Privacy is for Europeans
In our work with mid-market, U.S.-based companies, we observe a prevailing point of view that privacy regulation only applies to Europeans (GDPR). People don't actually say that, of course, and everyone wants to protect their customer data in theory, but you can tell in their priorities and sense of urgency that solving for privacy regulation is not on the radar. But it should be.
Privacy regulation in the U.S. will happen. It is inevitable (see below). The digitization of every human touchpoint has opened up a view into people's lives that can easily get out of control. But that doesn't (and shouldn't) prevent digital leaders from continuing to pursue personalization, which requires a thoughtful, comprehensive view on how to collect, manage and take action on personally identifiable information (PII).
We call this concept "Privacy by Design," and it is something that Yield Group is still in the early stages of incorporating into our work. But we would rather bring this in at the foundational stages of the growth engines we build, versus having it forced on top of these engines after the fact (which is almost always more costly both in time and money).
Below are a few articles on privacy, data and personalization that have helped influence our thinking lately.
Important Note: The perspectives shared in this newsletter are our own and should not be relied upon as legal advice. We are not attorneys, nor do we play them on TV.
I found your data. It's for sale.
• Author: Geoffrey Fowler, Technology Columnist at The Washington Post
What is this about?
Geoffrey was alerted by a reader to a serious "data leak" involving millions of people and some *very* personal information. This was not a "breach," where hackers worked their way in to otherwise protected environments to steal information. This was an open spigot of personal data coming from the most innocuous of places ... browser extensions (how many do you have running on your browser right now?)
Why does it matter?
First of all, if you are like us, you will immediately check the extensions on your browser to see which ones need to go. But the bigger implication is to validate that the digitization of human interactions has created more opportunities for people to collect, aggregate and (mis)use highly personal information than we can possibly self-police. Keep in mind, these extensions are running on (or in) products from some of the largest and most sophisticated technical organizations in the world.
How can you apply it?
Have we mentioned that privacy regulation will happen? That train has left the station. It is time to start being proactive and taking a position on how your company will manage and use the personal information collected. The solution is likely complex, but the most important step is starting the conversation as soon as possible.
Time
You can skim this in 3-4 minutes. Some eye-opening facts healthy for any consumer to know!
Read the full post by clicking here.
GDPR: What Growth People Need to Know
• Author: Lauren Bass, Growth at Google
What is this about?
Lauren is a star in the world of data-driven growth and currently leads the Growth team for Google's products in the recruiting space. She wrote an article for Reforge that is an outstanding overview of the key elements every Growth Marketing professional needs to know to be compliant with GDPR.
Why does it matter?
I know what you are thinking: "privacy is for Europeans and GDPR does not apply to me" (see above). We ask that you consider Lauren's points not as legal guidelines with which you need to comply, but as a framework of how you design privacy into your growth engine.
How can you apply it?
Lauren hits on two key points to consider; consent and legitimate interests. We actually prefer to expand this to four key considerations:
- Consent should be freely given
- Companies should be transparent with how data is collected and where and why it will be used
- The use of the data should be for legitimate business purposes (this, admittedly, is a bit ambiguous)
- The customer/consumer should have control over their data
Go back to the browser extension article above. In those instances:
- Is consent freely given? No.
- Is the usage of the data transparent? Um, heck no.
- Is the selling of data a legitimate business purpose? Maybe, but would these companies have they data if they were transparent about its use?
- Lastly, does the consumer have any control over their data, after it has been shared with the company that created the extension? Absolutely not.
Privacy by Design means you begin to incorporate these four elements into EVERYTHING you do. If you design your user experience and data policies accordingly, you are able to focus on being an honest steward of the data you've been given v. merely complying with regulation.
Time
Not gonna lie, this is a doozy. You are going to need to dedicate a good 10-15 minutes. Consider saving it to Pocket and keep it as a resource :-)
Read the full post by clicking here.
A technology blueprint for personalization at scale
• Authors: Sean Flavin and Jason Heller, Partners at McKinsey
What is this about?
Sean and Jason, as Partners at McKinsey, obviously work with very big companies. So when they say "scale," they mean SCALE! But this post lays down the fundamental building blocks for personalization for businesses of any size, so don't be dismissive about the size of the tech stack they advocate (it's big), but consider instead the fundamentals beneath it.
Why does it matter?
In our work with mid-market CMOs, we often find that "personalization" is seen as something that is unattainable and reserved for really big companies. False. Don't over-complicate this. In addition, we find it good practice to have insight on what the "big kids" are up to.
How can you apply it?
Personalization starts with the basics.
- Map out your customer journey to identify personas (cohorts) and the information each needs along their respective journey (we wrote a series on this exact subject—here's the first post, which discusses personas).
- Focus on building out the data layer required to support and measure this journey.
- After you've completed #1 and #2, then work on the software stack necessary to deliver this information to the right person at the right time and over the right channel.
Sean and Jason list four key elements that need to be integrated in order to execute personalization at scale; Data, Decisioning, Design (as in content) and Distribution. Trust us, to avoid wandering into a sea of data and tools, start this process by mapping the customer experience.
"There are no advanced maneuvers, just maniacal focus on executing the fundamentals."
-Yield Group
Time
This will take 6 +/- minutes, but you can jump to a couple of really good graphics and get a lot out of this post.
Read the full post by clicking here.