How to navigate tightening privacy regulations

Published on the 06/08/2024 | Written by Billy Loizou


How to navigate tightening privacy regulations

Third-party data and cross context behavioural advertising impacts…

The European Union’s 2016 General Data Protection Regulation (GDPR) kicked off a global shift towards more stringent data protection – now Australia is following suit with proposed amendments to its Privacy Act 1988.

The GDPR and California’s Consumer Privacy Act (CCPA), launched in 2020, set new standards for data privacy, limiting how businesses collect, store and use sensitive consumer data.

“This transition will necessitate changes in targeted advertising practices.”

In Australia, the Attorney-General’s Department has put forward 116 proposals to amend the Privacy Act, with the federal government already agreeing or agreeing in principle to all but 10 of the proposals. Legislation is expected to be introduced and passed quickly in the coming months, signalling a rapid shift in the regulatory landscape.

Key changes and their impact on customer data

At the heart of these changes is an expanded definition of Personally Identifiable Information (PII). This broader interpretation will likely include modern forms of personal data such as location information, IP addresses and device identifiers. It may even extend to inferred information about an individual’s preferences or predicted behaviours.

For brands, these changes signify a shift away from reliance on third-party data and towards a greater focus on first-party data. This transition will necessitate changes in targeted advertising practices. For instance, social media platforms such as Facebook and TikTok can no longer simply check which users meet specific demographic criteria and push ads to their feeds based on third-party data. Instead, they must rely on first-party data and more sophisticated targeting methods.

Learning from privacy predecessors

While the transition may seem challenging, Australian brands can learn valuable lessons from their counterparts in the United States and Europe, who have already adapted to similar regulations.

Many businesses have successfully pivoted by utilising conversion APIs and developing robust first-party data strategies. For instance, instead of relying on cross-context behavioural data, companies are now targeting ads based on information voluntarily provided by users on specific platforms.

The state of preparedness

Recent studies indicate that many Australian brands are underprepared for these changes.

A recent survey by Arktic Fox revealed only 29 percent of marketing, digital, and ecommerce leaders believe their organisations are effective at activating data to deliver impressive customer experiences. Even fewer (22 percent) are confident in their organisation’s data management and maintenance practices.

This lack of readiness is concerning, given the potential consequences of non-compliance.

The Office of the Australian Information Commissioner (OAIC) has flagged that it will impose fines of up to $2.2 million for each contravention on organisations that fail to meet the new standards.

Moreover, the Australian Community Attitudes to Privacy Survey 2023 found that data privacy is the third most important factor for consumers when choosing a product or service, after quality and price. A staggering 92 percent of respondents said they would like businesses to do more to protect their personal information.

The role of customer data platforms

This is where Customer Data Platforms (CDPs) come into play.

They are designed to help brands navigate the complexities of new privacy rules by consolidating data from multiple sources into a single, manageable platform. This consolidation allows for the maintenance of accurate consumer profiles while facilitating compliance with consent management and data minimisation policies.

A well-implemented CDP can streamline the application of governance policies across all data types and sources. It simplifies the tracking and management of customer consent for data collection and use, making it easier for businesses to ensure their customer data activities comply with legal requirements.

Furthermore, CDPs can be configured to retain only the data that can be lawfully used and only for the period stipulated by privacy regulations.

Choosing the right CDP

When selecting a CDP, brands should look for features that facilitate easy compliance with privacy obligations while still allowing for the construction of rich customer profiles. The ideal CDP should also integrate seamlessly with existing tools and technologies.

Key features to look for include:

– Creates a unified customer view

– Usable and accessible data across the organisation

– Easy integration with other tools and platforms

– Orchestrates audiences across activation tools

– Supports cross-channel measurement

– Stays safe and compliant with changing regulations

– Performs at the scale and pace of customer data

As Australia moves towards stricter privacy laws, investing in a reliable CDP is becoming crucial for brands. This investment will enable them to build comprehensive customer profiles while ensuring compliance with upcoming regulations.

By taking this proactive approach, Australian brands can avoid the potential financial and reputational damages associated with non-compliance while also meeting the growing consumer expectation for better data protection.

A new frontier for customer trust

The shift towards stricter privacy rules presents an opportunity for businesses to build trust with customers by demonstrating a commitment to data protection. As the privacy landscape continues to evolve, those who embrace these changes and adopt the right tools, such as CDPs, will be best positioned to thrive in this new era of data privacy.

About the Author

Billy Loizou is are VP APAC for Amperity, a lakehouse CDP. He has 15-plus years in design, technology and marketing, helping some of the world’s most renowned and respected brands improve their customer experience and drive profitability.

Post a comment or question...

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Other Articles by Billy Loizou

First-party data in banking

First-party data in banking

opinion-article |November 22, 2023 | Billy Loizou

Resolving identity key as third-party cookies crumble…


Warning issued on ASIC’s AustralianSuper action

Warning issued on ASIC’s AustralianSuper action

opinion-article |October 10, 2023 | Billy Loizou

Why identity resolution matters…


First party data_Amperity_Billy Loizou

First-party data a vital business asset

opinion-article |April 14, 2023 | Billy Loizou

Identifying and protecting the data you own…


Processing...
Thank you! Your subscription has been confirmed. You'll hear from us soon.
Follow iStart to keep up to date with the latest news and views...
ErrorHere