know that they must protect not only consumers’ sensitive financial information, like credit card numbers or account balances, but also the personal information that customers might provide, like name, address, and phone number. But it’s not just a matter of privacy; companies also need to safeguard the context around the data, Forrester Research analyst Fatemeh Khatibloo says in a new report, “The New Privacy: It’s All About Context.”

The privacy contexts that marketers must respect are temporal, spatial, functional, identity, and social, the report maintains.

Contextual privacy enables companies to collect and use private data to ensure a fair exchange of value, according to Khatibloo. A good example of this is loyalty memberships. Consumers provide their contact and other information to join loyalty programs. The trade-off includes loyalty program benefits, such as discounts. Starbuck’s is an excellent example of this. Members earn points for free drinks; the company gets the personal information for marketing purposes. The program has provided so much value for both that it is usually discussed in the company’s earnings reports.

But other companies offer less in exchange for the personal information, so many customers decline.

Contextual privacy ensures that the collection and use of personal data stays within a context and for a purpose on which both parties have agreed, Khatibloo says. Consumers might provide consent for the collection of personal data for certain purposes, such as to make online ordering quicker on subsequent visits to a company’s website, but not for others, such as selling to third parties.

With consumers becoming more privacy-savvy, they’re more willing to drop companies with uncertain privacy practices, according to Khatibloo.

“Privacy can be a business differentiator,” she argues. “Companies that embrace contextual privacy can differentiate based on treating their customers with more respect. Those that don’t embrace respect risk regulatory and publicity problems and consumer-driven backlash.”

Companies should practice a discipline of “no surprises” with data, she adds, and failure to do so can lead to large fines and consumer distrust.

The Federal Communications Commission levied a $1.35 million fine against Verizon Wireless in March of 2016 for the telecom company’s “supercookie” that made it impossible for consumers to opt out, for example.

Governments have been coming down harder lately on companies that don’t follow privacy regulations. Companies that violate Europe’s General Data Protection Regulation (GDPR) face fines of up to 4 percent of their global revenue. Similar legislation is in effect in several U.S. states, including California and Virginia, and in some other parts of the world.

While the largest corporations can likely absorb the fines, such penalties could cripple much smaller companies.

Organizations should enable customers to make informed choices about the data the company collects, Khatibloo says. “Collect only the data you need, storing it no longer than you need it.”

The storage issue has a couple of other financial implications—not only do companies stand to incur huge fines for data breaches, but if they also keep data that they no longer need, they incur the cost of storing that unneeded information.

While some companies justify their own data collection practices by comparing them to Facebook’s and Google’s policies, that’s a mistake, Khatibloo points out, noting that those two companies have had to pay fines and continue to come under scrutiny for their privacy practices.

Khatibloo adds that voluntary data stewardship is unreliable.

Khatibloo recommends that organizations take the following five steps to ensure they protect their customers’ privacy:

• create a cross-functional privacy task force with enforcement powers;
• establish an internal data privacy standard;
• audit all of the company’s collection, retention, and use practices;
• humanize the organization’s customer-facing privacy experiences; and
• work toward real-time negotiation with adaptive intelligence.

Ethical privacy practices will be the next consumer-driven source of differentiation, according to Khatibloo, who cited research that found consumers’ willingness to disassociate with companies because of their privacy policies is continuing to grow. In the United States, 44 percent of online adults said they would likely cancel an online transaction if they read something they didn’t like in the company’s privacy policy.