One customer's terrific, personalised experience may feel deeply creepy to another. Individual interpretations of privacy matter.
The intersection of privacy and customer experience reminds us of the importance of collecting and managing consent, whether that involves collecting data to personalise an experience or marketing or another initiative we aim to pursue.
We saw notable examples including those from Verizon Wireless and InMobi where the breaches converged on issues of consumer privacy and consent. In both cases, firms used tracking information to deliver targeted ads.
What can brands learn from the many data breaches that made headlines in 2016? Here are Forrester’s top three lessons learned:
Develop core capabilities for privacy oversight and accountability
Designating an individual in compliance or legal to decide what you can do with customer data based on regulatory requirements is insufficient. Instead, your firm will need to develop a set of capabilities to create, enforce and assess policies and practices and thus manage consumer data privacy cohesively. This not only helps with efforts to meet compliance requirements, but also helps you build internal standards for privacy and data usage that align with corporate culture and values to balance data use innovation and risk.
Adopt contextual privacy practices to deliver desired customer experiences
One customer's terrific, personalised experience may feel deeply creepy to another. Individual interpretations of privacy matter. The new privacy is all about context. This means that your firm must allow customers to dynamically negotiate the collection and use of their personal data. As your firm designs its desired customer experiences, you must practice a "no surprises" doctrine (be transparent) regarding data collection and use, give consumers meaningful opt-in and consent options, and treat more data types as personally identifiable.
As your firm designs its desired customer experiences, you must practice a 'no surprises' doctrine (be transparent) regarding data collection and use
Align functions and procedures to follow through with privacy policies.
What will we see in 2017?
The new year has gotten off to a quick start: the Obama administration relaxed National Security Agency (NSA) data sharing rules, the EU released its proposal for ePrivacy regulation, Australia’s Federal Court issued a landmark ruling on what is considered “personal information,” South Korea submitted its intent to join the APEC Cross-Border Privacy Rules system, Family Tree Now and Meitu raised privacy fears among consumers, a new CIA director was sworn in despite concerns from privacy advocates, President Trump signed an executive order stripping privacy rights from non-US citizens (and might invalidate Privacy Shield as a result). The year is still young.
With your business priorities and this changing landscape in mind, what are your top privacy concerns going into 2017?
Heidi Shey is a senior analyst at Forrester.
Send news tips and comments to firstname.lastname@example.org
Follow CIO New Zealand on Twitter:@cio_nz
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.