As someone who lives and breathes data privacy, you see firsthand how quickly regulations are evolving and becoming more complex. You’re forced to think about the most pressing privacy concerns, when legislation applies to your business, how to comply, and how to prepare.
Fast changes to privacy laws are just one reason why data privacy is so top-of-mind today. The cloud is another reason. The cloud revolution that started in the 2010s plus the rise of SaaS applications has brought a ton of innovation and simplicity for organizations — but also a ton of complexity when it comes to data privacy. The bigger your organization gets, the more SaaS applications you use, and this increases your risk.
It’s also why regulators are coming down hard on organizations not complying with data privacy laws. One of the more recent examples of this is what happened with Sephora.
In August 2022, Sephora was fined $1.2 million because the California Attorney General alleged the beauty behemoth failed to do three things: alert consumers that they were selling personal data to third parties, provide an opt-out, and fix these violations in the 30-day grace period. This is a significant moment as it shows us privacy is about to hit an exponential curve as far as both consumer awareness and regulatory action go.
DataGrail recently published the 2022 Privacy and Ecommerce Report, which offers companies data and insights into the evolution of privacy and how they can build brand trust while still maintaining privacy compliance. DataGrail team members DeAndrea Salvador and Alicia diVittorio also spoke on a webinar with the IAPP to dive into our findings further, and this is what we learned.
Consumers Want Personalization — And Control
It comes as no surprise that consumers like and benefit from personalized experiences. But they’re also not willing to sacrifice control over their data. They want the power of choice, and when companies give that to them, people will more likely opt to share their data, especially with brands they trust.
According to the Privacy Awakening survey, eight out of 10 Americans are ready for some kind of privacy law at the federal level that’ll help them protect their data and give them the choices and control they desire. More statistics that back up just how serious consumers are becoming about data privacy are:
- 89% of people are concerned at some level about their online privacy
- 87% have taken action to protect their online privacy
- The top three actions people have taken are deleting cookies and browsing history (56%), unsubscribing to emails (51%), and using ad blockers (32%)
Consumers are most likely to exercise their privacy rights with social media companies, financial and banking sites, and online retail sites. And when it comes to requesting companies delete their data, they’re most often going to social media companies, messaging apps, and online retail sites.
Data Privacy is Overwhelming for Consumers
Data privacy is a lot to consume for both companies and consumers alike. Consumers especially can become overwhelmed thinking about how data privacy works, what rights they have, and whether or not they should exercise any of those rights.
Our most recent data backs this up. In every generation we surveyed, quite a few reported feeling overwhelmed by data privacy. The group feeling most overwhelmed is millennials. At first glance, this may surprise some. But when you think about the fact that they grew up with and have a deep understanding of technology, their concerns aren’t as shocking.
The younger generations are also more concerned about privacy protections in other areas too. For example, nearly 60% of Gen Z is fearful about privacy in a post-Roe vs. Wade world, while less than 30% of Boomers indicated privacy concerns in this area.
You Can Balance Personalization and Privacy
Personalization can be very powerful, and consumers appreciate it — if it’s done right. That’s why people continue gravitating toward brands they trust and that are transparent about their data practices, even if it means spending a little extra.
That said, 35% of people feel fed up about their data being used to serve personalized ads, and 25% feel creeped out. So how can companies bridge the gap between personalization and privacy?
1. Be transparent and reasonable.
Ask for the data you need upfront and explicitly state why you need it. The more transparent you are, the more you’ll build trust and the more likely consumers will share their data with you.
A phrase we’re using more commonly today is zero-party data: when you ask for data upfront and consumers share it willingly. This is how many brands moving forward will be able to create personalized experiences and build trust at the same time.
2. Respect consumer preferences.
In this survey, we asked how many consumers still get emails even after unsubscribing to a list. Between our 2020 and 2022 surveys, that number went up from 62% to 89%.
Because companies are using so many systems today, even companies with the best intentions may not be honoring those unsubscribes. You have to get a handle on the systems you are using so you can effectively listen to your consumers and honor their requests.
3. Make opt-out easy.
Check the user interface — is it fair, understandable, and easy? Opting out of communications and data sharing should be a simple one-click action, not several clicks. When you remove the barriers to opting out, they’ll feel more comfortable with you and trust your brand more. Opting out should be as easy as opting in.
4. Write a clear privacy policy.
Privacy policies, like so many other legal documents, are usually complex and confusing. Some companies also don’t have them easily accessible in communications or on their website.
Make sure your privacy policy is easy to both find and read. One strategy you can take is a layered privacy policy approach. This means you’d essentially have two privacy policies available: one that’s more complex with all the details and legal-ese, and one that’s much shorter and simpler.
5. Make it simple to exercise privacy rights.
DataGrail estimates that upwards of 30 million people have exercised their CCPA or GDPR privacy rights. With new and updated data privacy laws starting to emerge, plus the fact that consumers are becoming more aware of their rights, it’s more important than ever to make that process easy. Remember: The easier you make things on the consumer, the more they’ll trust and respect your brand.
Discover more data and insights to influence how your company can balance personalization and privacy by watching the on-demand webinar or downloading our 2022 Privacy and Ecommerce Report.