Data Privacy Management in Marketing Agencies is Rapidly Growing

Earlier this year, privacy expert Rachel Glasser was appointed as the Director of Privacy and Partner Activation at GroupM, the largest media investment company in the world.

Glasser’s hire highlights the growing focus of data privacy management in marketing agencies and companies across the globe.

Glasser works with clients and helps them understand the complex and dynamic marketplace of privacy.

She guides internal teams to stay current on hot-button privacy issues, industry standards, and changes to ensure proper protection when introducing new products and tech developments.

In an agency setting, different clients have different needs based on the nature of their business.

One role of the agency is to understand how partners and vendors work and how those partners can advance a client’s campaign strategy aligned to data privacy compliance.

Particularly for OBA purposes, but also other uses as well such as COPPA compliance and other specifically regulated areas.

How do you see the growth of the data privacy role at marketing agencies?

data privacy management in marketing agencies

As technology becomes more advanced and as more platforms migrate to digital formats, such as TV, we will see more in the way of data privacy implications.

And as this happens, we will see an increase in new technology partners who can execute on these new formats enter the marketplace.

I suspect the industry trade groups will issue guidance on safe and responsible uses of these new platforms in a privacy compliant way.

It will be key for agencies to remain up-to-date on these advances, and what it means for digital marketing and their clients.

Lastly, educating consumers on responsible data use practices is also necessary.

What specific type of privacy problems do you think your industry will be dealing with in the future?

I see new expectations coming to the forefront of what the industry will be dealing with in the future. What may have been “creepy” 10 years ago is no longer “creepy” now.

A good example may be how reluctant people once were to give out their cell phone number or email address years ago. And now, it’s almost expected that one would share that information.

Brands are connecting with consumers in entirely new ways that bring data privacy into the equation.

connected homes and techCross device targeting and attribution; connected TVs, cars, and wearable technologies – these new formats all lead us to raise new questions about privacy.

    • Do we want advertisers to know when we are in a particular location?
    • Or that we may drive too fast?
    • Do we want them to know we are using a tablet versus a smartphone?
    • And what information from those devices is necessary to the advertiser to collect?

It is also important to recognize some of the benefits that come with sharing information.

However, there is a balance that needs to be struck between how much and what information we are comfortable sharing, versus how much benefit the consumer receives from that sharing.

What are your top three data privacy tips (in general) for companies?

    • Educate your clients and your employees on best privacy practices and what they mean.
    • Be transparent with consumers about your data privacy practices, what data you collect, why you collect it and how you use it.
    • Allow consumers choice in whether they want you to collect and use their data – and honor that choice.

The more you practice what you preach, and the more you are open and clear with consumers, the more likely they may be to share.

What type of privacy concerns do your clients come to you with?

Clients often come to me with questions about compliance with the self-regulatory programs.

They often ask how they can participate, or what they need to do to be in compliance with self-regulatory programs.

I also get questions asking to evaluate current campaigns to see what regulations need to be adhered to for specific initiatives. It can really run a spectrum of topics.

Tell us about the importance of vendor management in data privacy.

It is extremely important to understand vendor capabilities and how their technology privacy practices

Organizations must assess all vendors’ data privacy practices, and to make sure their policies are aligned and compliant with data privacy regulations.

We need to ensure that vendors are accurately representing themselves to our internal teams. Working closely with vendors can dispel any inaccurate perceptions regarding their practices.

Most organizations implement a vendor risk management program to ensure compliance with global data protection laws.

What do you think most people would be surprised to know about data privacy?

I think most people would be surprised to know that data used for advertising purposes is not the same as security breaches at retail stores.

When consumers hear about a data privacy or a data security breach, they immediately think of identity theft. They do not distinguish between personal and non-personal data.

It’s the personal data that is tied up in security breaches that may lead to theft of identity if improperly handled. Conversely, non-personal data is used in advertising, and it is relatively benign.

The anonymous data consumers share with advertisers supports the free web, and provides the free content users have access to. Users need to understand the differences between first and third parties and how the different parties may use data.

Of course, it should all be left to user choice as to whether they want to share that data, but it is also very important for users to understand the difference.

I also think people would also be surprised to learn of how much they give up when they register on a particular website or voluntarily share their personal information.

Always read the disclosures, privacy policies, and terms of service so you understand what you are sharing and how it will be used.

There was an example of a UK business offering free WiFi if you agreed to terms of service. What users did not realize is that listed in the terms of service was an agreement to give up their first born child to the WiFi provider.

Of course this was all in jest, but it demonstrates the point that users do not fully read what they are binding themselves to when they click ok.